Software-defined WAN is the future of networking, and many enterprises are showing an interest in the technology. IDC has predicted that the SD-WAN market will hit $6 billion by 2020. Rightfully so, because there are so many benefits to be gained through this new approach to wide-area networking.
If you are a network architect who manages a WAN with hundreds and thousands of endpoints, then at some point you will definitely consider SD-WAN. But the question is, “Where to start?” Refreshing the hardware from traditional WAN to SD-WAN is a huge undertaking. First, you have to find the right motivation for an SD-WAN deployment and convert this motivation into a business case. In this article, I'll talk about top drivers for implementation.
One of the best reasons to deploy SD-WAN is to increase bandwidth at the branches. In most cases, enterprises have a large MPLS network that connects all their branches. These MPLS circuits are very costly and increasing the bandwidth at all the branches means spending more money on the WAN. SD-WAN makes it very easy to augment more bandwidth at each branch by using a second broadband circuit or completely replacing the MPLS circuit with a high-bandwidth broadband circuit. This makes adding more bandwidth easy while reducing the cost at the same time. One can also configure SD-WAN to send critical traffic over the MPLS link with more resiliency while sending critical traffic on the broadband circuit.
Replacing old hardware at the branches could be another good motivation. If equipment is old and needs to be replaced anyway, why not consider deploying the new technology of SD-WAN that will provide opportunities for more innovation at the branch? Simply replacing old equipment with new versions of the same won't set you up for the future.
Another goal might be to become transport agnostic. Most SD-WAN products in the market today are transport agnostic and should be able to support load balancing between multiple circuits at a branch. Being able to mix different types of circuits – MPLS, broadband, cable, or even 4G LTE – is helpful for augmenting your bandwidth at the branch sites. SD-WAN can build tunnels on any type of transport, which gives you more flexibility. Since SD-WAN products can load balance between multiple transport circuits, you can effectively get more bandwidth at each branch. This is lot better than traditional WAN, where most of the time there is an active circuit and a backup circuit. In such cases, the backup circuit is often just idle, waiting for the primary circuit to fail, which wastes money.
You might be looking to gain application visibility. SD-WAN technology has the ability to recognize all applications – even homegrown ones – and give priority to critical applications. Architects can configure this according to business requirements. The technology also makes it possible to see how applications are performing and what the user experience is. Routing based on priority protects a critical application's performance if bandwidth is constrained or a circuit goes out, which greatly increases agility.
Yet another reason to consider SD-WAN is for the automation capabilities. With a lot of automation already built in, your ops team can do things more quickly. For example, if you want to make an ACL change on thousands of branches, you can do that in a very short time compared to the traditional way of deploying ACLs at individual branches. SD-WAN automation contributes to cost savings by reducing the time required for maintenance and operations activities.
For many enterprises, security is a key driver for implementing SD-WAN. A big benefit of SD-WAN is the ability to increase segmentation, where each segment can have a different topology. All of your critical or sensitive applications or devices can be in a separate segment. So, for example, if your branches handle credit card transactions or run any PCI or HIPAA traffic, you can isolate this sensitive traffic by keeping it in a separate segment. Many SD-WAN products can create multiple L3 VPNs and have end-to-end segmentation. While many engineers and architects might not agree, I believe the L3 VPN segmentation is a “must have” feature in an SD-WAN solution. SD-WAN can give you the flexibility of having a separate topology per L3 VPN segment, thus increasing security in the network.
Your enterprise might have any or all of these reasons for considering SD-WAN. They all provide significant benefits compared to a traditional WAN and can result in capex and opex reduction. Every enterprise and every network is different. The bigger WAN footprint an enterprise has, the more benefits it can reap from SD-WAN.
Disclaimer: The contents of this blog are the author’s own opinion and do not represent Gap Inc.’s opinion or strategy.