Software-Defined Wide Area Networking (SD-WAN) uses the concept of Software Defined Networking (SDN) to distribute network traffic over a wide area network (WAN). SD-WAN automatically determines the most efficient way to route application traffic between branch offices and data centers based on pre-configured policies.
SD-WAN is managed by a central controller that sends policy information to all connected devices. The software allows network operations teams to remotely program network edge devices using zero-touch or low-touch provisioning. This minimizes, and in some cases eliminates, the need to manually configure routers in branch offices.
SD-WAN Challenges and How to Prepare for Them
Shifting the default SD-WAN connectivity option from a private WAN like MPLS to the Internet is logical. Most businesses have adopted a cloud-first approach for their SaaS, PaaS, and IaaS deployments. The main challenge in choosing an SD-WAN strategy is to find the most appropriate underlay service provider for an organization’s locations. Companies also need to choose between a multi-ISP or single-IP backbone strategy.
Using one IP backbone is a good option for large enterprises with global operations because it contains all traffic within a single autonomous system and keeps the jitter and latency more predictable across its applications. On the other hand, a national network does not usually care about round-trip delays, so it might consider using a multi-ISP strategy depending on specific postcodes.
However, organizations have more considerations aside from network performance. A traditional MPLS-based network operations center typically offers high focus and troubleshooting capabilities, offering end-to-end WAN circuit and edge management. An ISP is not so focused, so the vendor’s responsibility is to manage and troubleshoot connectivity problems.
Whether the IT team adopts a DIY or managed SD-WAN management strategy, it must understand the vendor’s service-level agreements (SLAs) for troubleshooting and monitoring connectivity.
In most cases, the IT team selecting an SD-WAN vendor requires connecting to a major cloud platform like AWS, Google Cloud, or Azure. SD-WAN vendors typically fall into one of the following categories depending on their cloud access capabilities:
- Native cloud access—the vendor’s SD-WAN architecture has a built-in access capability, using the cloud’s backbone infrastructure to connect to branch sites. This option applies to vendors that use the cloud as a global backbone. Cloud gateway architecture deployments are not yet common, but they are useful if the user’s traffic final destination is to connect to the local cloud data center.
- Vendor-provided access—the vendor delivers SD-WAN appliances to a cloud environment via a public gateway or private backbone. This option offers more flexibility in terms of vendor features. Public gateways and private backbones offer more efficient traffic routing than the Internet.
- Customer-provided access—the customer is responsible for deploying the SD-WAN appliances in the local cloud-based data center. This option offers cloud access via a relatively simplified, ad hoc architecture.
Reducing costs is a major reason for many companies to adopt SD-WAN. One of the main selling points for an SD-WAN solution is its ability to meet an organization’s reliability and network performance needs while decreasing its reliance on expensive MPLS circuits.
It is not always easy to quantify the benefits and cost savings of an SD-WAN solution or compare it to the capital expenditure of deployment. However, SD-WAN helps improve the overall network performance and employee productivity, providing fast, easy access to a company’s applications. While these benefits may not be easy to measure, they significantly impact an organization’s performance and profitability.
Organizations often reduce costs by acquiring local site-by-site Internet underlays from the cheapest service providers. The savings are significant when compared to the equivalent costs for MPLS circuits.
Consolidating features is another way to save costs. IT teams can consider vendors offering appliances with built-in SD-WAN, cloud, and SASE vendor access. Consolidation makes SD-WAN easier to use and manage, benefiting the IT teams managing the system with fewer resources.
Choosing the Right SD-WAN Solution
Reviewing WAN/LAN Branch Architecture
Most distributed organizations already have an installed base of WAN and LAN equipment deployed in branch offices. This equipment may include WAN routers, network security equipment like firewalls and IP VPNs, LAN switches, Wi-Fi controllers, and WAN optimization products.
SD-WAN technology integrates with existing WAN/LAN infrastructures, but it usually requires deploying an appliance or server at each branch location to support its own management interfaces.
After migrating to SD-WAN, IT organizations can view and potentially replace existing network equipment in branch offices. For example, with SD-WAN solutions, organizations can completely do away with routers and WAN optimization equipment. SD-WAN can also provide basic network security at the branch office.
Ease in Deployment and Service Provisioning
The ideal deployment scenario for SD-WAN is zero-touch provisioning. This is a popular SD-WAN feature that offers significant cost savings and should be carefully considered with vendors. Zero-touch provisioning means that no special efforts or technical skills are needed to set up and run a new branch location.
With zero-touch provisioning, to connect a new branch office to the Internet and network services, all that is required is to ship a vCPE/uCPE device to the branch office and have employees connect it to the Internet and MPLS. uCPE automatically requests and completes deployment configuration, connecting to the cloud and core networks for service provisioning.
By partnering with vendors that provide other network services, such as application acceleration, path optimization, and security, SD-WAN providers can share information between network services, increasing cost-effectiveness and throughput-efficiency.
Centralized Visibility and Management
SD-WAN solutions should provide a single, central console that provides visibility and control over SD-WAN connection health, quality, and resource allocation. This allows network teams to manage and adjust network service to the needs of local branch offices and the core network.
This console should provide on-premises usage and demand metrics, including connectivity to core networks, cloud infrastructure, and on-premises branch-level networks. It should provide visibility over branch data output, applications that use the Internet bandwidth, QoS Priority performance, and individual link performance.
In this article, I explained the main challenges facing SD-WAN deployments today:
- Underlay provisioning - SD-WAN relies heavily on public Internet connections, raising the risk of unreliable connectivity and service issues.
- Cloud connectivity - there are several models for achieving connectivity to cloud infrastructure, each with its pros and cons.
- Cost reduction - it can be difficult to plan and quantify how SD-WAN saves cost compared to legacy MPLS deployments.
Finally, I shared several points you should consider when selecting an SD-WAN solution, including WAN/LAN branch architecture, deployment and service provisioning, and centralized management.
I hope this will be useful as you evaluate your options for modern enterprise connectivity.