Skip to main content


New-Age Networks Need SD-WAN at the Edge

New-Age Networks

According to Cisco’s Visual Networking Index (VNI), global IP traffic will increase 26 percent year-over-year to a staggering 396 exabytes per month in 2022 (Figure 1). This growth is being driven by smartphones, IoT devices, and other platforms that traditionally haven’t been connected to the internet.

All of these require bandwidth and specialized network services. This is putting stress on existing edge network infrastructure and the enterprises that rely on it, especially as we move toward 5G.

For example, an enterprise or internet service provider may use deep packet inspection (DPI) to analyze public data traffic, either to detect viruses or streamline the flow of network traffic crossing their infrastructure. They may also use a virtual private network (VPN) to support real-time IoT traffic with different quality of service (QoS) and security requirements. Likely, they also leverage firewalls, session border controllers, and so on.

Global IP Traffic according to Cisco’s Visual Networking Index
Figure 1. The Cisco VNI projects a 26 percent increase in global IP traffic through 2022.

Traditionally, specialized hardware appliances were required to support each of these services. Not only is this costly to maintain and difficult to manage, it doesn’t scale with the growth in data traffic and types of applications and services that edge networks now have to support.

Rather than taking a hardware-centric approach to edge network service enablement, an alternative is to deliver these functions in software that runs on general-purpose hardware. This both minimizes the cost and complexity of managing function-specific appliances and also future-proofs network architectures against the demands of more and diverse traffic in the future.

Network equipment providers now champion this software-defined infrastructure through universal customer premises equipment (uCPE) for SD-WAN. Read “SD-WAN and uCPE: Introduction”.

Future-Proof Edge Networks

uCPE for SD-WAN is based on network functions virtualization (NFV) technology, which allows network services to be delivered as virtual network functions (VNFs) on multicore network processors.

As a result, a single uCPE networking platform can be deployed at the edge of a provider network or on-premises at an enterprise facility to deliver dynamic traffic orchestration and management, security, session control, and other services.

This enables use cases like the software-defined branch, where the number and performance of services at an installation are limited only by the availability of processor cores (Figure 2).

Figure 2. uCPE for SD-WAN enables an array of services to be deployed at individual locations at reduced cost. (Source: IDC)

Because this infrastructure is completely software-defined, operators can provide these services as different remotely managed offerings for different enterprise clients, all on a monolithic hardware architecture.

Rather than hosting network functions and critical enterprise applications in a far-off data center, services can be deployed and hosted in uCPE platforms close to the data source. This helps reduce network transmission costs and improves determinism for real-time 5G applications.

Accelerating Platform Deployment for New Edge Networks

General-purpose networking hardware is nothing new, having been deployed in the data center for some time. But many network operators and service providers struggle with the challenge of testing these platforms to qualify their throughput and performance. This can be costly, time-consuming, and delay deployment of SD-WAN infrastructure.

To ensure performance and reduce testing associated with uCPE platforms, Intel® and partners like Advantech have collaborated on Intel® Select Solutions for uCPE (Intel® ISS for uCPE).

Available in Base or Plus configurations, the platforms provide between 4- and 16-core Intel® Xeon® processors, at least 16 GB of memory, at least 256 GB storage, and 4 x 10 GbE ports (Figure 3). Intel® Quick Assist Technology (Intel® QAT) is also supported in the Plus configuration to offload cryptographic procedures from the primary processor cores.

Intel Select Solutions for uCPE
Figure 3. Intel® Select Solutions for uCPE provide a reference platform for SD-WAN network deployments—plus configuration is shown here. (Source: Advantech)

The scalable ISS for uCPE reference platforms provide a baseline set of technology tailored for SD-WAN deployments.

From there, companies like Advantech can offer additional performance in white box solutions such as the FWA-3050 family of networking appliances. But to be branded an ISS for uCPE platform, the systems must pass benchmark testing against minimum performance requirements (Figure 4). These include 100 percent line-rate packet processing performance and up to 100 Gbps encryption.

Intel Select Solutions for uCPE-branded products minimum performance requirements
Figure 4. All Intel® Select Solutions for uCPE-branded products must meet minimum performance requirements, regardless of manufacturer. (Source: Intel®)

On the software side, all ISS for uCPE solutions leverage an open source-centric stack that consists of the Intel® Data Plane Development Kit (Intel® DPDK), Ubuntu Linux, and KVM/QEMU hypervisor.

Users can be confident that they won’t be locked into proprietary solutions, and can minimize the cost associated with retesting specialized software patches or additions to the stack. They can also rest assured that any ISS for uCPE offering delivers standard performance for services like firewalls, encryption, border control, and others.

Advantech, for example, differentiates its FWA-3050 ISS for uCPE networking appliances through BIOS optimizations that allow the software stack to run more efficiently on their hardware (Figure 5). The company also integrates an intelligent platform management interface (IPMI) controller to ease remote system management, maintenance, and upgrades.

Advantech’s FWA-3050 networking appliances
Figure 5. Advantech’s FWA-3050 networking appliances are verified Intel® Select Solutions for uCPE.  (Source: Advantech)

In addition to those features, the company differentiates its FWA-3050 offerings through energy efficiency, additional I/O, and support for a broad ecosystem of software partners whose solutions are also tuned to Advantech hardware appliances.

Cost-Effective Scaling for 5G

As enterprises begin to capitalize on new services enabled by 5G networks, the edge infrastructure will require a refresh. These high-bandwidth, low-latency applications require more network intelligence at the edge, as well as a high degree of flexibility so that infrastructure can adapt to dynamic networking demands on the fly.

This is not possible using current network architectures. Managing and maintaining specialized hardware appliances is not only prohibitive in terms of cost, it also requires expert network engineers and IT personnel to respond in person if equipment fails.

On the other hand, a software-centric approach allows network operators and enterprise application providers to remotely diagnose and respond to faults and minimize downtime.

Because of the flexibility provided by general-purpose uCPE and SD-WANs, service providers can also adapt quickly to new and emerging trends in networking. With ISS for uCPE, they can deploy this infrastructure confidently, knowing their architecture will deliver the performance they expect.

About the Author

Brandon is a long-time contributor to going back to its days as Embedded Innovator, with more than a decade of high-tech journalism and media experience in previous roles as Editor-in-Chief of electronics engineering publication Embedded Computing Design, co-host of the Embedded Insiders podcast, and co-chair of live and virtual events such as Industrial IoT University at Sensors Expo and the IoT Device Security Conference. Brandon currently serves as marketing officer for electronic hardware standards organization, PICMG, where he helps evangelize the use of open standards-based technology. Brandon’s coverage focuses on artificial intelligence and machine learning, the Internet of Things, cybersecurity, embedded processors, edge computing, prototyping kits, and safety-critical systems, but extends to any topic of interest to the electronic design community. Drop him a line at, DM him on Twitter @techielew, or connect with him on LinkedIn.

Profile Photo of Brandon Lewis