Elements of SD-WAN & SASE platforms: Differentiators, characteristics and the hidden secret

Published on June 2nd, 2020

One word is beginning to dominate the SD-WAN industry vernacular: platform. SD-WAN solutions and SASE offerings have become mashups that squeeze more appliances, features, services, cloud applications and AI tools into one offering, making all of them now platforms. While these product and service medleys might be as refreshing as a bouquet of assorted spring flowers to some, the term platform has become so over-used that it’s losing definition. In other words, the bouquet is wilting.

With platforms everywhere, it’s more important than ever to avoid the ones that leave IT systems fragmented and to invest time finding the natively integrated springboards to success. But to get there, we first need to define what an SD-WAN or SASE platform actually is, the characteristics that differentiate platforms from mere solution sets, and the hidden secret that enables users to easily provision, configure, orchestrate, and manage their network in this digital age of constant change.

Defining an SD-WAN or SASE platform: Start with the core

Quite literally, a platform is a standard foundation or lowest support substructure from which the larger SD-WAN solution is built. The degree to which the underlying architecture is standardized distinguishes platforms from solution sets. The key is one transparent ecosystem. When all capabilities share one common infrastructure from edge to edge, benefits include:

The core is what excludes many of today’s market solutions from being SASE or SD-WAN platforms. What lies beneath will largely dictate the customer experience, and, ultimately, success. SASE and managed SD-WAN providers typically use their own private network to serve as the unified platform. In these cases, users need to question whether the provider’s network is entirely software defined, and especially inquire whether it was built using a ubiquitous SD-architecture. If the entire foundation is software defined, virtually every network function will be easily programmable and modifiable via software.

A ubiquitous SD-core is the hidden secret. When the provider expands its SASE or SD-WAN solution with more appliances, features, services, applications and Artificial Intelligence (AI), it embeds all of those tools into the same SD-network fabric. This is how a platform extends its value – it gives its medley of capabilities a common ground and governed by software. Unlike solution sets, platforms deploy a vast number of tools into many different client environments – multiple clouds, branch offices, edge networks, mobile devices and data centers – and unite them all under a holistic service and management framework that provides deep visibility and end-to-end, uniform control.

Critical characteristics: Global, cloud-based, AI-powered
Features and applications embedded into the platform should interoperate as equal partners on the same operating system. Furthermore, the platform should also be global and cloud-based. With a platform that has global reach, the solution can make more promises of service consistency into every corner of your enterprise footprint. And with cloud and virtual delivery models, it provides not only the agility and responsiveness you require, but ultimately paves the way for automation.

Much the same way that software-defined network fabrics are the platforms of SD-WAN and SASE solutions, AI-based analytics and automation tools are the cornerstones needed to build fully automated networks or the autonomous networks of the future. Which means you want your SD-WAN or SASE platform to be leveraging AI-based analytics now, so that one day, it has the potential to be self-optimizing, self-healing and self-driving.

Let’s look at the way advanced SD-WAN and SASE-based platforms are using AI to automate network optimization and lean into the future. First, behavior analytics make sense of the seemingly endless streams of data describing the activities and state of a network. Machine learning turns that mountain of data into comprehensible intelligence, providing a human-understandable picture of what is going on, and makes that data actionable. This new level of understanding can provide:

These capabilities are available today. Network virtual advisors are made possible through AIOps tools (which stands for AI for IT Operations). Essentially AIOps can act as a virtual network assistant working 24/7. But this is just the beginning of autonomous networking.

Platforms: Breeding grounds for intent-based and autonomous networks
When these platforms also have automation tools embedded in the SD-network fabric, IT teams have the ability to program them using workflows and playbooks based on their standard network operations. This allows for fully automated network optimization and automated security improvements that will become the intent-based networks and autonomous networking of tomorrow.

Reaching full autonomy is virtually impossible without the purity of the platform’s underlying architecture. The complexity of the management environment affects the use of AIOps. SD-WAN and SASE platforms will be unable to provide AIOps tools the information they need to be truly effective when there are more generations of technology, more diverse infrastructures from more vendors and more protocols for integration. The value of AIOps can be made or broken based on the quality of the platform.

The 5 elements of an SD-WAN or SASE platform

To recap, here are the five essential elements that make up an SD-WAN or SASE platform.

Terry Traina

Terry Traina is the chief technology officer and has been with Masergy since 2004. Terry leads various teams including research and development, platform architecture, software engineering, and product development. Terry has over 20 years of experience in the telecommunications industry specializing in building and managing everything from enterprise software-defined networks to routing and switching platforms. Prior to joining Masergy, Terry has held various technical positions at Chiaro Networks, Allied Riser Communications, and EDS. Terry holds a bachelor’s of science in electrical engineering from University of Southwestern Louisiana.

Related Content

Professional Services: Planning your move to digital, remote work with UCaaS + SD-WAN

Law firms and other service firms are streamlining digital transformation by addressing UC, the network, and security in one unified strategy.

Read more

The 12 Days of Cloudmas: 7 “sWANs” a-swimming

On Day Seven of Cloudmas, Zeus Kerravala, Principal Analyst at ZK Research, looked around but seven swans a-swimming were in short supply, so he talked with Rudy Tibuni, Director of Product Management at Masergy, about seven software-defined "sWANs."

Read more

How does Cloud Access Security Broker (CASB) fit into the SASE paradigm?

CASB serves as of one of SASE’s fundamental purposes. Here’s how it works within a SASE framework to mitigate security risks.

Read more