Administrator 05/16/2022

One of the perennial IT Infrastructure problems network managers faces is the cost of deploying and managing the network infrastructure.  The component parts of the IT Infrastructure like switches, and routers all need to be configured before installation.

IT Infrastructure management takes time and resources and hence cost.   As an example, if an equipment failure brings down a network or network segment, the replacement equipment must be manually configured before it replaces the faulty unit.    

As stated above, all network managers want a network that has no manual intervention in both configuration and management.  A Software-Defined Access (SDA) WAN  goes a long way toward that environment.

What are SD-WANs?

What are SD-WANs

SDA WANs are the first step on the way to an Intent-Based network (IBN). An SDA is a self-configuring, self-learning, self-healing network.   An IBN is true automation, an SDA that learns, adapts and evolves by itself.   IBN is only in the later stages of development, and network companies such as Cisco are working closely with Universities and Research Centres to bring it to commercial reality.

Simply put, Software Defined Access splits the network into two levels or planes – the software level which defines what the network looks like and how it operates and the physical level of the network infrastructure equipment.

The network planners use the SDA software to create and maintain a network definition and to manage it in operation. At the physical level, the network uses the network definition to configure itself as new equipment is added to it.

By being self-healing, an SDA also improves service levels.  For instance, if a switch fails, remove it, replace it and the replacement switch automatically configures itself.   Until the new switch is installed, the SDA automatically recalculates traffic routes and redirects traffic.  A network fault is corrected in considerably less time than by manual intervention, and service levels are maintained as far as is possible.

A self-learning SDA will also calculate the best traffic routes based on traffic patterns and the types of traffic.   If usage and traffic patterns change, the SDA recalculates new optimum routes.

This makes deployment and management of the network simpler and less resource intensive.  It is, therefore, cheaper and more effective.

It is a new technology and major IT companies, including Cisco, are fully embracing it, seeing it as a means of easily introducing new technologies into an existing environment.  An ideal environment for coalescing cabled and WiFi environments and introducing the Internet of Things and BYOD.

Benefits of a Software-Defined WAN


In addition to the obvious cost and service level benefits, an SDA provides others, including:

  • Traffic Management

    The SDA will provide network administrators with information that allows them to monitor endpoints.  Managers can identify, profile and group them.   They can analyse traffic and user behaviour to improve network efficiency.  Security also benefits from the ability to detect bad actors and identify malicious threats early.

  • Network Structure

    Most networks are segmented to improve security and protect against a total network failure if one part fails.   An SDA network allows multi-level segmentation and implementation of group-level access.  That means that the potential for total network failure is significantly reduced, and if an account or device is compromised, limits the range of the network that is compromised.

  • Security

    • Vulnerability Scanning

      An SDA can be programmed to scan continuously for threats and vulnerabilities and issue alerts if they find one.  Unusual traffic patterns can signal a DDoS attack, for example.   Automating scanning increases the chances of finding a threat or a user trying to break trust.  That will allow the network staff to mitigate the threat faster, reducing the chances of data damage or theft.

    • Threat Containment

      Automated processing can ensure that when a threat is identified it can be contained in quarantine or sandboxed while alerting the appropriate network administrator.   This is a critical part of containing threats as soon as they are discovered, again reducing the possibility of data corruption or theft.

    • Endpoint Monitoring

      The rise of the Internet of Things, remote working and working from home have increased the need for endpoint security.  An SDA network can continually monitor endpoints.  If the SDA software supports it, Artificial Intelligence and Machine Learning can self-learn potential threat types and potential unlawful access attempts to better prevent them in the future.

      If these processes are automated, it again increases their effectiveness and reduces resource requirements.

Overall, an SDA WAN can bring great cost and operational benefits to an organisation.  It eases the management of access solutions and protocols.  In short, an SDA Wan can reduce operational costs for an organisation by reducing the amount of time network staff spend on network management, and potentially the number of network staff.   An SDA Wan also increases network security by automating many monitoring tasks, thereby reducing the potential for successful attacks by damaging threats.

Leave a comment.

Your email address will not be published. Required fields are marked*