What is the purpose of an SD-WAN gateway?

Software-defined WAN architecture has adapted with the growth of cloud services, resulting in a cloud-based model that uses SD-WAN gateways to handle traffic and control.

A wide area network provides a connection between a headquarters location and remote branch offices. With a software-defined WAN, a software overlay sits on top of the tunnel created between the headquarters and the branch. This simplifies the management, security and access between the two entities.

Typically, SD-WAN is a point-to-point architecture, meaning an edge device sits at each endpoint and has a direct connection with the other devices. This creates a hub-and-spoke architecture, with the headquarters as the central hub. While this design is straightforward, it also means any branch-to-branch communication or branch-to-cloud service needs to pass through headquarters first, which adds latency for both the branch and the headquarters.

With the growth of cloud services, a second type of SD-WAN architecture is emerging. This model is cloud-based and adds an SD-WAN gateway into the architecture.

A virtual SD-WAN gateway sits in a cloud environment outside the headquarters and handles all the SD-WAN traffic and control. Branch-to-branch communication happens in the cloud, not at headquarters, which eases the traffic on the headquarters' networks.

Who should use SD-WAN gateways?

Enterprises using a large number of cloud-based services ... can benefit from an SD-WAN gateway, as it reduces traffic and latency.

Enterprises using a large number of cloud-based services -- such as Office 365, Salesforce or applications running on AWS -- can benefit from an SD-WAN gateway, as it reduces traffic and latency. An SD-WAN gateway can insulate cloud applications from interruptions during circuit flapping because the end users are connected to the gateway. This keeps the session active during the interference instead of the session connecting directly to the cloud service.

Enterprises with long-term SD-WAN strategies to build out a meshed WAN design for all their sites -- perhaps because they have plenty of site-to-site WAN traffic -- will likely prefer the SD-WAN gateway options over a standard, point-to-point SD-WAN. An SD-WAN gateway eliminates much of the hardware and management costs of a point-to-point architecture.

One of the few downsides of an SD-WAN gateway is some of the usual SD-WAN service-level capabilities might not be available in a gateway model. Some capabilities -- like application-based traffic forwarding, quality of service or security policy management -- may require an SD-WAN endpoint on each end of the tunnel. An SD-WAN gateway environment has no common endpoint at the gateway location to manage that tunnel connection.

Next Steps

How SD-WAN and cloud exchanges benefit multi-cloud settings

Dig Deeper on SD-WAN