Running SD-WAN virtual appliances natively in Azure Virtual WAN

Posted on 16 júlí, 2020

Corporate Vice President, Azure Networking

Today we’re announcing the preview of the new ability to deploy and run third-party Network Virtual Appliances such as SD-WAN natively within the Azure Virtual WAN hubs.

As enterprises increasingly adopt the cloud while reducing their costs, IT teams looking to consolidate, accelerate, or even revamp connectivity models should consider Azure Virtual WAN. Modern enterprises require ubiquitous connectivity between hyper-distributed applications, data, and users across the cloud and on-premises.

Since we announced automated and integrated transit capabilities with Azure Virtual WAN as the first in the public cloud back in 2018, the interest to take advantage of Azure when building or re-architecting branch networks for the cloud has grown fast.

Azure Virtual WAN provides a service architecture to take full advantage of Microsoft's fast global network. Virtual WAN makes it easy to connect Virtual Networks (VNets), Azure ExpressRoute, VPN, and now SD-WAN in "virtual hubs." The connectivity agnostic approach allows full transit between branches, sites, mobile users, and services using Azure's global infrastructure.

Overview diagram of full Virtual WAN architecture

 

Barracuda logo Barracuda is the first Virtual WAN partner to bring the advantage of this deep integration allowing customers to take advantage of SD-WAN (Software-Defined Wide Area Network) to improve performance while taking advantage of existing investments and skills.

Networking trends, typically led by an Internet-first approach, are increasingly leveraging technologies such as SD-WAN to improve performance through intelligent path selection and central policies. They work to eliminate traditional networking backhauls by sending traffic directly from branch to the cloud via local breakouts and allows you to leverage your chosen vendor's path selection and policy management.

Screenshots of portal experiences for Azure and Barracuda SD-WAN integrationWith built-in ease of use, scale, monitoring, and a unified framework for networking and security in a hub and spoke architecture, customers looking to deploy various hybrid workloads can do so quickly in a matter of minutes. Whether you are looking to simplify interconnectivity between internet (VPN) and private (ExpressRoute) users and sites or considering large scale branch/SD-WAN architectures, using Azure Virtual WAN can be the foundation of your solution. The new virtual appliance-in-hub capability will start rolling out to select Azure regions July 20, 2020.  

"Azure Virtual WAN can now be the central network hub for all our traffic and a key pillar in our cloud strategy," said Leon Sevriens, IT Manager, at Humankind, a large organization in the Netherlands that offers daycare and after-school care, with over 3,000 employees and over 450 locations. "The combination of Virtual WAN and Barracuda CloudGen WAN will give us the ability to test a resilient and modern cloud-native network with the performance and security we need for productivity tools, applications and data in the cloud."

 

More capabilities now generally available

In addition to SD-WAN integration, we're happy to announce the general availability of hub-to-hub connectivity, custom routing, Firewall Manager, and several other connectivity capabilities in Azure Virtual WAN.

New Virtual WAN Partners Cisco SD-WAN powered by Meraki and VMware now supporting automation of IPsec connectivity between their branch VPN/SD-WAN devices and Azure Virtual WAN VPN service.

 Virtual WAN partner logos:  Cisco Meraki and  VMware

Hub-to-hub connectivity providing fully meshed virtual hubs.

Custom routing (available August 3, 2020) adding advanced routing enhancements: custom route tables and optimization of virtual network routing.

Virtual Network Transit with 50 Gbps transit speeds between Virtual Networks (VNets) connected with Virtual WAN

VPN and ExpressRoute Transit for seamless interconnectivity between VPN/SD-WAN and ExpressRoute connected sites and users

New VPN capabilities are supporting custom BGP IP (also known as APIPA or Automatic Private IP Addressing) for VPN Site connections.

We want your feedback

We look forward to continuing to build out Azure Virtual WAN and add more capabilities in the future. We encourage you to try out Azure Virtual WAN and its new capabilities and look forward to hearing more about your experiences and work to incorporate your feedback into the product.

Learn more

For additional information, please explore these resources: