Product & Engineering

SD-Branch Configuration: Manage Template Automation, Not CLI Boxes

By Versa Staff

Versa Networks
May 20, 2019

When networks become steeped in complexity, as they are with legacy WANs, the last thing companies need is more manual processes. Tedious and monotonous configurations, and the lifecycle management of many single-function devices, are time-consuming and costly.

This burden not only adds potential risk due to human error, but complicates network operations, managing bandwidth, local breakouts, QoS policies and deployment timeframes. These factors, among others, are driving the need for network virtualization, automation and software that manages network infrastructure based on business policies to accommodate digital transformation initiatives.

An effective way to simplify tedious network configuration tasks and avoid unnecessary manual processes is with template-based SD-WAN configuration vs. traditional CLI hardware administration.

The benefit of an SD-WAN configuration template is having the same relationships applied to multiple branch offices or groups of branches. Pre-defined configuration templates automate many time-consuming and repetitive tasks, and mask complexity by eliminating the need to know every detail about how to achieve a specific task. By simply selecting target elements, the template automatically applies the appropriate configurations.

There are several important reasons to adopt the templated SD-WAN approach but chief among them are: the need for local Internet breakouts to accelerate SaaS application access, offload non-business critical applications and increase site-WAN bandwidth; and integrated NGFW security services (in some cases two layers of policies) for the purposes of uniformly protecting site-to-Internet access and site-to-site traffic, and defining security zones.

Versa Secure Cloud IP Services Platform

The Versa Secure Cloud IP Platform includes four categories of templates that are merged into a single configuration system. The final configuration is centrally pushed by Versa Director to Versa VOS™ (formerly FlexVNF) nodes located within branch offices, co-location facilities or the cloud.

There is no need to build monolithic configurations. Versa SD-WAN templates act as configuration building blocks using small, manageable, modular templates with distinct permissions for different users, which also provides administrators with a mix and match approach to add elements as needed.

Versa features four categories of templates:

Common Template

• Used across multiple devices of the tenant
• Custom applications
•  Gets pushed to all devices
•  Configuration elements include zones, address groups, DHCP option profiles, interfaces, routing instances, SNMP, NTP. Each element can be defined and used across multiple devices.

Device Template

• Built through workflow
• Number of WAN/LAN interfaces
• Number of transport domains

Service Template

• Application service templates
• Service functionality
• QoS, FW, NGFW, service chaining, application steering

Appliance Template

Any configuration that is unique to a specific appliance can be specified here, such as destination NAT, static route, and many more.

Workflows create device and service templates

Versa uses workflows that combine class of service (CoS) and traffic steering within a single service template. The system provides a default application template for popular enterprise applications that are put into the four traffic categories.

Link selection is based on individual SLA requirements (e.g., latency, packet loss and delay). Administrators can easily define SLA-related traffic steering conditions within the same template. Additionally, they can customize an application group, add more traffic categories if required, attach the resulting application template to a device group, and use a cloning tool to duplicate the template.

Service-chaining templates

A VNF catalog library can be easily created within Versa Director, whereby multiple “Service Chain” templates per tenant can be defined. This is accomplished by using a simple drag-and-drop command to define the service chain, for example third party WAN optimization. Relevant service chain templates can be attached to required device groups, and these too can be easily duplicated by using a cloning tool.

Templates that automate configuration allow administrators to easily divide and conquer their network, while achieving operational excellence. Re-using templates improves productivity and streamlines the entire deployment process, while implementing a modular methodology and eliminating configuration errors. Network monitoring and analytics are also enhanced, generating granular dashboards for network availability, application usage, top sites and circuits by bandwidth, top applications and usage, and a global site-to-site geo map.

Versa SD-WAN templates automate network configuration

Any manual changes made to configurations within a network may increase the chance of errors and security vulnerabilities, causing network performance to degrade and even fail. Versa SD-WAN configuration templates provide a centralized, automated management platform for device and service workflows, removing laborious manual tasks, and eliminating the need for unnecessary human intervention. Enterprises benefit from faster and consistently accurate deployments that require much less information input, as the templates include all the necessary configuration elements.