SD-WAN deployment options: DIY vs. cloud managed

Do you have the expertise to deploy SD-WAN yourself?

istock

So you’re ready to deploy an SD-WAN. Now you have a decision to make: Do it yourself or buy it as a managed service?

As the Software-Defined Wide Area Network (SD-WAN) market continues to see substantial growth, the ways that organizations are deploying this technology – and the ways vendors offer to sell it –  are evolving.

+MORE AT NETWORK WORLD: After virtualization and cloud, what's left on-premises? SD-WAN What it is and why you’ll use it one day | IDC: SD-WAN growth is exploding for at least the next five years +

According to Lee Doyle, principal at Doyle Research, there are three major models. At one end of the spectrum is do-it-yourself in which end users install and manage the software and service. At the other end is a completely managed approach in which a provider handles the installation and ongoing support of the deployment. A hybrid option blends the two where the provider manages some aspects of install and management and end users are able to customize the solution based on their needs.

“There’s a real mix right now” of customer attitudes toward deployments," says Ramesh Prabagaran, Sr. Director of SD-WAN at Cisco. How do organizations know which approach is right? He says it depends on their comfort level.

Many of the largest enterprises such as the Fortune 50 still deploy this technology themselves, Prabagaran says.

Mid-size organizations are more of a mixed bag. Some have the expertise to manage the install and ongoing support, while others want some level of help from their provider.

The hybrid option, with managed service providers giving customers the ability to customize certain aspects of the deployment, is growing in popularity. Robert McBride, head of product marketing at SD-WAN software vendor Versa, says this approach allows customers to control aspects such as provisioning of new network connections, setting compliance rules and creating policies around certain applications. Versa, which sells its software to a variety of managed-service vendors and telecommunications providers, enables this through multi-tenancy role-based access controls in the SD-WAN software. This allows a provider to enable customer provisioning of certain aspects of the deployment.

DIY vs. Managed SD-WAN

Deciding whether to self-manage an SD-WAN deployment or consume it as a service comes down to the customer's ability to execute. Does the customer have the staffing in-house to manage the deployment and the resources to re-architecting WAN connections to branch and remote sites? Typically, larger organizations are the ones with sufficient resources, McBride says. Smaller organizations don’t have that expertise and are more likely to consume SD-WAN as a service. Mid-market customers are split between the two approaches.

Capital One's SD-WAN deployment

Capital One has taken a hybrid approach to its SD-WAN deployment, Jason Abfalter, director of technology for Capital One’s retail and direct banking division, told a group at the Open Networking User Group meeting in New York this past fall. The company had recently completed its 75th SD-WAN installation at a branch during the previous five months, and the company is doing at least one new installation per week, sometimes as many as two per day. Capital One is mostly handling this in-house, but it’s been working to plan the installations with Versa, which has also been on-call during the installations to help troubleshoot issues.

Andrew Dugan, SVP of technology planning, network architecture and security for CenturyLink – which offers a managed SD-WAN service – says there are benefits to working with a managed SD-WAN vendor. “Many customers come to us because they’re looking to not only take advantage of SD-WAN, but integrate that more broadly with a suite of network services we can offer,” he says. Customers combine multiple types of broadband connections, private-link MPLS and even mobile or LTE services into their branch offices. A service provider can bundle these services into a consolidated bill, while also providing ongoing maintenance.

McBride says another advantage to working with a service provider is they may have direct connections into public cloud services, either IaaS vendors like Amazon Web Service or Microsoft Azure, or SaaS vendors like Salesforce. It can be difficult for individual organizations to create these connections with cloud vendors directly, unless they go through an interconnection point.

The next wave: SD-Branch

There’s an even bigger trend happening in the industry now, too, that can be thought of as the next evolution beyond SD-WAN. It’s all about creating a software-defined branch (SD-Branch), managing many network functions at the branch office via software. McBride says many customer sites have between six and 10 pieces of equipment to manage the network including routers, wireless access points, firewalls, unified threat management systems and WAN optimization. The purpose of SD-Branch is to consolidate all of these into a single system.

SD-WAN is seen as one of the applications that can be consolidated in an SD-Branch. As customers look to consolidate these multiple branch boxes into a single system, they’ll face similar decisions of doing it themselves or working with a service provider. Just as with SD-WAN, customers' appetite for doing so will depend on the resources they have on-hand to devote to the next wave of branch office virtualization.