Glowing polygonal map on dark background. Internation ai and innovation concept. 3D Rendering
SD-WAN VMware

Best Practices for Scaling a Global SD-WAN Network

Global SD-WAN Network

With a digital transformation impacting the business world across the globe, organizations must ensure their technical infrastructure successfully handles the changes. Seamless network scalability remains essential in this dynamic environment. This need for more secure, flexible, and scalable network infrastructure is a major reason companies increasingly turn to SD-WAN as part of their strategy for communications and connectivity.

SD-WAN offers businesses a host of significant benefits, including simplified monitoring and management, improved network and application performance, easy installation, and, of course, that seamless scalability. This emerging networking technology has rapidly become a competitive differentiator between companies adopting SD-WAN and those saddled with an obsolete network. In short, SD-WAN is now essential for success.

Enterprises with a global footprint need a deft touch when architecting their SD-WAN infrastructure. VMware recently published an eBook covering this topic, Design Principles for Scaling a Global SD-WAN Network. Let’s take a closer look at some of the best practices from this eBook to help any company build the network to foster their growth and success.

An Overview of VMware SD-WAN™ by VeloCloud®

The VMware SD-WAN includes three major components. Each performs a unique function within this SD-WAN architecture:

  • VMware SD-WAN Orchestrator: The VMware SD-WAN Orchestrator serves as the management portal for the network. Engineers can monitor traffic and make configuration changes as necessary. This multitenant service can run locally or over the cloud.
  • VMware SD-WAN Edge: Branch offices are where VMware SD-WAN Edge components primarily reside. Either hardware or software-based, they coexist with hardware components or even serve as a router in a multiprotocol label switching (MPLS) network.
  • VMware SD-WAN Gateway: VMware SD-WAN Gateway components are used for multiple functions, including network route reflection, a control pane for VMware SD-WAN Edge devices, or to onboard optimized Internet and network traffic to an SD-WAN network. They typically reside in major Internet PoPs across the globe.

These three components work together to support multiple network architectural designs to meet the specific need of the business, including the unique requirements of enterprises with large global network infrastructures.

Considerations for Scaling a Global Enterprise Network

Planning is essential when architecting any network infrastructure, especially one highly scalable with a global footprint. Here are a few points worth considering as part of any design process.

  • Determine where SD-WAN overlays are required across the network, decide on the routing redistribution points to your existing network, as well as the supported overlay technologies.
  • The impact of transit hubs on the overlay topology is also important. Cascading hubs are not recommended.
  • Determine the number of edges and tunnels each hub or cluster can support.
  • Whether the number of tunnels exceeds the SD-WAN gateway control plane limit must be known.
  • Evaluate the Internet/cloud exit points on the network, as they influence security and application performance.

Our design approach for a global enterprise SD-WAN network includes overlays between hubs and branch sites, with an underlay between the main data center and hubs. This underlay typically leverages a high-throughput fiber or MPLS network.

The VMware SD-WAN solution utilizes a network profile to easily scale and manage a global SD-WAN network. The network profile is a configuration template that makes it easy to design global SD-WAN networks using the hub and spoke design model. This tool supports the management of device settings, business policies, and firewalls. It simplifies network design and the configuration process at scale. The use of a network profile also promotes flexible insertion of security stacks in a regional hub or data center and optimizes application performance with an emphasis on cybersecurity.

When considering hub-side redundancy when designing the data center network, engineers are faced with two options. The VMware SD-WAN High Availability approach is suitable, but only in scenarios where the overall network capacity is limited. Instead, we recommend using clusters, as it fosters the optimized scalability necessary for efficient tunneling.

Additionally, the cloud-hosted VMware SD-WAN Gateways allow for an architecture that seamlessly integrates with the best of breed secure web gateway (SWG) services and public cloud networks in a secure and scalable manner.

Enterprise SD-WAN Best Practices to Enhance Scalability

In addition to the points mentioned above, here are a few more best practices for designing a global enterprise SD-WAN network that scales easily.

  • The proprietary routing features of VMware SD-WAN greatly reduce complexity for enterprises migrating from an existing MPLS network. Use Uplink and Uplink Community features to easily migrate hybrid SD-WAN branches with MPLS connectivity at scale and also provide these sites optimized connectivity to the underlay networks.
  • Make sure application-based forwarding driven by business policies follows the enterprise’s information security posture. For similar security reasons, ensure each VMware SD-WAN Edge only connects to two destinations.
  • Use an underlay for any data center to data center traffic requiring other overlay technologies.
  • Simplify the network’s routing topology by minimizing the number of underlay/overlay distribution points.
  • The data center hub cluster needs the tunnel capacity to support all VMware SD-WAN Edge components on the network.
  • Large global networks can use a distributed controller-only architecture. Using at least two VMware SD-WAN Gateways at each branch, with those Gateways connected to each regional hub, helps create this distributed architecture.

As noted earlier, check out our new eBook, Design Principles for Scaling a Global SD-WAN Network, for additional detail on the topics covered in this blog. The eBook provides valuable information on integrating a VMware SD-WAN with older MPLS circuits, as well as tips on implementing security across an entire enterprise network.

We also provide a variety of use cases detailing practical examples for designing global SD-WAN networks with leading-edge performance, scalability, and security. These also include network diagrams to help in your understanding. Ultimately, this eBook provides essential information for anyone considering SD-WAN.