SD-WAN is one of the cloud-managed functions of the Abloomy Cloud Service (ACS), a cloud-based management and orchestration platform that makes the network infrastructure of a distributed enterprise cloud manageable and programmable. Besides SD-WAN, the platform’s cloud-managed functions include Wi-Fi, Routing, NAT, Firewall, NAC, and ITSM. All these functions can be orchestrated from the cloud at any remote site or branch of a distributed enterprise. With zero touch provisioning supported, they work together to digitize and automate branch operations by constructing a performance-assured network infrastructure that connects employees, branches, HQ, DCs, and the cloud, all while ensuring high security, deep visibility, and 100% centralized programmability.
With Abloomy’s smart-edge technologies, all the cloud-managed functions of the ACS can be deployed on a single Abloomy Edge-Controller device as an all-in-one cloud-managed-branch solution. This can greatly simplify the setup and management of a branch office in today’s digital era, and save Capex and Opex at the same time. As one of these functions, Abloomy SD-WAN brings simplicity, programmability and scalability to the WAN infrastructure of a distributed enterprise, makes it fully application-aware, and guarantees the quality and performance of business applications regardless of where they are deployed—at HQ, DCs, or the public cloud. Abloomy’s SD-WAN is one of the most flexible, robust and cost-effective solutions for branch offices on the current market.
Abloomy SD-WAN gateway supports various WAN transport technologies such as MPLS, Broadband, Ethernet and LTE/4G. It also supports Hybrid WAN access modes with multiple concurrent WAN links of these transport technologies. It can be deployed in branch, DC and Cloud either as an appliance or a virtual machine.
ACS (Abloomy Cloud Service), as a public multi-tenant cloud service platform consisting of a group of SD-WAN central controllers (CSP), centrally manages all the SD-WAN devices and policies, also visualizes the performance of each WAN link by continuously measuring and monitoring its packet loss, jitter, and latency.
The Abloomy SD-WAN gateway leverages DPI (deep packet inspection) and real-time performance monitoring of each WAN link to make application-aware, policy-based transport path selections. With unidirectional packet-based measuring and monitoring of the performance of each WAN link, the transport path selection supports flow-based load balancing, packet-based load balancing, and link aggregation—multiple concurrent links can be used to deliver a single application, in order to meet QoS requirements.
Abloomy SD-WAN can automatically set up overlay networks between branches to branches, branches to headquarter, branches to the cloud, headquarter to the cloud. All the SD-WAN devices can talk to each other automatically based on the policies defined on ACS. With ZTP (zero touch provisioning) supported, Abloomy SD-WAN solution is truly plug-and-play.
Abloomy SD-WAN solution uses CA and DTLS/TLS technologies as the foundation to build up control plane, and the same encryption scheme as IPSec to protect data plane. On each SD-WAN gateway, the NG firewall and role-based NAC (network access control) are supported.
The control plane of Abloomy SD-WAN solution uses distributed architecture, ACS is composed of a group of controllers deployed either on-site of the customer or on a public cloud like AWS or Azure. These controllers work in N + N back-up mode as an unified controllers’ pool to ensure zero failure time.