Your distributed office wide area networks are about to get disrupted—in a good way. Software-defined WANs are upgrading application performance to enable people in branch offices, stores, and clinics to operate at peak efficiency. But before today, many organization needed to upgrade their hardware in order to take full advantage of SD-WAN. To make SD-WAN as ubiquitous as possible, Cisco is expanding our Viptela SD-WAN capabilities across the ISR/ASR router family with Cisco IOS® XE software. Let’s look at why this is a perfect union of two powerful technologies and what it means for your organization.

With traditional rigid MPLS WAN implementations, workers at remote branches are constrained by performance and bandwidth issues that affects how they can interact with customers, patients, and coworkers. Applying SD-WAN technology to existing ISR/ASR infrastructure enables higher bandwidth at lower cost, better reliability, and improved Quality of Service (QoS) for superior application experiences. Implementing an SD-WAN solves multiple challenges in managing networks for a distributed enterprise by:

  • Unifying connectivity across MPLS, Ethernet, internet, leased lines, DSL, and LTE networks.
  • Maintaining consistent experience and performance for SaaS, cloud, and data center applications.
  • Securing device and application access to enterprise data resources.
  • Reducing transmission costs while increasing bandwidth for interactive applications, video, and conferencing.
  • Enabling provisioning of remote zero-touch edge routers with configuration via cloud management tools.
  • Managing WAN connectivity with in-house expertise using visual management tools.

Bringing SD-WAN Fabric to Cisco ISR/ASR Routers 

Over a million of our ISR/ASR family of edge routers are in use by organizations worldwide. Shortly after acquiring Viptela in 2017, we made the Viptela SD-WAN solution available to all our customers and partners. The release of Cisco IOS XE provides an instant upgrade path for creating cloud-controlled SD-WAN Fabrics to connect distributed offices, people, devices, and applications operating on the installed base. Progressive organizations are already benefiting from SD-WAN implementations to unite their distributed branches and improve cloud application performance.

  • An insurance organization with thousands of branch offices implemented SD-WAN to increase the reliability and resiliency of their branch connectivity and improve performance for SaaS applications like Office 365 while reducing costly MPLS backhaul traffic.
  • A clothing retail chain added guest Wi-Fi services to 1200 stores to augment the omni-channel shopping experience, segmenting the guest traffic from critical business applications and sensitive traffic such as payment information with the SD-WAN.
  • A life sciences company with research and manufacturing offices worldwide implemented SD-WAN to increase bandwidth and performance at remote facilities while driving down MPLS costs by 80%.

Cisco SD-WAN on edge routers builds a secure virtual IP fabric by combining routing, segmentation, security, policy, and orchestration. It eliminates backhauling from branches to headquarters to access SaaS applications, improving application performance and experience for a distributed and mobile workforce. For example, at the branch-level, you can define a performance policy for Cloud SaaS Onramps to maintain a level of QoS for Office 356 performance and assign a real-time streaming policy for unified communications.

Keeping data traffic and connections secure is also simplified with an SD-WAN. Multilayer security encrypts all data from the WAN edge to the cloud. Segmentation keeps sensitive data from co-mingling with regular traffic. Malware-infected endpoints are automatically isolated from the network to stop infections from spreading.

Simplifying WAN Operations with Cloud Management

One of the main challenges for a distributed organization is managing branch networks without sending IT technicians to sites every time routers need tuning or replacing. The ability to configure and manage branch routers from a central point—the single pane of glass approach—alleviates much of the time and travel expense of maintaining traditional MPLS WANs. With Cisco vManage and zero-touch provisioning of ISR/ASR edge routers, reliability and resiliency are easier to manage. 

A typical Day-Zero to Day-N implementation for adding a branch to the corporate WAN starts with shipping the desired ISR/ASR router to the site to provide MPLS, Internet, or 4G LTE access to Ethernet or Wi-Fi nodes in the office. Local office workers power up the router without needing any technical configuration knowledge. IT uses vManage as a cloud application to connect with the newly installed router, and downloads configuration files, including policies that govern device security, application QoS, and segmentation, among other parameters.

Maintaining Uptime and Simplifying Equipment Replacements

Let’s look at an example of a Cisco SD-WAN implementation to see how global convenience store retailer shortens the replacement time of connections for Point-of-Sale devices at stores. Their Cisco SD-WAN is currently supporting 3400+ locations, adding 500 new stores every month. Before the SD-WAN implementation, replacement equipment had to be pre-configured at IT headquarters, then shipped to the store, which could take several days, during which time the PoS could be unavailable—a real money loser. With Cisco SD-WAN, un-configured devices can be stored regionally for faster shipping and installation. The replacement edge routers are plugged in by local staff and configured via vManage and an LTE connection. With cloud management, there is no need to send IT personnel to stores to configure routers, saving time and travel expenses while maximizing uptime.

SD-WAN Goal Achieved, the Journey to Intent-Based Networking Continues

With this release of Cisco IOS XE, we’ve reached our goal of bringing SD-WAN capabilities to the ISR/ASR router families. But we are not pausing in the journey to bring Intent-Based Networking to distributed enterprises. We will be integrating vManage capabilities into our DNA Center network controller, providing visibility, security, and intent over all the network segments from the campus to data center to distributed branch offices. We will continue our efforts to make the complexities of networking simple, secure, and automated so that you can focus on innovation for your distributed operations.

For a demonstration of Cisco’s SD-WAN architecture, watch a new Cisco TechWiseTV show on SD-WAN and vManage. 



Anand Oswal

No Longer with Cisco