Cloud-based SD-WAN runs on remote servers managed by a SaaS provider. It runs entirely in the cloud, meaning you do not need to invest in server equipment or technical service. This contrasts with regular, on-premise SD-WAN where you host and manage the server equipment on your company premises.

With cloud-based SD-WAN, the SD-WAN controller runs in the public cloud. Offered as a SaaS platform, you will manage it and configure devices from a cloud-hosted dashboard. Therefore, you only pay for using the cloud hosting service, which is done through a licensing model. How much you pay depends on the number of devices you connect.

Traditional WAN and Cloud SD-WAN

Hardware requirements

Traditional WAN relies heavily on physical hardware. Think routers and dedicated MPLS lines. It's like a landline telephone system. It works but is not flexible and is prone to mechanical failures.

On the other hand, Cloud SD-WAN leverages the cloud. Because it runs in the cloud you can use a variety of connections, including broadband, LTE, and MPLS. Like a smartphone, it connects in multiple ways and adjusts based on what's available. If broadband gets spotty, LTE can step in seamlessly.

Complexity of scaling

With traditional SD-WAN, adding a new branch office entails setting up new hardware and configuring it manually. It’s time-consuming and is logistically challenging. 

But with Cloud SD-WAN, scaling is much easier. Virtual appliances can be spun up quickly, and configurations can be pushed from a central location. You don’t need to invest in additional hardware; you simply subscribe to a higher tier.

Security

Traditional WAN often requires separate security appliances at each site. This means more points of failure and a lot of separate management consoles. 

Cloud SD-WAN, however, often integrates security features directly. You can manage both connectivity and security policies across the network from a single dashboard. Everything is configured virtually and can be done in minutes

Performance and reliability.

Traditional SD-WAN can still struggle with latency and packet loss, especially over long distances. Cloud SD-WAN handles this much better because it leverages the SaaS provider’s advanced networking infrastructure. It can dynamically route traffic based on real-time conditions. 

So if one path experiences latency, traffic can be instantly rerouted through a more efficient path. This improves application performance, which is crucial for things like video conferencing and VoIP. Morever, the routing is not your responsibility. The cloud SD-WAN vendor manages it from their end.

Cost

Cloud SD-WAN removes hardware and maintenance expenses. Those are the responsibility of the SaaS provider. You do not have to buy expensive routing and switching equipment because the network is configured and managed entirely in the cloud. Even better, you only pay for what you need or use, meaning your costs grow with your needs.

Functions and capabilities of cloud SD-WAN

Dynamic path selection and load balancing

Cloud-hosted SD-WAN uses real-time data to understand the current state of the network. For example, if your primary MPLS link is swamped with video calls, SD-WAN can automatically route less critical traffic, like software updates, over to a high-speed internet link. This dynamic path selection ensures that your crucial applications always perform best.

Load balancing across multiple WAN links also improves. Say you have a video conference, cloud storage access, and VoIP calls all happening simultaneously. SD-WAN can distribute this traffic across multiple paths to optimize resource use. 

For instance, it might send video over the MPLS link for stability, while routing cloud storage traffic via broadband, and using a secondary link for VoIP. This way, no single path gets overwhelmed. Everything runs smoothly.

This flexibility not only improves performance but also helps in reducing costs. You can leverage more cost-effective broadband options without sacrificing quality, thanks to the sophisticated traffic management.

Centralized management and orchestration

Imagine that you want to deploy new branch locations. Normally, setting up a new site requires manual configuration, which can be both time-consuming and prone to errors. 

With Cloud SD-WAN, you can push configurations from a central location, which being a cloud-accessible dashboard only needs an internet connection. 

Instead of sending a technician when opening a new office in another city, you just configure the policies and security settings from your central, cloud-hosted management console. The new branch can be up and running in minutes, with no investment in new hardware.

Security policies and updates are managed centrally as well. Think about applying a new security update across all your locations. Without centralized orchestration, this means manually updating each site. 

With cloud-hosted SD-WAN, a single update can roll out network-wide seamlessly. This ensures that all locations are consistently protected without the hassle of individual updates.

Another practical example is performance monitoring. Traditional WAN can make it difficult to pinpoint where network issues lie. Cloud SD-WAN solutions’ centralized management provides real-time insights and analytics. 

If there’s a problem with a particular link or application, it can be easily identified and addressed quickly by the SaaS provider. This level of visibility helps in minimizing downtime and maintaining optimal performance.

The ease of centralized management is incredibly useful for policies, too. Suppose you need to enforce a new compliance requirement across your network. With traditional setups, this could involve manual adjustments at every branch. 

An SD-WAN hosted in the cloud allows you to implement these changes globally from your central dashboard. This not only saves time but also ensures consistency and reliability across the network.

In essence, the power of centralized management and orchestration with cloud-based SD-WAN transforms the way we handle networks. It brings a level of simplicity, efficiency, and control that is hard to achieve with regular SD-WAN or traditional WAN networks.

Integrated security services

Securing a company network isn’t just about putting up walls. It's about intelligent defense. With cloud SD-WAN, you’re not only enhancing connectivity but also integrating robust security services seamlessly. It’s similar to having a firewall that understands applications intimately, defending against both known and emerging threats.

Hosting and managing your entire SD-WAN architecture in the cloud also makes it easy to integrate a zero-trust approach to your network. This means you can verify every user, scrutinize every device, and enforce adaptive, dynamic policies. 

Zero-trust policies ensure that only authorized users access applications, no matter where they are. So, whether you are accessing network resources from a coffee shop or a corporate office, the security posture remains robust and uncompromised.

Moreover, the integration extends beyond just your internal policies. Most cloud SD-WAN solutions align seamlessly with the major cloud security vendors. This flexibility means you are not locked into one ecosystem, giving you the freedom to tailor your security architecture to your specific needs.

An often overlooked aspect is the simplified deployment. With cloud-managed SD-WAN, deploying security protocols is quick and straightforward. The seamless integration enables you to set up comprehensive security at branch sites in minutes. The efficiency you gain from such streamlined operations drastically reduces the complexity and time required for set-up.

Integrated security services with cloud SD-WAN means having a vigilant, intelligent, and seamless defense strategy. This is not just about securing the perimeters but ensuring every aspect of your network architecture is fortified and ready to tackle modern threats.

Application-aware routing

Application-aware routing recognizes applications at a granular level and intelligently directs traffic based on the type of application and its requirements. This means you don't have to treat all traffic equally. Instead, you can prioritize and make decisions with much finer control, ensuring that business-critical applications get the resources they need.

For example, think about a video conferencing tool like Zoom. During an important meeting, you want the video and audio streams to be flawless. With application-aware routing, a cloud-managed SD-WAN identifies Zoom traffic and prioritizes it over less critical traffic, like file downloads. This way, your meetings experience minimal latency and jitter, maintaining high quality.

Another instance is with a CRM application like Salesforce. Sales teams rely on real-time data to make decisions and close deals quickly. Cloud SD-WAN can detect Salesforce traffic more dynamically and ensure it gets routed through the most efficient, low-latency path. 

Such intelligent routing minimizes lag and keeps the application responsive, which is crucial for the sales process. Moreover, sales teams can access the network on the go since it is cloud-hosted.

Application-aware routing can also improve your security posture. Suppose you have an intrusion detection system (IDS) running in your network. This system needs real-time data to function effectively. With application-aware routing, IDS traffic can be prioritized to ensure timely delivery of threat information. This makes your security posture more robust.

Thanks to application-aware routing, cloud-managed SD-WAN makes your network smarter. It learns and adapts, providing the best possible performance for each application.