There is a growing buzz around SD-WAN as a network solution. It brings considerable benefits for some use cases but it isn’t a silver bullet for networking, as our buyer’s guide explains.
The modern business is increasingly likely to have a hybrid cloud strategy in place and a number of staff at remote sites or working flexibly. BYOD (Bring Your Own Device), the Internet of Things and edge computing have all added to the complexity of the modern network environment and increased the number of devices competing for traffic. Connecting file systems, applications and other tools in the most efficient way for the workers who need them is a networking challenge. For many companies, the answer is to use a new kind of network, SD-WAN, alongside the existing one.
In fact, demand is so great that, according to one report, investment in SD-WAN solutions will increase by 60 percent between 2020 and 2026 to a total of $30 billion dollars. Faced with such a trend, it’s easy for companies to convince themselves that they should follow, so as not to miss out. However, while SD-WAN is an ideal solution for some businesses, some companies will be better off taking a different route.
Companies that are considering re-architecting their WAN are often drawn to SD-WAN because it gives the option to increase capacity, improve performance, add new capabilities and enable the use of new technologies. The key is to understand exactly what SD-WAN does and how it fits your needs.
A network solution for the cloud era
Any company that operates on multiple sites will want to connect them using a wide area network (WAN) so that data can be exchanged. These networks are typically managed using physical equipment, such as routers and switches, to pass the data from one machine to another. There are various methods of managing this – a popular one being MPLS, or multi-protocol label switching, which efficiently transfers data between nodes of the network at a guaranteed quality of service and security.
Within the last decade, software-defined wide area networks (SD-WAN) have been growing in popularity, largely driven by the growth of modern applications, such as cloud services, software- and infrastructure-as-a-service applications, video conferencing tools and streaming media. These create an explosion of high-bandwidth traffic on the corporate WAN that the earlier generation of WANs are not designed to manage. SD-WAN can enable the data to flow more efficiently between these applications and their users.
Instead of relying on physical architecture, SD-WAN creates virtual appliances, decoupling the management interface from the physical networking hardware. With older-style networks, the individual access channels are often not being used, or not being used to their full capacity. SD-WAN can create extra bandwidth by accessing the capacity that would otherwise be lying dormant or reserved for backup purposes.
This allows SD-WAN to send network traffic by whatever means is most efficient, whether by using dormant capacity on the WAN or sending data over the public internet. This flexibility usually means the network delivers the low levels of latency demanded by the latest cloud applications. In some instances, this can also be a more cost-efficient way to transfer data.
SD-WAN is intelligent enough to identify traffic passing across the network by application. This has two benefits. First, specific policies can be set on a per-application basis, for example to get the best performance for mission critical applications and throttle traffic for non-essential apps. When policies need to be changed, these changes can be made centrally because of the network’s virtual nature. The SD-WAN controller immediately sends the new policies to every device on the network. This process might take weeks on a traditional WAN because every device must be updated individually, which can often mean sending a technician out to remote sites, but it takes seconds on SD-WAN.
Second, that visibility enables detailed traffic reporting, so that administrators have much greater insight into how the network is being used, which can help to optimise performance and tune the setup of the network. This is vital when businesses are looking to manage their IT spend and improve operating costs.
Delivering flexibility and visibility
Given what we have discussed so far, it makes sense that much of the demand for SD-WAN solutions has come from businesses that are pursuing a hybrid cloud strategy. SD-WAN is an overlay technology that works well for traffic destined for the cloud, but it depends on an underlying connectivity solution, usually MPLS, internet or cellular connectivity. Many businesses are simply using SD-WAN to supplement their existing WAN and provide improved performance for specific applications.
Other businesses are attracted by the greater visibility that SD-WANs provide, so they install them to provide a clearer understanding of activity on their MPLS WAN as well. This gives the best of both worlds: the flexibility and visibility of SD-WAN with the underlying MPLS network still in place as a secure and solid foundation.
One feature of SD-WAN that appeals to many organisations is the potential for ‘zero-touch’ deployment. This allows network equipment to be ordered, shipped to the site where it will be used, then connected to the network. The box then contacts the home server and receives the necessary settings. This is especially useful for companies that need to add an overseas site to their WAN network. Extending an MPLS network internationally is expensive but with SD-WAN the international site can easily become part of the network, without any need for an engineer to visit the site, install the equipment and then configure and test it.
The same benefit applies to a company that is expanding rapidly or that has recently acquired another firm. Adding all these new sites, for example a network of physical stores and warehouses, to an existing MPLS WAN is time-consuming and expensive, but with SD-WAN it can be accomplished quickly and with minimal cost. Just send the boxes out to each site and plug them in to ensure policies and security are consistent across the full estate.
The advantages of a managed service
Some companies that choose to install SD-WAN do so because of the perceived cost savings that come from installing and managing the network themselves, rather than using a managed service provider. The management layer that comes with SD-WAN does simplify the process of controlling the network, which will bring some savings.
In our view, however, installing and managing the network yourself is a false economy because the cost savings will lead to costs elsewhere. Even with a simplified management layer, the physical hardware still needs to be maintained, fixed when it develops a fault and replaced at end-of-life.
The company will need to hire people with experience of installing and managing SD-WAN networks then design the network, source the equipment and handle management and maintenance. This entails multiple contracts, different service levels and separate invoices, which it is usually somebody’s job to manage. When something goes wrong, there may be numerous suppliers to call, each of whom might blame one of the others for the problem.
A managed service, in contrast, means that the business can focus on what it does best and leave network management to the experts. In many cases, any problems that arise will be identified and fixed before the customer is even aware of them. On the rare occasion when something does go wrong, managed services give you one person to call, whose responsibility is to get things working again, as quickly as possible. This can be particularly important for highly regulated industries, such as healthcare and finance, where compliance and continuity of service can be important considerations for how the network is managed.
We would recommend at least talking to a managed services provider before you make a decision on SD-WAN because it might be more cost effective to have the network installed and managed by a third party.
The downsides of SD-WAN
For all its advantages, SD-WAN has two disadvantages that are worth keeping in mind. First, because it makes use of internet-based connectivity, there is no guarantee of quality of service or end-to-end performance. This is acceptable for many use cases but not for some mission critical services. The risk can be mitigated to some extent by carefully prioritising different traffic packets with a well-designed traffic policy.
Businesses need to weigh up the importance of quality of service and guaranteed uptime for their network traffic. In practice, this is another reason why lots of organisations use SD-WAN alongside a private WAN – the two technologies together can create a more resilient network, with greater flexibility.
The second problem is security. This is another consequence of the way that SD-WAN solutions works. Instead of one very secure break out point, which is what a private WAN gives you, SD-WAN deploys the internet to all the company’s sites, which greatly increases the attack surface. Suddenly there are many ways into and out of the network. This can be secured with multiple firewalls but that comes with its own management cost: somebody has to make sure they are operating properly and make sure that security policies are applied consistently to every one.
There are ways around that, however. Redcentric’s managed SD-WAN service, for example, uses equipment from Fortinet, which built its reputation as a security company. Their SD-WAN equipment has enterprise-grade security built-in, with next-generation firewall and end-to-end encryption. This removes the need for separate firewalls, web-filtering tools, anti-malware systems and other technologies to be added later. This approach means that businesses don’t need to worry about getting the right security equipment for their network and ensuring that it is set up correctly.
Making the decision
In summary, SD-WAN is a networking solution that meets many of the needs of a modern business, particularly those around cloud services. It isn’t, however, a replacement for MPLS, so most companies will find that their ideal solution will be a hybrid WAN infrastructure. An SD-WAN overlay can be used to manage traffic across a range of network protocols. Low-cost internet connectivity can handle cloud apps and services, as well as expanding the core network to international locations. MPLS will offer the reliability and security to handle secure, point-to-point transfer for mission-critical applications.
Companies planning to deploy SD-WAN technology will need to carefully assess their current network to determine whether any or all the hardware needs to be upgraded or replaced. Some existing hardware might support SD-WAN as it is, or with only a software upgrade. This is another area where consulting a managed service provider can help because they can conduct a network audit and offer a solution tailored to your specific needs.
That is just one of the reasons why we would recommend that any company considering SD-WAN to get advice from a trusted supplier. These third parties have experienced all manner of use cases and will be able to advise on the best solution for anyone who comes to them. Going with a managed services provider will save time and money for most customers, and bring peace of mind. However, even those that ultimately decide to install and manage their own network will benefit from consultation with an expert third-party.
- SD-WAN is a new type of network that can offer a cheap way to increase bandwidth, an ideal way to expand a network flexibly, and delivers low latency that is ideal for companies that rely on the cloud.
- The technology is particularly useful for companies that have international sites that they want to connect to their network, because MPLS connections are usually expensive in that situation.
- SD-WAN also adds a layer of reporting and visibility to the existing WAN, which can help to ensure that the network is running in the most efficient and cost-effective way.
- It is not as inherently secure as MPLS WAN, so be sure that your solution includes a firewall – possible one at every site on the network, depending on your network architecture.
- It can be tempting to install an SD-WAN yourself, to take advantage of the greatest cost savings, but talk to a managed services provider first, to make sure that this isn’t a false economy.