Penetration of cloud all around the enterprises also brought the need for hybrid networking solutions supporting private WANs and commodity Internet connections to support adoption of cloud applications, remote connectivity, scalability with application performance and including visibility. Major networking vendors like Cisco, Palo Alto, Juniper networks and so on are offering SD-WAN solutions oriented towards servicing cloud infrastructures.
Today we look more in detail about two most popular SD-WAN solutions from leading network services providers – Cisco SD-WAN and Palo Alto Prism (Cloud Genix), their advantages, how they differ from each other and how they can still be integrated, use cases etc.
In traditional WANs traffic is routed from remote sites to enterprise data centres using private MPLS circuits. But this traditional structure is getting out of date due to increased penetration of applications movement over public clouds such as Microsoft Azure, Amazon AWS. Moving user traffic from branches to enterprise DC and then onto cloud or Internet is inefficient, expensive and lacks scalability.
SD-WAN architecture applies the principle of Software defined networking (SDN) replacing traditional data centres. It is designed to meet the demands of enterprise applications and increased security requirements. Cisco SD-WAN is made up of four components and segregated into four planes namely:
- orchestration plane,
- management plane,
- control plane, and
- data plane.
Cisco vBond operates at orchestration plane and performs orchestration of onboarding of new unconfigured devices to SD-WAN fabric. Cisco vManage operates at the management plane and runs the user interface of system and dashboard. It collects network telemetry data, runs analytics and alerts on events, creates device templates, push configurations, and overlay traffic engineering.
Cisco vSmart is a control plane component and they are the brain of overlay fabric. Advertising policies, routing, and security. Cisco vEdge is a data plane and it sits at WAN edge and establish network fabric and join SD-WAN overlay.
Features of SD-WAN
- Centralized management is main feature which offers operational simplicity, reduction in changes and deployment times as a result
- Transport independent overlay as underlay transport is abstracted from overlay fabric, any combination of transports can be used in active/active fashion to reduce bandwidth costs.
- Sophisticated security as it uses certificate identity with zero trust security model
- Visibility of applications -Real time analysis and application visibility are core components of this architecture and enables enforcement of service level agreements (SLA) and tracking of performance metrics for specific sets.
Palo Alto Prisma (Cloud Genix)
Palo Alto Prisma SD-WAN is a cloud delivered service which implements application defined, autonomous SD-WAN which help to secure and connect branch offices, data centres, and campus sites in a simple and cost-effective manner. The application fabric connects to sites in a secure way having application awareness and gives freedom to use any WAN, any cloud.
It has Instant on Network (ION) devices deployed in locations to have control and visibility wherever desired. It allows to create policies based on business intent, enables dynamic path selection using the highest performance network, and visibility into applications and network performance.
A secure application fabric, AppFabric, is established by creating a virtual private network over every WAN link. ION devices automatically choose the best WAN path for applications and do a real time analysis of application performance metrics and WAN links.
Features of Palo Alto Prisma (Cloud Genix)
- Let you measure and monitor specific paths as well as dynamically move sessions to optimal path
- Leverages commodity links such as broadband Internet, LTE etc
- Eliminates the need to manage multiple, disparate consoles from different vendors using ‘Panorama’ network security management tool
- Provisioning of new branches with zero touch provisioning for automating tedious onboarding process
- Hardware high availability in active/passive mode
Cisco SD-WAN vs Palo Alto Prisma: Comparison Table
Download the comparison table: cisco sd-wan vs palo alto prisma