Delivering Cloud-scale SD-WAN Orchestration for Today’s Large-scale Enterprises


Industry adoption of SD-WAN technologies is accelerating. According to a recent report by IDC1, the SD-WAN market is poised to reach $5.25 Billion worldwide in 2023. The report also predicts the SD-WAN industry to grow at a compound annual growth rate (CAGR) of 30.8 percent from 2018 to 2023, and that is drawing considerable attention to this new way of architecting and deploying WAN infrastructure by enterprises of all sizes.

Additionally, a survey conducted by Frost and Sullivan in 20182 revealed that 72 percent of respondents considered SD-WAN as a priority for their organization. The survey also revealed that the return on investment (ROI) expectations are also larger — with 25 to 50 percent reduction in WAN expenses — from companies with 50 or more sites.

As SD-WAN technologies continue to evolve and become more widely deployed by larger enterprises, greater deployment flexibility and agility are paramount for the typically more complex organizational structures of large enterprises. This is particularly true for those enterprises with multiple entities spanning geographic regions whether they are business units, subsidiaries, regionalized domains, or other organizational structural entities.

From the data and control plane perspectives, scalable SD-WAN solutions for large enterprises naturally need to steer and optimize application traffic across networks spanning 100’s and even 1,000’s of sites. Such solutions must also be supported by a management and orchestration framework that can not only operationally support larger scale deployments, but which can also adjust and adapt to the dynamic organizational needs of larger enterprises. These might include the ability to support distinct administrative domains that require isolation and/or application segmentation.

1 SD-WAN Infrastructure Market Poised to Reach $5.25 Billion in 2023, According to New IDC Forecast
2 How SD-WAN is impacting global enterprise WAN strategies

The Dynamics of Large Enterprises

The organizational structure of large enterprises is often a reflection of what is required to drive the business forward. Individual business entities within global corporations are often created, organically or inorganically, with the intent of providing a certain level of autonomy and business agility, allowing each to independently grow and evolve based on market demand and opportunity. Enterprises that fall into this category include large, dynamic corporations or conglomerates with multiple business units or subsidiaries, each of which may potentially operate in a specific geographical region and which may employ localized IT resources for day-to-day operations and maintenance, but which may also rely upon a common set of global, enterprise-wide policies.

Multi-agency organizations such as government and state entities also demonstrate similar characteristics, whereby a single entity may dictate or provide centralized oversight over multiple agencies or sub-entities, while relegating each agency’s specific SD-WAN policies and operations to the respective IT organization.

The Challenge: Delivering SD-WAN Scalability and Isolation with Centralized Administration

For these types of large enterprises, the notion of a single unified WAN across all business entities is often a desired end goal. However, achieving and administering such a solution and catering to the specific business cycles and needs of each entity can present a significant challenge when the organizational structure is dynamic, and regularly impacted by events such as mergers and acquisitions, multi-entity business collaborations, and reorganizations. Conversely some large enterprises prefer to isolate or segment applications between business units.

A common requirement amongst these types of large enterprises is the need to support multiple administrative domains for isolating and separating the lifecycle management and operations of each entity’s SD-WAN, while still providing a single administrative “pane-of-glass” across these various SD-WAN fabrics. Enterprises with complex organizational structures generally have multiple IT groups with varying requirements for access, visibility and control over specific portions of the overall SD-WAN. In these scenarios, there are often three key administrative challenges faced by those responsible for managing and maintaining such deployments:

 Unified SD-WAN Across All Business Entities

1. Solution adaptability and elasticity

The organizational structure of larger enterprises is often dynamic and evolutionary. Through events such as reorganizations, consolidations, and mergers and acquisitions activities, or simply as a result of organic growth, organizations experience transformation over time and often require adjustments to their WAN architecture and application policies. The SD-WAN fabrics for each entity can range from 10s, 100s, and even 1,000s of sites. For IT, this presents a challenge in providing and maintaining administrative domains that can adapt and are appropriately dimensioned for each specific domain’s needs.

2. Flexible administrative access and control

The dynamic nature of an enterprise’s organization also presents a challenge in aligning each business domain’s specific administrative and access policies with resources within the IT organization. Access privileges for IT administrators need to be flexibly assigned across and within domains, in adherence to business entity-specific security policies as well as any corporate-wide policies. Maintaining consistent policy administration can present further operational challenges when the underlying business structure is constantly evolving and adapting to market forces.

3. Lifecycle autonomy and operational independence

Many larger enterprises struggle to provide a level of individuality and autonomy amongst each of their entities. This facilitates an optimal SD-WAN experience, tailored to each entity’s specific business needs and timelines, while also decoupling the maintenance and upkeep of the entities. Lifecycle autonomy means providing a level of isolation and individuality to each entity or agency, allowing each to run its own versions of SD-WAN orchestration software and dictate its own upgrade and maintenance schedule.

Orchestrator Global Enterprise: A Business-driven Solution for Large-scale Enterprises

To address these challenges, Silver Peak offers a new orchestration solution: Unity Orchestrator Global Enterprise. Orchestrator Global Enterprise is a globally available, secure, cloud-hosted orchestration service that is designed for large, multi-entity, multi-national or multi-agency organizations deploying any number of SD-WAN domains.

Orchestrator Global Enterprise provides unprecedented levels of operational efficiency with an intuitive GUI and centralized SD-WAN configuration. It provides a single pane of glass management to provide complete observability across multiple SD-WAN fabrics through which IT administrators can gain granular visibility and access into each SD-WAN, enabling rapid response for troubleshooting and support issue resolution (Figure 1). It simplifies lifecycle operations such as software upgrades, maintenance and automates configuration back-up and restoration.

Orchestrator Global Enterprise makes it easy for large enterprises and multi-agency organizations to provide individualized SD-WAN lifecycle experience across multiple SD-WAN fabrics based on the specific needs of each business unit, subsidiary or entity, all via a single pane of glass. It can also be used as a multi-tenant orchestration solution by managed service providers (MSPs) who are reselling Unity EdgeConnect™ and want to start a managed service on top. By using Orchestrator Global Enterprise, MSPs are able to manage a virtually unlimited number of enterprise-owned SD-WANs with the ability to tailor deployments to individual customer requirements.

Figure 1: Centralized network visibility across multiple SD-WAN fabrics
Figure 1: Centralized network visibility across multiple SD-WAN fabrics

Elastic Scalability to Accelerate Secure SD-WAN Growth

At the core of Orchestrator Global Enterprise is its approach to addressing scalability and flexibility across each SD-WAN domain. Orchestrator Global Enterprise employs modern cloud-native scaling techniques to achieve elastic scalability, enabling a horizontal scale-out approach that easily scales as the number of SD-WAN domains increases, aligning to the evolution of a corporation’s organizational structural and business requirements.

Horizontal scalability means each entity or tenant is provided its own orchestration instance, inclusive of a secure, private database, providing it with a high level of data security and isolation (Figure 2). Operationally, this enables network administrators to custom-tune and dictate the maintenance and upgrade lifecycle policies for each entity’s SD-WAN, catering to each organization’s specific business needs and timelines, without any impact to others. Each specific entity’s SD-WAN orchestration solution allocates the right amount of resources needed, whether it is orchestrating policies across 10s or 1,000s of sites.

Figure 2: Orchestrator Global Enterprise enables large enterprises to globally manage and monitor multiple SD-WAN fabrics supported by independent tenant Orchestrator instances to support the requirements of different business units or subsidiary companies
Figure 2: Orchestrator Global Enterprise enables large enterprises to globally manage and monitor multiple SD-WAN fabrics supported by independent tenant Orchestrator instances to support the requirements of different business units or subsidiary companies

Flexible, Secure Access Control

Coupled with this approach is a flexible access control framework that offers granular, multi-level administrative control that ensures the right capabilities for each business entity’s SD-WAN are provided to the right personnel. As corporations evolve, assigning and maintaining administrative responsibilities for individuals across and within organizations can be time-consuming. Orchestrator Global Enterprise combines role-based access control mechanisms combined with appliance-level access control to simplify and scale the management of administrative privileges enterprise-wide.

Fast-track Business Agility with Business-aligned Lifecycle Operations

Orchestrator Global Enterprise provides multi-entity organizations the ability to implement and manage independent SD-WAN fabrics in parallel, uniquely tailored for the specific needs of each business entity (Figure 3).

Figure 3: Orchestrator tenant dashboard provides status and details for each individual SD-WAN fabric
Figure 3: Orchestrator tenant dashboard provides status and details for each individual SD-WAN fabric

For large corporations where each business entity operates independently, this ensures a unique SD-WAN evolution journey, driven by the demands and timelines of its own business, without any repercussions to any other business entity. With each entity making its own decision on which software version to run and when upgrades and maintenance are performed, each SD-WAN can quickly respond to its own business needs, while minimizing any unintended outages or disruptions to others, resulting in improved overall network availability and an optimal end-user experience. Furthermore, when each SD-WAN orchestrator operates as its own independent, secure database instance, more predictable performance and enhanced data security are maintained.

Delivering Business Value and Service Differentiation

In conclusion, the key challenges faced by larger corporations seeking to deploy an agile, business-driven SD-WAN solution become more responsive to each organization’s unique demands is appropriately addressed with Orchestrator Global Enterprise. This cloud-native solution facilitates a rapid time-to-market orchestration solution that is horizontally scalable, providing each entity with an individualized orchestration experience, tuned and customized to its specific needs.

With Orchestrator Global Enterprise, large enterprises and managed service providers alike are able to quickly realize the following benefits:

  • > Accelerate business agility and simplify lifecycle management with isolated, individually managed SD-WAN fabrics that support new business units or subsidiaries with administrative separation, without re-architecting the network or incurring additional CAPEX
  • > Reduce CAPEX, OPEX and life cycle costs of self-hosting new deployments with Orchestration-as-a-Service with the Silver Peak cloud-hosted managed service offering
  • > Improve operational efficiency, reduce ongoing IT administration cost and overhead and minimize the impact of maintenance and upgrade operations across the enterprise with global orchestration of SD-WAN fabrics across the entire network
  • > Accelerate secure SD-WAN infrastructure growth with a cloud-scale architecture that supports any number of additional Orchestrator tenants to drive instant expansion of new SD-WAN fabrics and network endpoints
  • > Ease troubleshooting, reduce human errors and simplify operations with the centralized visibility and management of the entire network, delivering the highest quality of experience to users and IT
  • > Optimize the end-user experience within each business organization, agency, or tenant