SD-WAN: The inside scoop from real-world deployments

Enterprise network pros share SD-WAN best practices and lessons learned.

Graphic collage of laptop with international map and networking

Harrison Lewis wasn’t looking for SD-WAN, but he’s glad he found it.

Northgate Gonzalez, which operates 40 specialty grocery stores throughout Southern California, had distributed its compute power for years. Each store individually supported applications with servers and other key infrastructure and relied on batch processing to deal with nightly backups and storage, according to Lewis, the privately held company’s CIO.

Over time, the company’s needs changed, and it began centralizing more services, including HR and buying systems, as well as Microsoft Office, in the cloud or at the company’s two data centers. With this shift came a heavier burden on the single T-1 lines running MPLS into each store and the 3G wireless backup. Complicating matters, Lewis says, rainy weather in the region would flood the wiring, taking down terrestrial-network connectivity.

“It was problematic. We even doubled up on T-1 lines to each location, but it still wasn’t enough. The network had to be a lot more reliable,” Lewis says.

Lewis searched for a suitable – and cost-effective – alternative, researching incremental options that could have increased bandwidth and addressed the company’s security needs. “They all came with a significant price tag,” he says.

In July 2016, Lewis and his team came upon software-defined wide-area networking (SD-WAN), technology that decouples the control plane from the data plane and enables networking groups to control the entire WAN in a centralized manner. Uniquely, SD-WAN supports the use of multiple types of connectivity (such as MPLS, broadband, broadband wireless), offering flexibility and ease of use for organizations with multiple locations.

Lewis thought the technology was too immature to deploy at the time, but he kept an eye on its growth and by late 2017, considered it ready for a proof of production. With the NSX SD-WAN appliance from VeloCloud (VMware acquired VeloCloud in December 2017), he, along with his carrier AT&T, created a test zone at a single store, running the SD-WAN and traditional network side by side. The SD-WAN linked to two broadband connections and 4G wireless as a backup, along with ZScaler for Internet security. He put a similar configuration in the two data centers, which soon proved a viable approach. Today, Northgate Gonzalez has deployed SD-WAN in all 40 stores, with a recent bump to 5G wireless as backup.

The move to broadband and wireless backup increased bandwidth because all three connections can be used interchangeably by SD-WAN, Lewis says. It also decreased monthly connectivity expenses by about 40%. He’s particularly proud of this result, as he is mindful of his fiduciary responsibility to not just keep throwing T-1 lines at the problem. Doing so could have led Northgate Gonzalez to have to raise prices or negatively impacted shareholders. “That just doesn’t make sense if there are alternatives,” he says.

He appreciates SD-WAN’s ability to prioritize traffic in support of business-critical activities, including payments and ordering, allowing them “to take precedence over all else,” and the “somewhat” zero-touch nature of provisioning the appliances. “It doesn’t require a great deal of skill to install the appliance,” he says, adding he leveraged store technicians and help desk members to get the preconfigured appliances up and running at each site.

SD-WAN handles diversity of circuits

Luis Castillo, senior network manager for global network engineering at National Instruments, also was drawn to SD-WAN for its ease of deployment. National Instruments, an Austin-based maker of scientific equipment and software, operates in 50 countries and needed a solution that could handle the complexity of its distributed workflow. Customer service calls and research and development are handled by teams around the world, requiring tight attention to quality of service.

“We were throwing money at QoS toolsets to get classification, packet shaping, queuing, etc. – that was the only way we could maintain a certain quality of service,” Castillo says.

Along with the cost of the toolsets, requirements for bandwidth would climb – as much as 25% or more. “We only got approved for 1% or 2% increases in our annual budget, so the gap kept getting wider,” he says. As bandwidth demands grew, the company began to bump up against issues surrounding availability and the cost of more lines into their offices. “In Russia, a 4M bit/sec [connection] cost $10,000 a month. We couldn’t pay that,” he says.

The global nature of their business also made it difficult to get a single MPLS provider to handle all locations – and some locations, such as Armenia, didn’t have MPLS.

Castillo first began looking for alternatives in 2008, and deemed “performance-based routing,” a precursor to SD-WAN, not good enough to operationalize. “Most of the efforts in those early days didn’t leave the lab,” he says.

When SD-WAN emerged, he connected with Viptela (Cisco closed its acquisition of Viptela in August 2017), and determined the software-driven technology (atop Cisco vEdge routers) to be the best bet to integrate with National Instruments’ environment, especially its diversity of circuits.

Viptela’s zero-touch provisioning was also a draw. “It saved money because we didn’t have to ship engineers

To continue reading this article register now