This blog post is going a bit outside my usual “make sense to the C-Level” slant. I wanted to get in the weeds about reviewing SD-WAN products. We all know that’s where the fun really is!
I have been doing a bit of evaluation on SD-WAN products and their configurations from the network engineer’s perspective. I have looked at numerous vendors’ products, poured over install guides, and dusted off the CLI.
Everyone who knows me can tell you I am a Cisco fanatic. Hands down, I would rather implement a Cisco technology rather than any other vendor by a 1000:1 ratio. I have spent a majority of my career as a network engineer, and the best network devices to configure and troubleshoot have been Cisco.
So, I’ll bet you think I am going to tell you that I absolutely love IWAN. Well, as much as I would like to tell you that, I can’t. It’s cumbersome, and troubleshooting can seriously try your patience.
I configured a sample topology with 3 sites. The data center site contained 3 routers (2 border routers, and 1 master controller). The branch office sites contained 1 router acting as both the MC and BR.
Cisco’s solution relies on DMVPN (Dynamic Multipoint Virtual Private Networks) along with multipoint GRE (mGRE) tunnels. Total configuration time was 1 hour and 5 minutes. Thankfully everything worked as expected and I had a working configuration right away.
This made me think that there had to be an easier way. I reached out to an old contact of mine that was working on SD-WAN technology a couple of years back. I called Kumar Ramachandran, CEO of CloudGenix to see what his company had to offer. He arranged for an ION 7000 and ION 3000 demo unit to be shipped to me. The units arrived a few days later. By that time, the typical “new shiny toy” syndrome was in full effect. I unboxed the units and began to setup a scenario similar to the IWAN lab I setup earlier.
One of the things that surprised me was that there was a small install guide in the box, and not a CD. I stepped through their instructions for setting up each unit. It took me about 10 minutes to configure and test the data center side (this was mainly due to an irresistible urge to look through every tab of the dashboard and immerse myself). The branch office side, which took me about 8 minutes of configuration time really surprised me. Total time spent was under 30 minutes for both. I basically just had to input the subnets and allow for route injection on the connected data center Cisco equipment.
Another surprise was the fact that I didn’t have to deploy a $6,000 router at the branch. The CloudGenix unit fully replaced it. Configuration of policies to route Office 365 out the local internet on the branch side, and configuring VoIP to utilize the MPLS link were simple and policy driven without needing to touch a CLI or configure gargantuan access lists. Now I am just sitting back and watching the data collection analyze the performance of the application traffic across my new SD-WAN.
Kudos to the CloudGenix team for converting even an old die-hard Cisco fan over!