Campus Network - AD-WAN Solution

Problems of traditional WAN

The wide area network (WAN) has long been mainly used for connecting network nodes. For example, a WAN extends connectivity between branches and their headquarters, between branches, or between data centers. WAN and service applications belong to two separate systems with little in common, as WAN serves mainly as a transmission channel for service systems to passively "carry" service traffic. However, as cloud computing, mobile Internet, and other application models and traffic models evolve, the network must be able to actively "adapt" to service traffic so that the applications can change as needed. Because the existing network management is mostly device-oriented rather than service-oriented, WAN is more node-based rather than global view-based, resulting in the following issues.

Slow service deployment and long launch period:

Since WAN devices are scattered, services must be deployed one by one and configured manually, resulting in heavy deployment workload.

There are many WAN services with complicated configurations. The manual configuration is prone to errors and implementing the service takes a long time.

Difficult traffic scheduling and lack of flexibility:

Due to the lack of a global network perspective, each device selects the path based on the route, and the shortest path instead of the optimal path is selected, resulting in low bandwidth utilization.

Traditional policy routing and traffic engineering are limited and complex to configure, which cannot dynamically adapt to changes in network status and application requirements.

Poor O&M experience for IT maintenance personnel:

Network management methods are limited and rely on manual operation, which requires a high level of expertise from IT maintenance personnel.

There is no visual display of traffic and services, making it impossible to quickly identify and locate failures and increasing the difficulties of O&M.

Network openness is too low to meet service needs:

Complex devices, closed networks, and weak programmability cannot meet the needs of rapid service deployment and flexible customization.

The network and application are statically bound and cannot be effectively integrated, making it difficult to improve the cloud computing application experience.

Building a next-generation WAN with the SDN concept

Software-Defined Networking (SDN) has evolved from the initial narrow concept represented by OpenFlow to a broad concept with software-defined networking as the core. Now SDN represents more of an architecture and a concept of building a network. Its essence and objectives are as follows:

Software-defined network: Adopt the software-defined concept to design a new network architecture that allows the network to proactively adapt to user services and traffic changes, rather than passively carry traffic.

Application-driven network: Take applications as the priority and dynamically and automatically adjust the network to quickly meet actual service needs.

Simplified software O&M: With the integration of software applications involved in the entire life cycle of the network, SDN helps to achieve automatic service deployment, visual network display, and flexible traffic scheduling, and ultimately simplify network O&M management.

Some technical methods are required to achieve the objectives of the SDN concept. Nowadays, the commonly used methods include the separation of the control plane from the forwarding plane, centralized control, and open interfaces. These methods are not only applicable to building data center networks but also capable of realizing next-generation WANs. Details are shown below.

1. Separation of the control plane from the forwarding plane

Rebuild the network architecture, simplify the device and deployment, and reduce the capital expenditure (CAPEX) and operation cost (OPEX).

Increase network scalability and improve network performance and reliability.

2. Centralized control

Integrate network resources, accelerate service deployment, and promote network transformation from function-based to service-based to generate values.

Achieve global control and scheduling, optimize traffic distribution, guarantee service quality, and improve network utilization.

3. Open interface

Differentiate and customize the networks, promote the integration of Information Technology (IT) and Communication Technology (CT), quickly adapt to service demands, and generate new values.

Develop rich apps to realize network automation and visualization and simplify O&M.

With the long-term expertise and rich experience in the WAN field, H3C thoroughly explores the pain points and needs of users in actual applications and develops an overall next-generation WAN solution based on the SDN concept and its related technologies. This solution enables users to create a WAN with an open architecture, flexible programming, and simple O&M that can manage more application traffic, achieving the application-driven network on demand and dynamic network adaption to applications. This next-generation WAN with the SDN technology is called as Application-driven Wide Area Network (ADWAN).

Architecture

As shown in the figure above, the H3C ADWAN industry solution is a hierarchical, open, and flexible network architecture, just like the SDN architecture in other scenarios. As H3C's digital network engine, SNA Center currently is a critical component for network management, control, and automatic analysis, which is regarded as the brain of the network. The product positioning mainly involves two aspects:

Convergence of management, control, and analysis in single scenarios: Single scenarios refer to the network environment of an independent campus, DC, and WAN. In single scenarios, SNA Center achieves cross-technology convergence and realizes the unified entrance of services and the collaborative operation of functions.

Unified orchestration of services in cross scenarios: Cross scenarios refer to the network environment where campus, DC, WAN, and other scenarios require service connection and collaborative operation to achieve user services. In cross scenarios, SNA achieves cross-domain service convergence and service automation.

In the WAN scenario, SeerEngine and SeerAnalyzer in SNA Center can be used to meet service requirements of automatic service orchestration and intelligent O&M. SeerEngine is a basic component that provides functions including VPN service issuance, scheduling visual service issuance, QoS service deployment, orchestration and reconfiguration of service path, and visualization on the network and service level. With SeerAnalyzer, more in-depth operation and analysis functions can be performed, such as protocol analysis statistics for the application layer, and AI-based traffic prediction. At the same time, SeerAnalyzer analyzes service traffic such as abnormalities and attacks, which can be used to adjust SeerEngine's service policies with SNA and complete the service closure loop.

SNA Center deploys all components in containers and uses a microservice architecture that allows components to be deployed based on service needs for easy elastic expansion.

Solution features

Based on the global perspective, the AD-WAN industry solution enables multi-level and all-round visualization of the whole network through unified integration of network resources, multi-dimensional observation of network status, and intelligent analysis of operation data. At the same time, it provides centralized control, global scheduling, and real-time optimization based on user policies and application requirements to realize application-driven WAN services. It has the following features:

Full openness: Firstly, the architecture is open. This means that the network is decoupled at all levels including all components to easily extend the network. Secondly, the APIs are open. This means that network components communicate with each other through open and standard APIs. It provides multi-level APIs with different levels of abstraction from device to controller and controller to orchestrator, giving the network flexible programmable and definable capabilities and allowing applications to easily use network services.

Scenario-based: Based on the scenario-based development concept, we provide service-oriented and customizable applications to meet the needs of users in different scenarios.

Full process: Rebuild the WAN in the full process, manage and control the network from a global network perspective, and simplify O&M management.

End-to-end: With the service-driven network, the security, WAN optimization, and Content Distribution Network (CDN) caching are dynamically deployed based on the different needs of service applications. The end-to-end network services are provided.

Migratable: This solution is compatible with traditional networks and supports smooth migration to SDN solutions.

For the branch solutions, the features of ADWAN are shown in the following figure: