• United States

SD-WAN: 10 essential considerations

Mar 05, 20195 mins

SD-WAN offers cost savings, improved reliability, security and more

sd-wan optimization
Credit: istock

SD-WAN is the hottest new technology in networking and many distributed organizations have already or will soon adopt SD-WAN solutions. Here are 10 essential considerations for IT organizations weighing whether to adopt or expand their SD-WANs. 

The attraction of SD-WAN stems from the fact that it combines multiple physical WAN links into one logical network and provides traffic prioritization to accelerate performance of applications that are deployed in internal data centers and in clouds.

Using network abstraction, SD-WAN improves the economics of branch connectivity by leveraging inexpensive circuits such as the Internet to address growing bandwidth requirements. SD-WAN is an overlay technology that maps new services – application prioritization, security, management – on top of existing physical networks.

Here are 10 essential considerations when evaluating SD-WAN use.

One: Saving money

The economics of SD-WAN is about cost-avoidance and efficiency in regard to expensive WAN links. With average WAN data growth of 20 percent per year, most organizations need more bandwidth for high-speed communications to their remote offices. SD-WAN enables the secure deployment of internet links DSL, cable, ethernet, wireless and other internet links, either in conjunction with or to replace expensive MPLS connections. On average, these internet connections provide two to five times more bandwidth than similarly priced MPLS connections, directly contributing to return on investment for the SD-WAN appliance.

Two: Improving reliability

SD-WAN enables traffic to flow over two or more independent WAN links.  Thus, IT organizations can diversify their WAN connections to ensure more reliable connectivity to their remote offices by contracting with more than one communications service provider. This can be a combination of traditional MPLS providers, cable companies and wireless firms. The intelligence of SD-WAN monitors the links and routes traffic over the most efficient one depending on pre-set policies. Leveraging the corporate wireless phone contract, which typically contain large pools of voice and data minutes, can be a great way to provide low cost WAN backup for remote offices with 4G LTE bandwidth, controlled by SD-WAN.

Three: Traffic identification and prioritization

Most organizations are rapidly moving away from hub-and-spoke WAN connections in which all traffic is backhauled to a central data center, and are moving toward direct point-to-point connections between remote office and the fastest onramp to cloud or SaaS applications. SD-WAN enables IT organizations to set application- and user-driven policies about prioritization and security.  SD-WAN identifies the traffic type coming to or from the branch and routes it directly to the correct data center.

Four: It’s plug-and-play

Most SD-WAN solutions are fairly easy to deploy at remote offices. The SD-WAN hardware appliance is typically shipped to the office, plugged into AC power and WAN connections, then remotely configured by IT, a channel partner or a service provider. All products have a learning curve in terms of setting traffic prioritization, security policies and orchestration practices. SD-WAN solutions should be easy to integrate with existing networking gear and network security products at the branch, but this also may require some work.

Five: SD-WAN products are not interoperable

SD-WAN solutions utilize proprietary code to provide the intelligent overlay that enables hybrid WAN, traffic prioritization, security, management, etc. For the near term, IT organizations should select the SD-WAN solution that best fits their requirements and use pairs of remote and central SD-WAN devices from the same supplier. Organizations can run pairs of SD-WAN appliances from multiple vendors in different parts of their networks, but keep in mind that means learning to manage unique SD-WAN products from each vendor.

Six: SD-WAN enables multi-cloud

Most IT organizations have a mix of internal data centers, applications in public clouds and users accessing SaaS applications. SD-WAN solutions have the ability to recognize and route cloud-based traffic flows.  SD-WAN vendors have partnered with leading IaaS providers to accelerate traffic to and from their local points of presence. SD-WAN solutions recognize the IP addresses of most leading SaaS providers and can route the traffic accordingly.

Seven: Internal security and partnerships

SD-WAN solutions can secure unreliable Internet links and identify anomalous traffic flows. Each SD-WAN supplier has unique methods for providing VPN, firewall, white listing, black listing, encryption, etc. Additional features may include content filtering, end-point management and policy enforcement. SD-WAN solutions need to be interoperable with existing network security products such as next generation firewalls, and most SD-WAN providers offer robust ecosystems of network-security partners whose products integrate with their products.

Eight: Management, automation and network orchestration (MANO)

For most SD-WAN solutions, the intelligence for management, orchestration and automation resides in a centralized data center or in the cloud.  Management, automation and network orchestration (MANO) consoles for centralized IT operators should be highly automated, but this often involves a bit of a learning curve. SD-WAN MANO can also be challenging to integrate into existing network and application management systems, which is a must for fully automated application-performance management.

Nine: Self-managed or managed service

IT organizations can purchase solutions directly from SD-WAN technology providers or purchase managed SD-WAN services from a service provider.  Most organizations will benefit from an experienced channel partner to integrate SD-WAN into networks that include routers, Wi-Fi and network security appliances. Other organizations outsource SD-WAN solutions and WAN connectivity to managed service providers.

Ten: On the road to SD-Branch

The software-defined branch (SD-Branch) leverages the concepts of SDN and network virtualization to package all of the most popular network requirements into a software-based solution running on a unified platform. Its functionality includes: SD-WAN, routing, network security and networking, both Ethernet and Wi-Fi. Many SD-WAN solutions provide the option to expand their functionality, either internally or via partnerships, to fulfill SD-Branch requirements. Thus, IT organizations can rapidly deploy and provision network branch in-a-box solutions. This capability could be ideal for IT organizations with new sites, branch locations that are moving or for branch-refresh projects.

lee doyle

Lee Doyle is principal analyst at Doyle Research, providing client-focused targeted analysis on the evolution of intelligent networks. He has over 25 years’ experience analyzing the IT, network, and telecom markets. Lee has written extensively on such topics as SDN, SD-WAN, NFV, enterprise adoption of networking technologies, and IT-Telecom convergence. Before founding Doyle Research, Lee was group vice president for network, telecom, and security research at IDC. Lee holds a B.A. in economics from Williams College.

More from this author