SD-WAN: Demystifying Overlay, Underlay, Encapsulation & Network Virtualization

Following will be more details on the subject, but let’s just get this out of the way first: is a virtual, or overlay, network; the physical, or underlay, network is the one on which the resides. Virtual overlay networks contain nodes and links (virtual ones, of course) and allow new services to be enabled without re-configuring the entire network. They are secure and encrypted, and are independent of the , whether it’s MPLS, ATM, Wi-Fi, 4G, LTE, et al. SD-WAN is transport agnostic―no offense, but it simply doesn’t care about the means of transport you’ve selected.

While the oft-mentioned benefits of SD-WAN include cost savings, ease of management and the ability to prioritize traffic, they also provide many other less mentioned benefits, including:

  • The ability for developers to create and implement applications and protocols more easily in the cloud,
  • More flexibility for data routing through multi-path forwarding, and
  • The easy shifting of virtual machines (VMs) to different locations, but without the constraints of the physical, underlay network.

Overlay networks have been around for a while; in fact, the Internet is an overlay network that, originally, ran across the underlay Public Switched Telephone Network (PSTN). In fact, in 2018 most overlay networks, such as VoIP and VPNs, run atop the Internet.


According to Merriam-Webster, the word encapsulation means “to enclose in or as if in a capsule.” And that’s exactly what occurs in SD-WAN, except the enclosure isn’t a capsule, but a packet. The encapsulation occurs within the physical network, and once the primary packet reaches its destination, it’s opened to reveal the inner, or encapsulated, overlay network packet. If the receiver of the delivered information isn’t authenticated, they won’t be able to access it.

SD-WAN (including SDN) and Network Virtualization are often used interchangeably, but the former is really a subset of the latter. They both, through the use of software, connect virtual machines (VMs) that mimic physical hardware. And both allow IT managers to consolidate multiple physical networks, divide them into segments, and ultimately enjoy easier network management, automation, and improved speed.

Don’t leave your network to chance

WANs and LANs are the lifeblood of IT departments. If you’re considering SD-WAN and would like to enjoy the benefits it can, if deployed optimally, deliver, calling on experienced SD-WAN solutions architects and engineers should be your first order of business. Even though SD-WAN is widely touted as a simple, plug-n-play networking solution, there are many things to consider in addition to those wonderful benefits you’ve been hearing about for years. For instance, the use of multiple software layers can require more overhead, and the process of encapsulation can place additional demands on computing. Yes, there’s a lot to consider.

SD-WAN experts like those at GDT can help lead you down this critically important element of your digital transformation journey. They’ve done just that for enterprises of all size, and from a wide range of industries. You can reach their experienced SD-WAN solutions architects and engineers at They’d love to hear from you.