Riverbed's acquisition earlier this year of software-defined WAN business Ocedo has delivered its first fruit, with the launch of the company's SteelConnect product suite.

The company's ambitious hope is to wean customers off the messy business of running routed networks. Instead, gateways at the customer site connect to software defined network (SDN) switches in the cloud, with the SteelConnect Manager running the whole thing.

The product range includes secure WAN gateways, remote LAN switches and access points, and a central cloud-based management console (SteelConnect Manager).

Its good-luck-with-that hope is to displace the Ciscos and Junipers of the world, on the basis that configuring complex IP-based WANs on a device-by-device basis is slow, inefficient and error-prone.

Regional veep Ian Raper told The Register said networks are still connection-oriented rather than application-oriented, and configuration and implementation load, even of a modest network of 50 or so branches, is steep.

“The average enterprise network in Australia / New Zealand has 55 branches,” Raper said. When a router configuration is already hundreds or thousands of lines of code, he said, “changing it takes a lot of effort and time … and there's a lot of opportunity for human error.”

So the SteelConnect suite is a shot at replacing all that with a centrally controlled infrastructure that's managed on a policy basis.

Sales engineering vice president for the Asia Pacific, David Neo, said the aim is to replace the CLI programming that dominates traditional networks.

In a large network, creating a set of router rules that expresses all of a company network's policy can involve “hundreds of thousands of lines of code in each of the routers.”

That, he said, is “slow, difficult and expensive”.

SteelConnect, Neo explained, drives policies around traffic (what users are allowed to do, what applications they use), security, and which POPs in a network connect to which resources.

This is done in a virtual sandbox, in which the sysadmin creates “a shadow network with all the business rules,” applies that to the network after the design is complete and tested.

Neo also noted that policy applies not to IP addresses, but to the user's identity. That, he said, “takes the guesswork out of how the users are experiencing the applications”.

As well as covering the WAN and the remote LANs in an enterprise, SteelConnect has also been enabled in AWS and will add Microsoft Azure later this year. ®