Cisco SD-WAN stands out for its feature richness as SD-WAN 2.0. As introduced in Part 3, SD-WAN 2.0 not only enables efficient use of WAN bandwidth (line capacity), which is the original role of SD-WAN, but also enables various functions related to branch networks by linking with other network functions. It refers to SD-WAN that solves these problems.
One of the big reasons why SD-WAN 2.0 has so many functions is that the old Viptela's SD was added to the router product group "Cisco Integrated Services Router" (Cisco ISR) originally developed and provided by Cisco Systems. -The point is that it incorporates the technology of "vEdge", which is a WAN router. As a result, Cisco ISR can now be used as an SD-WAN router in addition to its traditional uses.
For example, one feature that Cisco Systems emphasizes in its SD-WAN routers is its security features. Cisco ISR alone can implement various security measures such as application firewall (WAF), URL filtering, and IPS (intrusion prevention system). In the future, Cisco Systems will strengthen cooperation between SD-WAN routers and switches for campus networks (in-house networks), switches for data centers, wireless LAN devices, etc., and has a vision to further expand the integration of network functions in its products. I'm here.
VeloCloud, which enables packet-level load balancing
VMware SD-WAN is an SD-WAN product developed and provided by VMware. Similar to Cisco Systems' acquisition of Viptela, VMware acquired VeloCloud to bring SD-WAN products into its portfolio.
This VMware SD-WAN has three major features. The first is that there is no CLI (command line interface) operation screen, and all operations, including troubleshooting, can be performed using the GUI (graphical user interface). Since there is no CLI, there is no need to be conscious of commands unique to network devices, unlike conventional network devices.
Secondly, even if the connection method is PPPoE (Point-to-Point Protocol over Ethernet), "zero-touch provisioning" that remotely applies settings to network devices is possible. With other SD-WAN products, when using a line that uses the PPPoE connection method, it is necessary to configure the network equipment in advance for Internet connection, which reduces the benefits of zero-touch provisioning. VeloCloud does not require any pre-configuration on your network equipment, even for PPPoE connections.
![Cisco, VMware, Silver Peak SD -Comparing WAN products What is the difference in cloud acceleration technology?: Network optimization in the cloud era [Part 4]](https://website-google-hk.oss-cn-hongkong.aliyuncs.com/drawing/article_results_9/2022/3/9/96c5794b0c22fcba91603e52a25cbcdf_1.jpeg "Comparing Cisco, VMware, Silver Peak SD-WAN products What is the difference in cloud acceleration technology? : Network Optimization in the Cloud Era [Part 4]")
VMware SD-WAN can issue a URL for zero-touch provisioning on the controller (web screen). The person in charge of setting up the base connects to the SSID (service set identifier) set from the factory on the SD-WAN router "VeloCloud Edge" from the client PC via wireless LAN, and accesses the URL issued at that time. Zero-touch provisioning is complete.
The third is that it is equipped with a unique technology called "DMPO" (Dynamic Multi-Point Optimization) as a traffic control function. DMPO can improve communication quality by detecting and correcting in real time problems that reduce WAN communication quality, such as data transmission delays, packet loss, and changes in the order of arrival. By using DMPO, you can solve problems such as interruptions in the audio and video of web conferences and streaming content caused by poor WAN communication quality.
If you are using multiple WAN lines, you can virtually use them as one high-speed line and perform load balancing on a per-packet basis. End users can easily experience WAN acceleration because load balancing is performed in more granular units than the session (connection from start to end of communication) unit load balancing available in general router products.
"Silver Peak" is resistant to the first packet problem of application identification
In traffic control by application identification, there is a "first packet problem" due to the inability to correctly identify the first packet. Fast packets are the first packets sent when a session is established, and application identification may not work correctly with fast packets. If the packet passes through the first packet and the application is identified in the middle of the communication, the communication path will switch and the session information will be reset, or a momentary communication interruption that will impair the real-time nature of the web conference will occur. To do. This problem does not occur in subsequent communications once application identification is completed, but it must be taken into consideration when implementing traffic control by application identification.
SD-WAN's application identification function basically uses the first packet to identify the application, so this first packet problem cannot be completely avoided. Silver Peak SD-WAN has a feature called "First-Packet iQ" for this problem. By obtaining the latest application identification data from Silver Peak's cloud database, First-Packet iQ can greatly improve the accuracy of application identification by first packet and suppress the occurrence of first packet problems.
The application identification function also uses IP address and FQDN (Fully Qualified Domain Name) information as identification elements. In the case of cloud services such as the office suite "Microsoft 365" (Office 365), where the connection destination IP address of the application changes irregularly, there may be a problem that you cannot connect normally when the IP address changes. . First-Packet iQ keeps track of such changes and updates identification data daily, allowing application identification to function normally.
In addition to application identification, Sliver Peak SD-WAN is a function that accelerates data transmission by utilizing communication data caching and rewriting the TCP window size (buffer area capacity). is also provided. Effective use of WAN is possible in a way different from DMPO of VeloCloud.
This time, we introduced three representative SD-WAN products. Each product has its own strengths, and a detailed consideration of your SD-WAN requirements will help you select the right product.
This is the final installment of a three-part series. It is expected that the use of cloud services will continue to expand in the future due to the spread of telework as a countermeasure against digital transformation (DX) and the new coronavirus infection (COVID-19). We hope that this series will help you when considering SD-WAN when building next-generation IT infrastructure.
About the Author
Yuki Kawabata Net One Systems Business Development Headquarters 3rd Applied Technology Department
Cisco Systems middle-end/low-end routers and switches Responsible for proposals, evaluation, verification, and technical support for the "Catalyst" series, SD-WAN, etc. He is also engaged in surveys and research on advanced technologies related to networks.
Ryota Yoshihara Net One Systems Business Development Headquarters 3rd Applied Technology Department
Mainly in charge of Cisco Systems products, evaluating and verifying products. He is also involved in network construction support and service development for cloud services.