Fortifying the SD-WAN Story

In a recent recap of his Enterprise Connect session on software-defined WAN, UC analyst Zeus Kerravala, of ZK Research, wrote in a No Jitter post that many enterprise IT professionals don't understand the value proposition of this technology beyond the cost savings that result when using it to replace or augment high-cost MPLS circuits with less pricey broadband Internet connections.

SD-WAN technology, however, can provide a number of other benefits. Kerravala noted six: the ability to handle brownouts and otherwise protect against network failures, make configuration changes in minutes instead of months, orchestrate network paths dynamically, support zero-touch provisioning, connect directly to the cloud, and simplify operations. I would suggest "the ability to tighten security" as a seventh benefit, considering news coming out of one of the leading SD-WAN companies, VeloCloud.

VeloCloud earlier this week introduced an SD-WAN security ecosystem aimed at blending its architecture with existing enterprise security solutions from companies such as IBM Security, Check Point Software Technologies, Fortinet, and Zscaler. With this week's announcement, VeloCloud has launched an SD-WAN Security Technology Partner Program, with these four vendors among initial participants. The program is the formalization of a framework VeloCloud has been working on with these and other partners, with an eye on delivering an end-to-end -- extending from the premises into the cloud -- best-of-breed security option for SD-WAN, Mike Wood, VP of marketing, told me in a briefing.

This is a three-pronged program, Wood said. On the network side, VeloCloud has opened access to its full suite of APIs via a new software development kit (SDK). Using the SDK to access the VeloCloud APIs, security vendors will be able to establish a baseline of interoperability between the on-prem SD-WAN devices and the security services in the branch, Wood explained. In addition, VeloCloud is opening up its VNF framework so that security vendors can develop against and run their own virtual network function within it, Wood said.

Within the cloud, Velocloud is enabling security services insertion and interoperability into the cloud-delivered SD-WAN gateways it operates globally. And, at the management layer, it is supporting interfaces to leading security event information management (SEIM) solutions.

If you're using SD-WAN in conjunction with a UCaaS service, here's what this sort of ecosystem could mean for you. A UCaaS provider would be able to peel chat, collaboration, or contact center content sharing sessions, say, out of the path and "service chain" them into a secure Web gateway, session border controller, or virus scanner, for example, before they proceed to their final destinations.

Security is but the initial focus of VeloCloud's partner framework. The company can, and will, extend it to other technology vendors, Wood said.

As efforts such as this show, the value of the SD-WAN does indeed continue to unfold, as Kerravala noted in that No Jitter post. That's a must, I would think, considering his conclusion -- without a doubt, he said, SD-WAN is the "network architecture that can match the speed and agility of the cloud."

Follow Beth Schultz and No Jitter on Twitter and Google+!
@nojitter
@Beth_Schultz
Beth Schultz on Google+