Product Overview: VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud is a cloud-delivered, software-defined Wide Area Network (SD-WAN) solution designed to enhance enterprise and cloud application performance, simplify deployments, and reduce costs. Here’s a detailed look at what the product does and its key features and functionality.
What it Does
VMware SD-WAN by VeloCloud decouples the network control, management, and forwarding functions, enabling network control to be directly programmable and abstracting the underlying infrastructure for applications and network services. This architecture allows for the creation of a transport-independent secure overlay, enabling the use of any combination of broadband Internet or MPLS links to optimize throughput for all available connections.
Key Features and Functionality
Architecture
The solution is structured into three main layers:
- Cloud Network: Eliminates data center backhaul penalties by providing an optimized direct path to public and private enterprise clouds. Secure SD-WAN overlay tunnels (Edge-to-Edge or Edge-to-Cloud) enable access to enterprise and cloud applications such as traditional DC-hosted, Software as a Service (SaaS), and Infrastructure as a Service (IaaS).
- Virtual Services Delivery: Reduces the branch office footprint with single-click, seamless insertion, and chaining of virtualized services on premise or in the cloud. Services include Dynamic Multi-Path Optimization (DMPO), Cloud VPN, routing, segmentation, Next-Generation Firewall (NGFW), and voice quality monitoring.
- SD-WAN Services Orchestration: The VMware SD-WAN Orchestrator provides centralized enterprise-wide management configurations, real-time monitoring, and orchestrates the data flow into and through the SD-WAN overlay network. It also enables one-click provisioning of virtual services across edges, in centralized and regional enterprise service hubs, and in the cloud.
Components
- VMware SD-WAN Edge (VCE): A zero-touch, enterprise-class appliance that can be deployed as a physical device or a virtual machine. It connects to Internet ISP or MPLS networks, balances load across links, and provides routing based on orchestrator instructions. The Edge device supports deep application recognition, application and packet steering, and end-to-end quality of service.
- VMware SD-WAN Gateway (VCG): Deployed at top-tier network points-of-presence and cloud data centers worldwide, these gateways perform SD-WAN control plane functions, including highly scalable route distribution. They provide on-demand, scalable, and redundant cloud networks for optimized paths to cloud destinations. Each gateway has over 10 Gbps of peering capacity and is designed to be secure, resilient, and redundant.
Segmentation and Security
- Macro and Micro Segmentation: Allows for dividing the network into separate sites or locations and creating separate service domains within each site. This segmentation enhances security by isolating traffic between sites, services, applications, and users, and optimizes performance by prioritizing critical applications and services.
- Enhanced Firewall Service: Built on VMware NSX security technology, this service is integrated into physical and virtual VMware SD-WAN Edges. It improves performance, eliminates the need for legacy firewalls at branch locations, and provides comprehensive security managed through the VMware Edge Cloud Orchestrator.
Deployment and Management
- Zero-Touch Deployment: The VMware SD-WAN Edge devices can be configured and deployed remotely without the need for on-site network technologists. The Orchestrator simplifies operations by providing a centralized interface for configuration, troubleshooting, and monitoring.
- Multi-Tenant Capabilities: The solution supports multi-tenant gateways and orchestrators, allowing a single orchestrator to manage several customers and providing the ability to create private head ends for customers requiring separation.
In summary, VMware SD-WAN by VeloCloud offers a robust, cloud-delivered SD-WAN solution that enhances application performance, simplifies network management, and reduces costs by leveraging advanced segmentation, security features, and zero-touch deployment capabilities.