This article was originally posted on SDxCentral on January 15, 2020

IoT and SD-WAN might not sound like they belong together, but ask VMware’s VeloCloud or managed service provider Apcela and you might be surprised by what they have to say. The two companies see SD-WAN as the key to making large IoT deployments manageable at a human scale.

Sanjay Uppal, who co-founded VeloCloud and now serves as the head of VMware’s SD-WAN division, said the expanding scope of SD-WAN has opened the door to several applications that the technology wouldn’t normally be associated with, and IoT is one of them.

“You think of IoT, it’s not just IoT running on a cellular network or IoT running on Bluetooth, you could absolutely run IoT on your enterprise SD-WAN,” Uppal said in an earlier interview. “Just think of that IoT traffic as a new data type that you will steer across the WAN and you can add services to it as it is steered.”

While IoT may not be a new concept, with some companies having been in the business for decades, the rise of IoT to the mainstream is forcing networks to change, said Apcela CEO Mark Casey. “The evolution of IoT requires a more agile and more nimble environment to accelerate it, and for [IoT companies] to accelerate and grow their own revenue.”

According to Casey, SD-WAN not only has the potential to address many of the security concerns associated with IoT, but it can also solve the operational challenges of managing large deployments.

Here, Apcela has some experience. The company has been working with Itron, one of the leading makers of smart water and energy meters, for the past two years.

Is SD-WAN the IoT Security Antidote?

Of all the challenges facing widespread IoT adoption, security is undoubtedly the biggest concern. To this point, Mary O’Neill, VP of security at Nokia, said IoT devices represent just 16% of traffic but account for 78% of the malware on mobile networks.

“If an IoT device today is plugged into the network, and it doesn’t have protection in it, it’s infected in three minutes or less,” she said during a press conference at MWC Los Angeles in 2019.

Opening the edge to all of these devices poses a security challenge that isn’t easy to address, adds Casey. “It’s one of the big things that companies are struggling with.”

He explained that in a traditional architecture maintaining security would involve forcing device traffic back to the data center. “So the ability to process things at the edge, manage security at the edge doesn’t really exist because of this security issue,” Casey said. But that changes when you apply an SD-WAN, he added. “Now we can treat traffic very specifically.”

Itron builds smart meters for all kinds of customers including water and energy companies as well as utilities and municipalities. “SD-WAN enables us to treat those traffic types — all the way down to an individual IoT device — with an independent profile,” Casey said. “We can take a specific device for a specific customer and give that a specific template that allows us to treat it from a security perspective uniquely and it allows us to treat it from an edge processing standpoint uniquely.”

The result is finer-grained control over these massive IoT deployments. “That’s one of the powerful things about software-defined WAN,” he said.

But while SD-WAN may help address IoT’s security challenges, not everyone is convinced it will be enough.

Security is one of the biggest factors limiting IoT expansion,” said Bill Curtis, resident analyst at Moor Insights & Strategy in an earlier interview with SDxCentral. “The bottom line, he said, is that ”IoT securityhas to be built-in, not added on.”

IoT Management on a Human Scale

However, even if SD-WAN can’t fully address IoT’s security challenges, it at least stands a chance to make the networks supporting them more manageable.

Casey explained that SD-WAN enables network programmability and automation. This means that new types of devices can be added to the network without the need for additional backend hardware. “I can just reprogram the software to deal with a new type of IoT device or a new type of IoT traffic,“ he said.

This has the potential to significantly reduce the operational requirements of managing these networks at scale.

Casey said if an IoT company with 100 locations across the United States wants to add a new device, that traditionally would mean someone would have to manually log into 100 routers to change the configuration to accommodate the new traffic.

“With SD-WAN everything is templatized. I can simply enable a template for a new type of IoT traffic or a new customer, and I’m able to immediately deploy that segmentation instantaneously because I have centralized orchestration, and that orchestration pushes the configuration out to all of the edge locations,” he said. “That doesn’t matter whether I have 10, 100, 1,000, or 10,000 [locations].”

Seeing the Problem

But even with the advantages SD-WAN offers in terms of automation and orchestration, there remains a visibility challenge. Just how do you manage a network with the millions or billions of IoT devices that 5G networks promise to enable? Some say the answer is artificial intelligence (AI).

According to Ken Gold, director of test, monitoring, and analytics solutions at EXFO, the implicit complexity associated with massive 5G IoT deployments is only going to make identifying and resolving network anomalies all the more challenging.

He said for most customers, a dropped call or broadband service outage isn’t a big deal. But IoT deployments are less forgiving. And as these deployments march toward large-scale adoption, the need for accurate bandwidth and traffic demands is going to accelerate rapidly.

Gold says machine learning, and eventually AI, has the potential to make these networks more reliable and manageable.

In the near term, Casey sees these kinds of tools as a way to enable network operators to quickly address and resolve performance issues, and perhaps eventually resolve them automatically based on policy.

“The reality is when you have an application performance problem, 80% of the time is spent finding the problem, and only 20% is spent fixing it,” he said.

How can we help? 

We love talking about software-defined networks and the cloud! Let us know if we can help by filling out the form. Cheers!