SD-WAN Reimagined – 128 Technology

128 Technology LogoMaybe it’s just me. I’ve always felt like SD-WAN was kludgy. Every time I listen to an explanation of how it works, I think of the picture of a mechanic putting duct tape on the wing of an aircraft while passengers sit inside awaiting departure. I imagine sitting in the window seat, watching it take place and asking the questions: “Is that really the best way to fix this problem?” “Are we trusting duct tape to hold the wing together?” and even “Shouldn’t the wing hold itself together?”

Despite having those questions, I hopped onto an aircraft and flew off to a Tech Field Day Exclusive with 128 Technology in July. After arriving, I didn’t think about duct tape once.

128 Technology is a five-year-old company focused on creating the best SD-WAN solution. As a new company, building a new product to answer a specific set of challenges, 128 Technology had an empty toolbox. That also meant they had no baggage to bring with them. It was a fresh start. They could make their solution be anything they wanted it to be.

Sue Graham Johnston introduces 128 Technologies to the Tech Field Day DelegatesAccording to Sue Graham Johnston, “…we decided to reorient networking to focus on the session, we can get rid of about 30 years’ worth of technology workarounds and overlays…” In case you are wondering, yes, that is duct tape she’s talking about.

That one statement piqued my interest, set the stage, and explained much of how their model works. It is simple enough to brilliant.

128 Technology uses a 5-tuple to identify each session: source and destination IPs, source and destination ports, and the protocol. When the session is built between the ingress and egress router, the first packet is encapsulated with 150-200 bytes of metadata to establish the session. After the session is established, no further encapsulation is needed as the ingress and egress routers have all of the data that is necessary. When each packet hits the ingress router, the source and destination addresses are changed until it hits the egress router. (Does this sound a bit like NAT? Because its NAT for SD-WAN.)

That’s their magic: No encapsulation, lower overhead, no need to fragment larger frames to provide space for additional headers, and significant bandwidth savings.

Now that you understand the basics of how 128 Technology builds sessions, it’s also essential to see how they integrate security. After all, this is intended to be an SD-WAN solution where data will traverse the internet.

Here again, there are a few basics to understand. All metadata to establish sessions is encrypted. Unencrypted traffic between Ingress and Egress routers is encrypted with AES128 or AES256. SSL or other encrypted traffic doesn’t need to be re-encrypted, so 128 Technology doesn’t. That reduces latency, complexity, and overhead. The last important piece of the puzzle is that the 128 Technology network operates as a zero-trust security environment. All data sessions must have a service policy created to allow traffic to flow. No service-policy means no traffic.

The last consideration is how to manage the SD-WAN environment. One router in the network is assigned the role of Conductor. All routers and the Conductor run a single code base, ensuring consistency in bug fixes and behavior. The Conductor is not required for configuration or operation but provides a central point configuration of all devices.

When I consider the takeaways from Networking Field Day Exclusive with 128 Technology, one thing jumps out far above the rest. Their focus on simplicity and the most critical part of data networks: the data session. I feel the solution is well thought out, and based on the customers that are using it in production; it seems the execution delivers on their promises.

The only remaining question I have do not relate to their technology at all.

  1. When will 128 Technology be acquired?
  2. Who will acquire them?
  3. Will it be to include them into an existing full-stack solution or acquired to be used by a service provider in their internal networks?

I hope that this will be a product that we can all benefit from as direct customers.

Take time to watch the videos and see if you agree.

128 Technology Networking Platform Overview from Gestalt IT on Vimeo.