Do-it-Yourself SD-WANs: No Shortage of Complexity

From vendor evaluations to planning, logistics, and security, many challenges await those attempting to build their own SD-WAN.

istock 931454024

With interest in software-defined wide-area networks (SD-WAN) heating up, companies are facing a key question: can they implement SD-WAN themselves or do they need a service provider to help?

It’s a rather loaded question, with many issues to consider if you elect to go the do-it-yourself (DIY) route. In this post, we’ll examine some of the highest hurdles you’ll have to get over if you decide to DIY; paint a picture of what sort of company may be able to tackle an SD-WAN project; and define who will be better off with a managed service.

Vendor evaluations

The first job in an SD-WAN project is deciding which vendors to go with for equipment, software, and services. That’s a job that’s getting more difficult all the time because so many vendors are jumping into the market, at least claiming to offer SD-WAN wares.

“In 2019, we should expect more managed service providers (MSPs) and edge security vendors to jump into this market, giving companies well over 50 possibilities,” writes Zeus Kerravala, founder and principal analyst with ZK Research, in Network World.

Companies have to examine these players, considering factors such as business longevity and their quality assurance capabilities. “SD-WAN is new, forward-looking technology that relies on software, and software has bugs,” says Mike Lawson, Manager of SD-WAN/NFV Solutions Architecture for CenturyLink. “Be sure to ask how providers certify new code and how they handle patch management.”

Planning, logistics, and app requirements

It’s also important to have a firm grasp on what your existing network looks like, from both physical and virtual perspectives. “What are your configurations and how will you transfer them to the next-generation network?” Lawson says.

The DIY approach also requires a deep understanding of application requirements, and their tolerance for different underlying WAN technologies used in an SD-WAN. You also need to consider your future roadmap, including the extent to which you’ll be using different cloud-based applications and services, Lawson notes.

Deployment, support, and security

Planning the actual deployment can likewise be complex, especially for companies with dozens or hundreds of sites. It’s not just sending routers and other end points to each site, but planning the back-end supporting infrastructure. “What gets underestimated are the control and management planes,” Lawson says. “Where are the controllers located? Where is the single pane of glass for management? That all adds complexity and infrastructure needs.”

Once the network is up and running, companies also need to consider how they’re going to wrap SD-WAN into their existing support model, whether that includes a formal network operations center (NOC) or not.

A move to SD-WAN also changes the architecture of the network, typically moving away from a hub and spoke architecture toward one that enables each site to access the Internet and cloud services directly. “This has a profound impact on cybersecurity because the number of ingress and egress points goes from one to hundreds or even thousands, depending on the number of branch offices,” Kerravala notes, adding that security needs to be “baked into the architecture.”

Best of both worlds

With all these issues to consider, Lawson says larger, global companies with significant IT staff tend to do better with the DIY approach to SD-WAN. Some go the DIY route because they fear losing control and want the ability to make changes on the fly as they please.

But it’s not necessarily an either-or proposition. CenturyLink, for example, can provide SD-WAN as a managed service but still give the customer access to a control dashboard.

“Customers using our platform have the same level of access and tuning ability that our engineers do,” he says. “It’s the best of both worlds.”

Learn more here

This blog is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided "as is" without any warranty or condition of any kind, either express or implied. Use of this information is at the end user's own risk. CenturyLink does not warrant that the information will meet the end user's requirements or that the implementation or usage of this information will result in the desired outcome of the end user.

Copyright © 2019 IDG Communications, Inc.