Citrix SD-WAN

What’s New

The Citrix SD-WAN release 10 version 2 introduces the following new features and enhancements:

Application centric enhancements

Application QoE:

  • Application QoE is a measure of Quality of Experience of applications in the SD-WAN network. It measures the quality of applications that flow through the virtual paths between two SD-WAN appliances. The Application QoE score is a value between 0 and 10. The score range that it falls in determines the quality of an application.

IPFIX:

  • IPFIX is a collector export protocol used for exporting flow level data for all connections. For any connection, you can view information such as packet count, byte count, type of service, flow direction, routing domain, application name and so on. IPFIX flows are transmitted through the management interface. Most collectors can receive IPFIX flow records, but you can build a custom dashboard to interpret IPFIX template.
  • IPFIX version 10 is supported in Citrix SD-WAN release 10 version 2 and above.
  • You can configure AppFlow/IPFIX on individual SD-WAN appliances or configure it on SD-WAN Center and push the configuration to a group of appliances.

Configuration, Management, and Supportability

SD-WAN Center dashboard GUI:

  • The Virtual Path Summary widget is renamed to Network QoE. It includes a graphical comparison of the overlay virtual path and underlay member paths of the network. You can view the graphs for QoE metrics such as availability, loss, latency, and jitter.
  • The Site QoE widget is introduced. It provides a graphical comparison of the overlay virtual path and underlay member paths of the selected site. You can view the graphs for QoE metrics such as availability, loss, latency, jitter, and throughput.

Change Management process – GUI enhancements:

  • To view or update change management settings, you can now click the gear icon on top-right corner on the change management page.
  • Change management configuration file details are moved to Details section.

For multi-region set-up:

  • Global Site Summary table now provides metrics such as Total Sites, Traffic Impacted Sites, and Staging Sites and so on Each of this table entry is a link which upon clicking provides the full details of all the sites with the chosen filter.

SD-WAN Center scale setup:

  • The SD-WAN Center network summary now displays up to 6,000 sites.

SD-WAN Center diagnostics:

  • The diagnostic utilities, such as Ping, Trace-Route, and PCAP are added to SD-WAN Center for troubleshooting network connectivity issues.

DHCP configuration:

  • An alert notification is raised when DHCP WAN link changes IP subnet on the internet link.

SD-WAN diagnostics:

  • A new diagnostics mode page is introduced. This page allows you to run diagnostics test that helps in understanding SD-WAN deployments in the network. You can test the bandwidth usage, ping, and perform traceroute for the WAN links configured at different sites in the SD-WAN network. It provides information which helps in troubleshooting issues in existing configuration.

Office 365 optimization:

  • The Office 365 breakout policy allows you to specify which category of Office 365 traffic you can directly break out from the branch. This makes it easy to adhere to Microsoft Office 365 Network Connectivity Principles to optimize the Office 365 user experience for branch office workers. On enabling Office 365 breakout and compiling the configuration, a DNS object, application object, application route, and a firewall policy is auto-created and applied to branch sites with Internet service. The Office 365 Breakout Policy settings are available under global settings in the SD-WAN GUI.

DNS Forwarder:

  • You can now use your SD-WAN appliance as a lightweight DNS proxy. DNS requests directed to SD-WAN IP address are intercepted and forwarded to DNS servers. You can configure the DNS forwarder rules on an SD-WAN appliance. These rules are used to filter the DNS requests as per the domain names and forward it to the appropriate DNS servers.

PPPoE:

  • PPPoE allows users to share a common Digital Subscriber Line (DSL), cable modem, or wireless connection to the Internet. PPPoE combines the Point-to-Point Protocol (PPP), commonly used in dialup connections, with the Ethernet protocol, which supports multiple users in a LAN. The PPP protocol information is encapsulated within an Ethernet frame.

  • Citrix SD-WAN appliances use PPPoE to provide support Internet service provider (ISP) to have ongoing and continuous DSL and cable modem connections unlike dialup connections.

  • Citrix SD-WAN act as a PPPoE client. It authenticates with PPPoE server and obtains dynamic IP address, or uses static IP address to establish PPPoE connections.

Bandwidth auto-provisioning:

  • An option to auto-provision shares by considering remote bandwidth is added to configure WAN links. The Set Provisioning using Remote Bandwidth option enables users with large networks and diverse bandwidth configurations to manage bandwidth provisioning for data center sites in a dynamic way.

Block UDP to force ICA to TCP- WANOP:

  • By changing the protocol to TCP, SD-WAN WANOP provides:
  • Compression/DDup benefits.
  • Visibility (local reports and HDX Insight).

The WANOP GUI shows an option to force the session for TCP protocol.

Cloud services in SD-WAN Center

The following add-on services for Cloud Connectivity using Citrix SD-WAN Center are introduced.

  • Citrix SD-WAN and Zscaler help enterprises transform their WAN for cloud migration by providing secure local breakouts to applications and resources hosted on the Internet. New WAN infrastructure technologies such as SD-WAN increase network agility and scale while lowering cost and complexity for an improved user experience in distributed organizations.

  • SaaS Gateway Service - The Citrix SD-WAN SaaS Gateway Service delivers SD-WAN functionality as a service through reliable and secure delivery for all internet-bound traffic regardless of the host environment (data center, cloud, and internet). This improves network visibility and management. It enables partners to offer managed SD-WAN services and business critical SaaS applications to their end customers.

  • SD-WAN Secure Web Gateway to Palo Alto Networks: Global Protect Cloud Service (GPCS). See, SD-WAN Secure Web Gateway.

Platforms, scalability, and deployments

Citrix SD-WAN Center can be installed on the following platforms:

  • Microsoft Hyper-V 2012 R2

Cloud platform:

  • Microsoft Azure Marketplace
  • Deploying SD-WAN Center in newer AWS instances (m4 & c4) is supported.

Maximum number of virtual paths The maximum number of static Virtual Paths for the following platform editions is increased:

  • 2100 SE - 128–256.
  • 4100 SE: 256–553 – can be configured as an RCN with 550 clients and Geo RCN in the region and Geo MCN in the network.
  • 210-SE – 8–16.
  • 410-SE – 16–24.

SD-WAN LTE platform editions:

  • The SD-WAN Center report and the mobile broadband pages for an SD-WAN LTE platform now displays MSISDN and IMSI numbers in Inventory information.

REST API

The following APIs are available:

Configuration:

  • Network Adapters
  • Config Package – Import, Export, Save As

Monitoring:

  • Access Interfaces
  • Virtual Path Services
  • Ethernet
  • Ethernet MAC Learning
  • Intranet
  • Observed Protocols
  • Paths (Detailed)
  • Application Routes
  • Rule Groups
  • Site
  • MPLS Queues
  • WAN Link Usage
  • GRE Tunnel
  • IPsec Tunnel
  • Multicast Group
  • Dynamic Routing Protocol

Configuration editor:

  • App QoE
  • Application Routes
  • DNS Settings
  • Office 365
  • Wan Optimization Application Classifiers and Service Classes
What’s New