White Paper Problem Statement

Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are transformational technologies that will change how the government architects, specifies, acquires, implements, deploys, operates and secures its networks. Today, telecom providers are deploying SDN/NFV in their commercial networks to lower capital expenditures (CAPEX) and operations expenditures (OPEX), while increasing agility, performance, and resilience. Leveraging those successes, additional services based on SDN/NFV are being developed, rolled out, and vigorously marketed by telecom providers. The most notable of these services is called Software Defined Wide Area Networking (SD-WAN).

Put simply, SD-WAN is a service that combines the agile routing benefits of SDN with the hardware virtualization benefits of NFV at the network edge (i.e., at the customer site). It serves as an “overlay” network that integrates security, policy, and orchestration, using end-to-end encryption between main offices, branch offices, and the cloud. This allows end-user networks to make much more seamless, agile and efficient use of the service provider “underlay” networks (i.e., the physical provider networks that transport end-user communications).

Using SD-WAN, traffic originating at a site can be actively managed based on policies defined by the enterprise. Specifically, SD-WAN allows traffic to be distributed across network connections based on the performance characteristics of the network fabric, matched to the rules (policies) defined by the enterprise. A particular innovation is the ability to establish different policies for different applications or application groups. For instance, IP voice can be handled differently from critical enterprise data, as could sensitive data vs. non-sensitive data.

In the commercial marketplace, SD-WAN is being touted primarily as a means to avoid the high cost of carrying all traffic over an Internet Protocol – Multi-Protocol Label Switching (IP-MPLS) corporate backbone network. In this business model, high-value or sensitive business traffic is routed across the MPLS backbone, while low-value, less sensitive traffic is shunted off locally to an inexpensive Internet Service Provider (ISP). Application of this business model in government, while appealing, faces challenges due to differences between commercial and government practices, especially in the areas of acquisition and security.

Most agencies are in the midst of transitioning their networking solutions to the new 15-year GSA Enterprise Infrastructure Solutions (EIS) contract, and many are being urged by industry to move to SD-WAN quickly. Before doing so, government telecommunications planners must consider the utility and practicality of SD-WAN in their environments, addressing its potential challenges and adapting commercial SD-WAN technologies and services to their operational and mission needs.