Technology Blog

Home » SD-WAN

Category Archives: SD-WAN

Deep-Dive on Azure Edge Zones in 5G Network !


Last month, I have published my below two articles on Azure Virtual WAN and SD-WAN and both describes on how a cloud hosted and migrated application effectively can be accessed by business through an optimized network with a greater performance and with a low latency even from remote sites:

During this discussion, I also touched based on how business can access their cloud hosted application through a nearby available POP/Edge presence and these Edge/POPs are not only available from major cloud service providers such as Microsoft, Amazon and Google but also from a large number of Telcos to align their current and future digital transformation need of edge computing in a 5G network.

In this article, we will discuss on currently how major cloud services providers and telecom operators are jointly working on edge computing services in their 5G network roadmap and then finally will cover the use cases and benefits of Microsoft released edge computing services.

With the rise of 5G network connectivity, there are n numbers of possibilities to deliver immersive, real-time experiences that needs ultra-low latency, and connectivity requirements. 5G sets a new paradigm shift in telecom industry with enhanced mobile broadband up to 10x faster, reliable low-latency communication

Telecom providers partnering with CSP’s for 5G Edge

A large number of telecom operators i.e. AT&T, CenturyLink, Etisalat, NTT Communications, Proximus, Rogers, SK Telecom, Telefónica, Telstra, Vodafone and others have partnered with Microsoft on their effort and plan to make these Azure Edge Zones available to customers for 5G edge networks.

On the other side, SK Telecom, KDDI, Verizon, Vodafone Group and few others operators are also partnered with Amazon Web Services (AWS) to develop its edge computing services through AWS Wavelength on 5G networks. An AWS wavelength will be deployed by its operator partners to provide ability to developers for building applications that serve end-users with single-digit millisecond latencies over the 5G network.

Google is in the same move and partnering with telecom providers such as AT&T, Vodafone and others to harness 5G as a business services platform. To meet this goal, Google Cloud recently announced its Global Mobile Edge Cloud (GMEC) strategy, which will deliver a portfolio and marketplace of 5G solutions built jointly with telecom companies which is an open cloud platform for developing these network-centric applications and a global distributed edge for optimally deploying these solutions. 

Google Cloud also announced Anthos for Telecom, which will bring its Anthos cloud platform to the network edge, allowing telecom companies to run their applications wherever it makes the most sense.

Microsoft Edge Computing Services ‘Azure Edge Zones’

In the end of Mar’2020, Microsoft has announced their edge computing services called “Azure Edge Zones” (currently available in preview), which are designed to provide the cloud resources quickly at carrier’s 5G network and enables data processing very close to end user. With this, business developers now can deploy cloud resources such VMs, containers, and other selected Azure services into Edge Zones to address the low latency and high throughput requirements of applications near to their business locations/sites.

Azure has not released just one service but there are three types of edge zones and these referred to as Azure Edge Zones, Azure Edge Zones with Carrier and Azure Private Edge Zones respectively. Each Edge Zones are connected to Azure’s own network and runs in existing Microsoft network POP/Edge locations where Azure CDNs, Azure Front Door’s and other services are running with an appropriate security control.

With Azure edge zones, Microsoft is gearing up towards to an important telecom industry space which blends the cloud computing with mobile networks and making strength of 5G edge computing for enterprises, IoT, and applications which operates on a very low latency.

In simple terminology, an Azure edge zones are local extensions of Azure services to enterprises which are ideal for solving compute, storage, and service availability problems by allowing business to provide experience-driven resources closer to their locations/sites. Azure edge zones are available through Azure (Azure Edge Zones), with select carriers and telecom operators (Azure Edge Zones with carriers), or as private customer zones (Azure Private Edge Zones).

Azure edge zones overall benefits

As per Microsoft, Azure edge zones provides a rich, seamless customer experience in real time with ultra-low-latency edge compute capabilities. Below are the major benefits of Azure edge zones but not limited to:

Solve edge latency problems with 5G network – Accelerate a quick application and virtualized network function (VNF) deployment to provide a seamless compute, storage, IoT, and container services to business. The low edge latency and high bandwidth of Azure edge zones and 5G networks virtually eliminates the latency concern.

Better application performance and data control – Azure edge zones enable faster access to local Azure services to get granular control of data and better performance by deploying apps at the edge and these apps are such as critical industrial IoT and media services workloads. Development of distributed applications across cloud, on-premises, and edge using the same Azure Portal, APIs, development, and security tools.

Deliver better mobile experiences with 5G network – Provide a better real-time experience for businesses and developers by deploying reliable, latency-sensitive applications, high-density graphics gaming’s on wireless networks with “Azure edge zones with carriers”. An acceleration of IoT, artificial intelligence (AI), and real-time analytics by optimizing, building, and innovating for robotics, automation, and mixed reality.

Boost private edge performance with 5G network – Get the lowest latency possible for any industrial use case through a fully automated service-delivery experience with Azure private edge zones.

Extend your on-premises to Azure by using SD-WAN appliances – By using SD-WAN appliance on the same private edge zone appliance, customer can extend their on-premises networks across multiple branches to Azure. SD-WAN provides seamless branch office connectivity that’s orchestrated from redundant central controllers at lower cost of ownership.

Use Case & Scenarios

It becomes important to understand the specific use cases of each types of released Azure edge zones and for that we will talk about all the use cases on each edge zones separately. Azure Edge Zones and Azure Private Edge Zones deliver consistent Azure services, applications platform, and management to the edge with 5G network by unlocking new scenarios.

As per below Microsoft article –, the typical use case & scenarios for edge zones are available as below:

  • Real-time command, control in robotics,
  • Real-time analytics and inferencing through artificial intelligence & machine learning.
  • Machine vision.
  • Media streaming and content delivery.
  • Surveillance and security.
  • Remote rendering for mixed reality and VDI scenarios.
  • Immersive multiplayer gaming.

Azure Edge Zones

Common applications include distributed apps and public cloud-based business and consumer platforms in industries like retail, media, financial services so typical use cases of Azure edge zones include as below:

  • Gaming and game streaming.
  • Media streaming and content delivery.
  • Real-time analytics and inferencing via artificial intelligence and machine learning.
  • Rendering for mixed reality.

Below figure-1: Azure Edge Zones represents the scenarios of above said use cases by using the Kubernetes, IoT, Azure edge zones services.

Figure-1: Azure Edge Zones

Azure Edge Zones with carrier

5G speed and bandwidth makes ingesting, delivering, and processing data faster and ideal for connected vehicles, mobile platforms and interactive games, high-bandwidth video streaming, and other business-critical scenarios.

Typical use cases of Azure edge zones with carrier include all 4 use cases of Azure edge zones plus two more as below:

  • Connected automobiles.
  • Tele-medicine.

Below figure-2: Azure Edge Zones with Carrier represents the scenarios of above said use cases by using the Kubernetes, IoT, Azure edge zones services, 5G mobile carrier and connected vehicles.

Figure-2: Azure Edge Zones with Carrier

Azure Edge Private Zones

Azure Private edge zones are small-footprint extensions of Azure which are based on the “Azure Stack Edge” platform and are placed on-premises. It enables low latency access to computing and storage services deployed on-premises

With private LTE and 5G speed, high bandwidth, and ultra-lower latency, Azure Private edge zones are ideal for optimizing the performance of connected robotics, big data analytics, mixed reality, and other automation-driven applications.

SD-WAN on Private edge zones also let customer to move from a capex-centric model to a software-as-a-service (SaaS) model to reduce IT budgets.

Private mobile networks enable ultra-low latency, high capacity, and a reliable and secure wireless network that is required for business-critical applications. Private mobile networks enable scenarios such as command and control of automated guided vehicles (AGV) in a warehouse, real-time communication between robots in a smart factory and augmented reality, and virtual reality edge applications.

Typical use cases of Azure edge private zones include as below, all use cases for this service is different except one ‘Real-time analytics and inferencing with AI and ML’.

  • Real-time command and control in robotics.
  • Real-time analytics and inferencing with artificial intelligence and machine learning.
  • Machine vision.
  • Remote rendering for mixed reality and VDI scenarios.
  • Surveillance and security.

Below figure-3: Azure Private Edge Zones represents the scenarios such as command and control of automated guided vehicles (AGV) in a warehouse, real-time communication between robots in a smart factory (industry robotics), augmented reality and surveillance security.

Figure-3: Azure Private Edge Zones

Azure Private edge zone also lets developers to develop and deploy applications on-premises by using the same familiar tools that customer use to build and deploy applications in Azure. Azure also lets customer to below:

  • Run private mobile networks (private 5G, private LTE).
  • Implement security functions like firewalls from various technology partners such as Affirmed, Mavenir, Metaswitch, Nuage Networks from Nokia, Palo Alto Networks, and VeloCloud from VMware.
  • An evolving platform building with customers, carriers, and industry-partners to allow seamless integration and wide selection of Virtual Network Functions (VNFs), including 5G software and SD-WAN

As this Azure Service is new and running under Preview currently, we will have more further use cases and in depth discussion once this service is in ‘general availability’ release.

Rajeev Ujjwal has more than 18 years of transformation delivery experience in cloud computing, infrastructure, directory service, and cyber security with larger global customers. He is a senior cloud consultant and successfully delivered various kind of global project delivery such as greenfield, consolidation, separation and migration. 

Co-existence between Azure Virtual WAN and SD-WAN is shifting a gear in the digital transformation


Last year in November, Microsoft has released a new networking services named as Azure Virtual WAN as a general availability. This is an additional service over existing services such as ExpressRoute, Site-to-Site, Point-to-Site VPN and few more, these earlier services are responsible for connecting or extending the customer on-premises data centre’s or branch office network into azure public cloud.

It’s not only Microsoft and even its major competitors such as Amazon and Google are bringing some major services (may not exactly the same) towards to the similar model. AWS recently launched its Transit Gateway, which is greatly simplifying the process of routing between VPCs and customer on-premises network. Google Cloud Platform too allow for virtual private connectivity on directly into their backbone

Prior we proceed to further have a deep dive into Azure Virtual WAN, Lets go a decade back and discuss about the network connectivity.

Traditional MPLS and IPSec used as a corporate WAN:

Let’s have some light on how widely MPLS along with IPSec VPN networks are/were deployed, particularly in large global enterprises. this was the standard approach for building a on-premises corporate WAN where all customer data centres and branch offices are getting connected and access their business and infra applications to operate their business, sometimes IPsec VPN were used as a backup service and even used for remote sites to connect where MPLS was either too expensive or not feasible.

Not even that, there are physical constraints imposed by the propagation time over large distances, and the need to integrate multiple service providers (including multi-clouds) to cover global geographies, MPLS face important operational challenges, including network congestion, packet delay variation, packet loss, and even service outages.

Current huge demand in digital transformation and it’s modern applications such as, IoT, machine learning, data science, analytics, VoIP calling, videoconferencing, streaming media, and virtualized applications require low latency. Bandwidth requirements are also increasing, especially for applications featuring high-definition video and sudden hike in data growth. It can be expensive and difficult to expand MPLS corporate WAN capability, with corresponding difficulties related to network management and troubleshooting.

The role and importance of cloud exchange providers:

While connecting to Public Clouds, customer has to depends on Cloud Exchange Provider to have established connectivity between On-Premises MPLS and Public Cloud VNet/VPC, in this scenario latency becomes a challenge for business to connect their branch offices/remote sites into public cloud to access their applications. At the same time the data centre connectivity was seamless (via ExpressRoute /DirectConnect) and it’s allowed business to migrate and access their applications into cloud.

In the meanwhile, many players had emerged and have started to offer on-demand global interconnectivity and becomes network hub to reach/connects most of public and private clouds along with on-premises data centres and even terminate these connection into corporate MPLS network. Now, business is allowed to migrate/host their business application based on their choice, flexibility and needs. It’s was the time where customer can host/migrate their enterprise application between multi-cloud service providers and create their seamless hybrid cloud platform but the real business challenges about latency, cost and others for accessing their cloud application from remote sites/ branch offices are still present

Another evolution and revolution in the network landscape:

On the other side, as cloud computing and mobile device has transformed the modern digital workplace, digital transformation is now taking major shift in the networking landscape. the cloud computing has evolved the terminology “as a service” several years back and that becomes mature and reality in the today business.

In the current digital transformation era, the dynamic (on-demand) provisioning and scaling of network capacity and slicing the network resources is now more aligned and satisfying the current enterprise needs. Likewise, the automation has gained the presence in the cloud, the Network-as-a-services (NaaS) has evolved into new phase and becomes a potent technology in a very short period of time.

the virtualized network function (VNF) as a software-based services, software defined networking, network as-a-service and 5G/Edge computing are the emerging trends in the network services, and those are adding another revolution remark in digital transformation industry, in the similar line of software-defined networking revolution, the SD-WAN has emerged and become a new digital transformation pillar which address the traditional MPLS limitation and challenges

SD-WAN simplifies the management and operation of a traditional corporate WAN by decoupling the networking hardware from its control mechanism. This concept is similar to how software-defined networking implements virtualization technology to improve data center management and operation.

A key application of SD-WAN is to allow organization to build higher-performance WANs using lower-cost and commercially available Internet access, enabling businesses to partially or wholly replace more expensive corporate WAN connection technologies such as MPLS

As per research firm Gartner prediction in 2018, by 2023 more than 90 percent of WAN edge infrastructure refresh initiatives will be based on virtualized customer premises equipment (vCPE) platforms or SD-WAN software/appliances

Azure Virtual WAN goes hand in hand with Partner’s SD-WAN/vCPE NVA:

Now we are entering into a new emerge model which is taking the cloud connectivity to the next level where the cloud is moving closer to the business and on other side the business moving closer to the cloud. So, we foresee a new gear shift where the existing MPLS WAN will be transformed to a SD-WAN based network. Precisely, you might have observed a parallel thread is running where all major cloud service providers are building their own network presence globally.

Microsoft, Google and Amazon are rapidly increasing their global network reach and created their own global network backbone and that has large number of PoPs/Edges locations across globe and these are very close to business enterprise. In other words, we will eventually see a compelling alternative to traditional MPLS providers where the connectivity is served directly into the business by cloud service provider. This kind of transition is already witnessed with AWS. AWS now allows the companies to run AWS infrastructure in their own private data centers.

Microsoft Azure Virtual WAN has brought a WAN-centric service to the market last year that brings many networking (utilizing their existing services such as ExpressRoute/Site-to-Site VPN), security, and routing functionalities together to provide a single operational interface. These functionalities include branch connectivity (via connectivity automation from Virtual WAN Partner devices such as SD-WAN or VPN CPE), Site-to-site VPN connectivity, remote user VPN (Point-to-site) connectivity, private (ExpressRoute) connectivity, intra-cloud connectivity (transitive connectivity for virtual networks), VPN ExpressRoute inter-connectivity, routing, Azure Firewall, and encryption for private connectivity.


Initially you might not need all of these Azure Virtual WAN functionalities to start using Virtual WAN. You can simply get started with just one or two, and then adjust further your network as it evolves. The Virtual WAN architecture is a hub and spoke architecture with scale and performance built in for branches (VPN/SD-WAN devices), users (Azure VPN/OpenVPN/IKEv2 clients), ExpressRoute circuits, and virtual networks. It enables global transit network architecture, where the cloud hosted network ‘hub’ enables transitive connectivity between endpoints that may be distributed across different types of ‘spokes’.

The Virtual WAN key promising is the potential for API-based integration with various SD-WAN solutions (various third party such as Cisco Meraki, Citrix, Fortinet, Barracuda Networks, Check Point etc.), that would allow for the encrypted tunnel creation process to be automated. A branch office would connect to their nearest PoPs and this would automatically allow the branch to communicate with the rest of the global WAN.

To have further more insight technical details about Azure Virtual WAN design and architecture, Refer to below article:

Microsoft Azure Virtual WAN – How it’s getting closer to Business!

Rajeev Ujjwal has more than 18 years of transformation delivery experience in cloud computing, infrastructure, directory service, and cyber security with larger global customers. He is a senior cloud consultant and successfully delivered various kind of global project delivery such as greenfield, consolidation, separation and migration. 

%d bloggers like this: