5 things you need to know about SD-Branch

You might be piloting or upgrading to SD-WAN … but have you heard of SD-Branch? This up-and-coming technology, enabled by SD-WAN, can save time, resources and money — especially as you expand the reach of your networks out to remote branch locations.


SD-WAN is on fire.

An IDG survey indicates the network technology is on a hot streak, with the adoption rate rising from 35 to 54 per cent since 2017 and 90 per cent of enterprises now actively researching, piloting, using or upgrading to SD-WAN.

But wait, here comes SD-Branch! It’s still so nascent we can’t even cite any adoption surveys on it … yet (though we have no doubt a few are in the works as we speak). In the meantime, here are the answers to your top five burning questions about the latest up-and-comer, SD-Branch.

1) What is SD-Branch?

As described by independent analyst Lee Doyle in TechTarget, SD-Branch combines virtualization and software-based networking to “enable new modes of branch networking.” Doyle says it integrates “SD-WAN, routing, network security and LAN or Wi-Fi functions in a platform with centralized and unified management.”

The three main elements of SD-Branch as listed by TechTarget’s Margaret Rouse are:

  • a virtualized Internet protocol services platform “that provides cloud-like elasticity, service chaining and programmability,”
  • various virtual network functions (VNFs) “to deliver extensive networking and security IP services,”
  • “a centralized management framework that allows integrated control, management, analytics and workflow.”

2) How does it relate to SD-WAN?

SD-WAN is a precursor and enabler of SD-Branch.; you can’t have SD-Branch without SD-WAN.

Doyle explains that SD-WAN “provides a network overlay which improves network uptime, provides for application prioritization via quality of service policies (and) offers Internet security and centralized management.” He adds, however, that “SD-WAN needs support in branch offices.”

Why? As Fortinet’s John Maddison told analyst Zeus Kerravala, organizations keep expanding the reach of their networks out to remote locations like branch offices, school campuses, retail stores and hotel properties. Adoption of IoT adds even more devices to this mix, from cash registers and scanners to IoT thermostats.

While SD-WAN improves the functioning of this ecosystem, “SD-Branch extends the benefits of the secure SD-WAN’s security and control functions into the local network,” says Maddison. It does this by “leveraging network access control (NAC) to identify the devices being deployed at the branch and then dynamically assigning them to network segments where they can be more easily controlled.”

3) What are the benefits?

The centralized control enabled by SD-Branch could save enterprises time, resources and money. As Doyle explains in Network World, “(by) using a centralized management console (via SD-Branch), IT teams can control and adjust all of the branch network and security functions. This eliminates the need for IT personnel to visit branch locations, which means big cost savings.”

In TechTarget, Rouse writes that SD-Branch should cut hardware expenditures by “deploying software on consolidated hardware as compared to many separate appliances.” Replacing numerous branch network appliances with one power-efficient SD-Branch platform could also reduce energy consumption and costs, she adds.

4) What about security?

Maddison tells Kerravala that although secure SD-WAN has visibility into secure applications running to and from remote locations, “the applications and workflows running inside those branch offices, schools or retail stores are not being recognized or properly inspected” in a centralized, simultaneous way.

Again, the centralized nature of SD-Branch addresses this by enabling “an integrated security fabric operating through a single pane of glass management system that can see all devices and orchestrate all security policies and configurations,” says Maddison.

5) When should you use it?

Doyle suggests SD-Branch is ideal for new or temporary remote branch locations because it allows “IT organizations (to) rapidly deploy and provision a network branch-in-a-box product.” He believes that, eventually, SD-Branch will become the standard architecture for branch networking.

IDC’s Brad Casemore agrees, calling the shift to SD-Branch “inevitable.” In his estimation, SD-Branch will combine with increased automation and orchestration to result in “a dynamic network-as-a-service (NaaS).”

There you have it. All good information to consider when you finally get surveyed on your plans for SD-Branch, right?

Images: polygraphus/iStock; MF3d/iStock

Comments are closed.