First of, what is Citrix SD-WAN?
The short answer, it’s virtualization of your current WAN network.
Normally, you would have an internal network, and a Wide Area Network (internet access), and then depending on the size of your company, you could also have several branch offices with their own network setup.
The larger the network, the more complex it becomes to manage.
Maybe several sites need fault tolerance for access to the local datacenter, or maybe your company has moved everything to the cloud and you need to be certain that the services within that cloud is always available, or maybe you have a bit of both, giving you a hybrid setup, where the local datacenter and the cloud has connectivity, as well as your branch sites.
This is where Citrix SD-Wan can come into play.
You may be leveraging multiple internet providers today, maybe you are leveraging MPLS setups etc.
Keeping track of it all, can be hard, and the cost may also be up there when you are looking at the big picture.
This may also mean that you have several ISP’s to communicate with when there are network problems at the ISP side, and this could be a bit of hazzle when things go sideways. You also probably end up with some kind of bound relationship to several providers over a certain amount of time, and the work needed if you choose to change provider may also make it hard to change.
By leveraging Citrix SD-WAN, you can take back a bit of control of your WAN, gaining deeper insights to your WAN, and at the same time gaining a lot more flexibility regarding changes and connectivity across your company network, whether its cloud based or local datacenter with several branches.
By using Citrix SD-WAN, you can make your WAN network intelligent, maintaining high availability all the way up to the application level. This means that you can control the applications traversing the WAN network, ensuring that the business-critical applications always get the quality and bandwidth that they require, in a scenario where all bandwidth is used, rules applies to the critical applications making sure that the less critical applications gets down prioritized until there is free bandwidth available again. Citrix SD-WAN can recognize over 4000 applications in your network.
Fault tolerance for your network can easily be achieved by combining multiple WAN links from any available internet provider, without the need to do to much configuration on the network to get fault tolerance up and running.
This is achieved by combining the available WAN links into a encrypted virtual WAN, this way you can protect the organization from network disruption from failures at the ISP side – assuming you are not using multiple WAN links from the same provider. When one of the WAN links fails, the failover is seamless for the users, as failover in Citrix SD-WAN occurs in milliseconds.
The technology also continuously monitors the quality on the WAN links (latency, jitter etc) , this is done by checking the packets traversing the links – in both directions, if no traffic Citrix SD-WAN will send some packet at regular intervals to check. This makes sure that the application traffic always will use the best available path.
Since the available WAN links are combined into a virtual WAN, you get the flexibility to change ISP to your liking without having to reconfigure the entire network every time. You could also look into removing costly MPLS Links, and rather replace these with cheaper public internet links, as the virtual WAN is encrypted and secure. This gives you the upper hand when negotiating with new or old ISP’s-
Citrix SD-WAN is a 2-sided setup, meaning each location where you want to virtualize your WAN, a physical SD-WAN box, or virtual VPX Appliance is needed. One of the locations will serve as the Master Control Node (MCN), this is where all configuration is done. When you bring a branch location online, you put the cables in the Citrix SD-WAN box, and they reach out to the MCN to get their config, and thereby sets up the link – your location is then up and running and connected to the company network – all over one or several WAN links depending on your configuration.
For those leveraging Hybrid Cloud setups, you can also setup Citrix SD-WAN in the cloud, meaning you could eliminate the need for Expensive Express routes, or VPNS to the Cloud. You could for instance setup something like this.:
The same setup could be used if you are Cloud only, in which case the MCN would be in the cloud.
Citrix SD-WAN also has the possibility to setup dynamic links, this could be useful for branch offices that talk to each other for various reasons. The dynamic links can then automatically be setup directly between the needed branches, so that the network traffic can go directly, instead of going via the HQ and then back out to the other branch, for those that need that setup.
Citrix SD-WAN also has a service called Zero Touch Deployment (ZTD), this is useful for deploying new sites in a quick manor, without the need to send specially trained personnel to setup the location.
Instead, you would send instructions on what to do to a selected individual on that site and send the Citrix SD-Wan box to that location. The instructions would include what cable to put in what hole, and when the box is connected, the box communicates to the ZTD service, which in turn verifies the correct box, and then sends the needed configuration for that site to the box. After a bit of time, the box is connected, and the new location is up and running – with minimal hazzle and effort.
Another unique feature of Citrix SD-WAN is the possibility to aggregate the WAN by leveraging multiple WAN links simultaneously, on a packet level, meaning you would get increased WAN bandwidth at minimal cost.
For instance, when sending a large file over the network, this fills up the network rather fast as the transfer is sent in one session. Citrix SD-Wan has the possibility to put the packets within the transfer session cross multiple WAN links, and then put them back together in the correct order on the other side, before it arrives at the destination, effectively giving you quicker transfers and less congested network – Only Citrix SD-WAN can do this.
For real-rime sensitive traffic, like Skype for Business, VoIP, audio/video, you have the possibility to leverage packet level duplication. This means that the packets gets duplicated and sent over multiple WAN links, the packet that arrives first gets used, the others discarded. This ensures good quality for audio/video for the user, less jitter and lag on audio/video.
The Citrix SD-WAN technology is a truly interesting product, and I’m expecting this to get more and more out there to both organizations, and providers, especially now that more organizations are looking to leverage cloud offerings in a larger degree. The benefits and flexibility the use of a product like this gives you opens up the potential to rethink how you are doing networking today.
So to summarize some of the benefits that Citrix SD-WAN can give you/your customers.
- Better application availability, as you no longer are locked to a single ISP’s infrastructure – as long as you leverage different providers.
- Better availability as you can leverage local ISP’s on locations where internet providers are limited.
- Quickly get new locations up and running and connected to the organizations WAN/LAN.
- More bandwidth at a lower cost, Citrix SD-WAN gives you true bundling of the WAN links on a packet level.
- Insight and control into the bandwidth usage on the application level.
- Ensure WAN quality as the traffic always crosses the best available link in each direction.
- Better quality for real-time traffic by leveraging packet duplication for Skype, audio/video etc.
- Possibility to put QoS rules on an application level as the Citrix SD-Wan sees over 4000 applications, this also includes rules for local and central internet breakout.
- Secure encrypted network across WAN, Citrix SD-WAN also encrypts unsecure links (AES128/256 or IPSEC)
- Full insights into applications delivered via HDX (XenApp/XenDesktop)
- Direct Cloud connectivity for SaaS application like Office 365 from each location.
- Consolidation of network functions on locations . Citrix SD-Wan can also act as Firewall, Routing, DPI based traffic steering, DHCP, etc.
- Centralized Administration for all connected sites.
- Simple deployment without the need for technical expertise onsite when onboarding.
- Easily connect network regardless of locations
- Free choice of ISP.
- Application Aware Firewall.
- Basic TCP optimization is included in all Citrix SD-WAN editions.
Dynamic links between other locations leveraging Citrix SD-WAN.
Other sources if you’re interested in learning more about Citrix SD-WAN
Video showcasing Citrix SD-WAN in action at Citrix Synergy
Senior System Consultant at SERIT, localized in Kristiansund, Norway.
Focused on EUC, security, mobility, virtualization, management and a modern workplace.
Highly specialized around RDS/Citrix/EUC/Mobility, and am also a Citrix Certified Expert.