A software-defined wide area network (SD-WAN) is a virtual WAN architecture that enables enterprises to rely on any combination of transport services—including MPLS, LTE, and broadband Internet—to securely link users to applications. The technology is increasingly used to connect widely dispersed branch offices and to enterprise networks, increasing application performance, improving business productivity, and reducing IT costs.
Unfortunately, many SD-WAN benefits are lost due to a handful of common deployment mistakes. Here's a rundown of the top pitfalls, all of which can be easily avoided.
1. Selecting the wrong approach
Although SD-WANs are powerful, flexible, and easily adaptable, they can be challenging to design and deploy. When planning an SD-WAN, think about the end-to-end solution and don't focus on the individual technical elements, advised Bart de Graaff, chief commercial officer and managing director of industry trade association ngena, the Next Generation Enterprise Network Alliance.
Selections should not be based purely on technical capabilities. Check out all the available approaches and choose the one that best meets the organization's needs, budget, and technical savvy. "Today there are a couple of co-managed or partially managed solutions," de Graaff observed. "My advice would be to look for a full 'as-a-service' approach to the network, including the SD-WAN capabilities with a high level of automation and intelligence build within the platform, versus trusting the traditional project design phases."
2. Failing to ensure across-the network QoS and QoE
High Quality of Service (QoS) and Quality of Experience (QoE) are critical attributes for an SD-WAN that needs to support voice and/or video. It's important, therefore, to seek an SD-WAN approach that delivers a “fail safe” technology, one offering better-than-MPLS performance for both TCP and real-time applications.
Andy Gottlieb, vice president of SD-WAN solutions at Oracle Communications, advised SD-WAN planners to look for a technology that provides continuous unidirectional measurement of all traffic between any pair of locations and can react on a sub-second basis to network problems. "Technology that can aggregate bandwidth from disparate links [and] supports optional packet replication for delivering 'platinum-quality' VoIP and videoconferencing call quality" is a must, he added.
3. Not fully addressing SD-WAN security needs
Existing network security functions, and how they may augment an SD-WAN, are often overlooked during implementation, observed Matt Kimpel, director of IT engineering for Magna5, a managed IT services provider. "There are many SD-WAN technologies that lack strong security capabilities natively, but boast they can replace existing security functionality," he said. Such claims need to be carefully vetted. "The organization is opening the door to threats if the SD-WAN solution lacks security capabilities, such as next-generation firewall functions," Kimpel noted.
Security lapses can be largely eliminated by careful planning. Some SD-WAN solutions allow organizations to integrate existing security features into SD-WAN functions to expand protection. Plan to keep existing security technologies in place or replace them with fresh added security features that the SD-WAN solution being acquired may not provide, Kimpel suggested.
4. Not completely understanding application requirements
Most end-users are focused on application performance. "If the SD-WAN design isn't optimized for application behavior, deploying it can prove to be a costly mistake," observed Vikram Saksena, CTO of cable markets for Netscout Systems, a network performance management products provider. "In the worst case, the application performance may degrade from their present mode of operation and, therefore, be unacceptable."
Careful analysis of application performance is necessary prior to deployment. "The service dependencies among various microservice segments need to be evaluated and understood so adequate bandwidth and latency policies can be set on the SD-WAN to support the application deployment in a multi-cloud environment," Saksena explained. "Once the SD-WAN is properly deployed, ongoing application performance monitoring is a necessity so that corrective, timely actions can be taken to avoid disruptions in the user experience."
5. Failing to build a detailed action plan
Without creating a clear action plan, a new SD-WAN adopter is likely to run into many costly, yet preventable, issues. Before deployment, it's important to know which sites will be rolled out first, how the new SD-WAN will work alongside the existing WAN, expected performance results, how staff members will be trained, how the deployment will be monitored and managed, and which service provider to use for each traffic scenario, observed John Smith, CTO and co-founder of LiveAction, a network performance management provider. All of these questions should be answered well in advance of deployment.
Without a comprehensive SD-WAN deployment plan, organizations will find themselves with applications that don’t work well, or that don’t work at all. Worse yet, entire sites will always be at risk of losing connectivity due to unforeseen issues. "That’s why having a plan—and backup plans—for SD-WAN is so critical," Smith said. "Make sure there’s someone dedicated to overseeing these initiatives and that this person either develops, or is armed with, a comprehensive SD-WAN deployment plan."