During Network Field Day 17 in January, VeloCloud gave a presentation about SD-WAN and there were a few surprises that I wanted to write down to make sure I got them right. Here is the primary video that outlines the features.
Self Learning and Auto-Configuration
VeloCloud wants to present a vision of SD-WAN as automated, contextual, and self-learning. I would call that intent-based networking.
The idea of “self-learning and adaptation” is unusual among SD-WAN vendors. Many network engineers focus on declarative networking with hard coding of all variables. The idea of self-configuration and automated change is anathema to many because product quality is so poor that it’s unsafe to trust the software. It’s certainly true that SD-WAN is automated configuration that works.
I was not aware that VeloCloud (or any SD-WAN solution) is PCI DSS compliant. Having a compliant WAN network does substantially reduce the burden of auditing and validation.
SD-WAN Provider Aggregation
At this point in the presentation (1540seconds) Service Providers can extend their network footprint by federating or using the physical networks of other regional providers.
If you have ever spent time working on carrier-to-carrier MPLS at a technology level you will appreciate this. If you have sat through business meetings where two carriers agree to carry each other’s traffic ……. well, you can guess the level of sadness I’ve experienced.
Couple of quick thoughts:
- This simplifies the interconnection of carrier networks by an enormous factor.
- Telcos get visibility into performance of the interconnection and can force the partner to deliver the agreed level of service for carried traffic.
Branch Functions e.g. Firewalls
We saw a demo of a Palo Alto VNF being instantiated on the VeloCloud edge device using the SDN controller. It was as simple as adding a license to VeloCloud Orchestrator to instantiate an instance on the branch appliance and then completing the cycle by registering with the PAN Panorama monitoring platform.
Here is the video showing a demonstration of the workflow that includes the licensing and monitoring of PANW virtual services. That’s quite impressive to me.