Using SD-WAN to Optimize Security and Connectivity of Satellite Networks
Satellite networking is an important alternative for connectivity in many critical use cases. It plays a key role, for example, in building a reliable global network that can operate under adverse and challenging conditions commonly referred to as “denied, disrupted, intermittent and limited” (DDIL). This is especially crucial in remote environments such as SCADA, as well as military and defense use cases, which can present challenging conditions such as non-existent wired networks, lack of line of sight and jamming.
Today, multi-orbit and multi-band deployments are reinvigorating energy in the satellite communications industry. Geostationary (GEO) links are reliable and available nearly worldwide, but their poor latency characteristics make them impractical for many applications. Medium earth orbit (MEO) links improve latencies over GEO and have guaranteed bandwidth, making them useful for many enterprise applications. However, due to their orbit track, they are not available close to the Earth’s poles, and they often use Ku bands, which are more susceptible to rain fade. Finally, low earth orbit (LEO) links have proven effective in residential and IoT segments but often fail to provide symmetric connectivity for more robust use cases.
Optimizing Multi-Orbit Satellite Networks
To optimize these multi-orbit satellite networks, end users should deploy intelligent solutions that can leverage available orbits for the appropriate applications to meet the needs of the business. Deploying SD-WAN across multiple multi-orbit satellite links creates a reliable virtual network on top of the physical infrastructure using a software-defined control plane. This control plane abstraction gives administrators greater flexibility over their network traffic by dynamically selecting the best path for a given application in near real-time, based on the performance of each of the links at that time. In order to ensure a suitable satellite link for a given application, SD-WAN also provides the flexibility to quickly move to another satellite link when the SLA performance of the current satellite link degrades.
This article examines some of the important capabilities that network administrators should consider when evaluating an SD-WAN network for use with satellite links.
Quality of service (QoS) is both a science and an art of prioritizing traffic. Network administrators configure classification systems that place the most important traffic in a high-priority queue. When network congestion happens, this critical traffic takes priority. In satellite networks, conditions are changing constantly, so the congestion threshold often changes without notice, making QoS an essential tool to prioritize the most important traffic.
An ideal SD-WAN solution must deliver a flexible, programmable capability to dynamically adapt to real-time network conditions. It also should support automation using open API integration. How can this be done? The RF modem from each of the satellite links signals any detected higher packet drop rate and any associated decrease in available bandwidth.
Traffic engineering enables users to bond multiple satellite connections, delivering increased bandwidth and redundancy. In a multi-orbit scenario, the ideal SD-WAN solution must allow the use of one or all links providing seamless connectivity and failover from one link to another. The solution should also support asymmetric paths, allowing uplink and downlink traffic to be sent through different satellite links. This is useful in situations where a certain link has limitations in one direction, as it allows available links to be fully utilized even if they are hampered in one direction.
SD-WAN solutions that provide advanced monitoring capabilities, including real-time and historical information used for traffic routing decisions, best complement the Traffic Engineering features of a satellite network. Typically, satellite links are part of one segment in a multi-segment network. Having visibility into the end-to-end performance of the entire segment using advanced SLA measurement is a very useful SD-WAN feature for the optimal utilization of the links.
Forward error correction. Despite having multi-orbit redundancies, there can be times when the best available option is a degraded link. An ideal SD-WAN solution must have TCP optimization to help mitigate this issue to some extent, especially for links suffering from high latency or loss. However, this technique does not help UDP-based applications. For UDP traffic, techniques such as packet replication and forward error correction (FEC) must be used. Since these capabilities add to the byte counts sent over these low bandwidth links, the ideal SD-WAN solution needs to support dynamic activation of these features based on network conditions, for example activating FEC on loss above the 7% threshold.
Tunnel-less overlay reducing as much overhead when using a low bandwidth link is important to improving the bandwidth efficiency. When using overlay tunnels, extra bytes in the header carry information about the overlay tunnel, path and security. This overhead can be reduced by implementing a tunnel-less overlay – a critical feature when evaluating an ideal SD-WAN solution to use with satellite links.
Overall, an ideal SD-WAN solution can revolutionize satellite-based communications, particularly for mobility and DDIL use cases. To be effective in satellite network use cases, the solution needs to provide a full stack of security, fully integrated routing and support of the above-mentioned critical features. It must deliver full visibility into security and network events with the ability to automatically execute optimal policies based on application and current network conditions.
Gerardo Melesio, Versa Networks Senior Solutions Architect, contributed to this article.