1.8: SDN, VXLAN, & SASE

SDN

Network infrastructure that separates the functions of networking into logical units that can be implemented as code

Infra layer or Data Plane; processes network frames and packets; forwarding, trunking, encrypting, NAT

Control layer or Plane; manages actions of the Data Plane; routing, session, NAT tables; dynamic routing protocol updates

App layer or Management Plane; configure and manage devices; SSH, browser, APIs

SD-WAN

Software Defined Networking in a Wide Area Network; In other words, a WAN built for the cloud

Cloud-based apps communicate directly to the cloud, no need to hop through a central point

Build out dynamic networks that can communicate to web-based apps and physical sites

App Awareness

SD-WAN feature where the WAN knows which app is in use, and makes routing decisions based on the app data

Zero Touch Provisioning

SD-WAN feature where remote devices are automatically configured based on changes in the network

App traffic uses the most optimal path, which can change based on traffic patterns and network health

Transport Agnostic

SD-WAN feature where the underlying network can be any type, allowing you to pick the best choice for each remote site

Central Management

SD-WAN where you can make policy changes through one management console, which are pushed out to all SD-WAN routers automatically

DCI

Technology that connects two or more data centers over various distances using high-speed connectivity

Device networks span seamlessly over these geographic distances; all customers share the same core network

Distribute apps everywhere to increase uptime and availability, workload can be moved to best location

VXLAN

Technology designed to support thousands of different customers all using the same data centers across the world

Over 16 million possible virtual networks; tunnel frames across a layer 3 network; accommodate large virtual environments

Encapsulation

VXLAN property to connect VNIs using a Tunnel over an IP network

Add VXLAN Header to original Ethernet frame -> sits in UDP header -> sits in IP header -> sits in new Ethernet frame

This creates a VXLAN Packet, which is deconstructed at the destination VXLAN Tunnel Endpoint

SASE

Next-generation VPN technology that allows more efficient communication to web-based applications

Install client on all devices, then securely jump from any cloud-based service you need with the same connection

Users can access from corpo, home, mobile, etc.; provides network and security as a service without user intervention