Cisco Catalyst SD-WAN is an overlay network architecture. It uses centralized controllers to automatically build a mesh of IPsec tunnels over any WAN transport between all network locations and transforms the hardware-centric traditional WAN network into a software-based overlay fabric that is centrally managed, secure, and scalable. 

IMAGE

However, under the hood, nothing in Cisco Catalyst SD-WAN is fundamentally new (or in any other SD-WAN for that matter). What all modern SD-WAN vendors offer differently compared to all existing overlay technologies is the packaging. They took a set of existing technologies and protocols and turned them into a complete product that is ready to consume: one control plane, one management plane, one policy model, one dashboard, one way to onboard sites, one operational workflow (and of course, only one vendor ecosystem: themselves). 

If you zoom out, the building blocks have existed for years. Dynamic overlay tunnels were already around with technologies like mGRE+NHRP, and IKEv2. Segmentation has long been done with VRFs. Encryption has long been done with IPsec. Overlay path steering existed in solutions like PfR, IWAN, and LISP. Even early forms of zero-touch provisioning (ZTP) were around before SD-WAN.

However, in the past, these technologies were components, not a complete product. Nowadays, the network team wants a complete system with clear integration, where everything is pretested by the vendor. They don’t want to stick different components together to get the network functionalities that the business requires.