SD WAN: Delivering value and cutting through the hype
Tackling three key misconceptions and building a plan
SD WAN is one of the fastest growing segments of the network infrastructure market, with many enterprises already deploying SD WAN solutions to help cope with the increase in data consumption and the ongoing move to cloud-hosted applications and services. As SD WAN becomes more widely adopted, the challenge is to cut through the hype and misinformation to fully understand how or if SD WAN is suitable for your business, and if so then how to go about deploying it.
The move to SD WAN is being driven by the changing network requirements of the modern enterprise. Traditional networks had customer sites and applications residing in either the HQ or a data centre, with simple connectivity requirements that were well served by IP VPN, MPLS and private or public internet. But enterprise applications are now consumed differently which means traditional network infrastructure is no longer suitable or cost effective – traditional WAN architectures weren’t built to support cloud apps. With many enterprises now utilising a multi-cloud strategy, and starting to move more mission critical apps, the network connection becomes even more critical.
One of the first challenges is defining SD WAN, as this can change depending on the vendor or product being promoted at the time. The Gartner definition looks at four key areas; It must support multiple access types to connect a site, it should allow dynamic path selection, it must support zero touch provisioning at a branch and it must support VPNs as well as other third-party services, such as firewalls or WAN optimisation controllers.
We recently asked our customers what they need the most from an SD WAN solution, and the key features they asked for are cloud-based network and security services, closely followed by a centrally programmable network.
Alongside these features, SD WAN brings cost benefits, improved flexibility and gives enterprises more control over their WAN. It reduces the time required to deploy new sites and offers a new level of agility that fits the hybrid cloud model many businesses are exploring. However, the cost aspect can often be overstated and this brings us to the first misconception.
Misconception #1: All internet is the same
One of the most common misconceptions comes from the idea that SD WAN means MPLS can be phased out, instead relying on cheaper internet connectivity. The problem is that all internet is not the same and neither should it always be viewed as a poor relation of MPLS.
MPLS and internet are complementary rather than competitive and, while SD WAN purely over internet can work, it won’t in all cases. Many businesses will need a connection with guaranteed quality of service (QoS) that internet cannot offer. Even using business-grade internet, an SD WAN deployment using this approach will not behave the same as one using a private network and, for many aspects of a business, ensuring quality is key to keeping users happy and essential services online.
We’ve seen people talking about cost savings of over 40% by moving to SD WAN and removing or reducing spend on MPLS connectivity, but good quality internet connectivity (verses cheap broadband) can be expensive and vary dramatically by provider. Premium dedicated internet access comes at a price and it’s important to carefully assess what traffic can be routed where. Meanwhile MPLS will continue to play a vital role for many enterprises who need the guaranteed reliability and latency that internet connectivity can’t offer.
An SD WAN platform will only be as good as the network beneath it and the experience of applications will depend on the network and how it’s been put together. There will always be a demand for both MPLS and Internet for specific connectivity requirements. The question around choosing has to come down to the pros and cons of each, weighed up against the need within the organisation.
For mission critical applications, can you guarantee where the traffic is going and that it’s always secure? Once a clear plan has been established for connectivity, this leads people into the second misconception. So what connectivity mix should you be looking for?
The exact requirements will of course vary by business, but SD WAN will require a network with these simple characteristics:
- It should offer a flexible, repeatable and consistent platform for Advanced Routing and Security
- It should be agile, while at the same time not missing esential functionalities that an enterprise of the future would need
- It should be aware of what is running on the network and it should use that to better drive performance
- It needs to give enterprises flexibility to be in full control
- It needs to keep security at the forefront – did you know where your traffic is going and is it over a single network or using multiple providers to get there?
Misconception #2: All SD WAN is the same
There are a massive range of options in the marketplace for SD WAN and one size does not fit all. Choosing the right approach will depend on the requirements and resources of each business, with significant variation between the different approaches on offer and the work required from the customer. We’ve mapped out the different provider options depending on the network approach and how much customer involvement each requires.
The DIY approach offers the most control along with the biggest risk. It brings the SLA (service level agreement) aspect in-house and means enterprises can either select an SD WAN platform and then find a network to fit, or vice-versa. Enterprises need to be cautious with a DIY approach as it requires having an IT department with the required skills and experience to design and manage their SD WAN solution internally. Part of this would require keeping the network up and running 24/7, which for most businesses isn’t suitable and some organisations under estimate the need for this when selecting this solution.
The OTT (over-the-top) players are often those at the leading edge for technology and this can be ideal for those who will take advantage of the newest features. The risk is they may not have full control over the network element and it may rely purely on internet.
Network Service Providers (NSPs) will likely take a methodical and more steady approach to SD WAN as a service, offering a standardised user experience with more control of data flows. Those with a managed service offering require the lowest involvement from a customer, but at the expense of some control that may be useful in other areas.
“There are a lot of different SD WAN solutions in the market with different capabilities and different level of sophistication as there isn’t a widely accepted SD WAN standard across all service areas.
Some of these solutions are very complex to maintain and implement, potentially requiring in-house expertise available 24/7. Enterprises should consider their requirements and carefully evaluate the best solution, whether that’s a DIY solution or a fully managed network service.”
Peter Coppens, Vice President, Product Portfolio, Colt
Regardless of the approach you choose, a well architected, well executed and delivered network is critical – whether it’s based on private or public connectivity. SD WAN will not cover for a poorly designed network and this brings us to the final misconception.
Misconception #3: SD WAN and SDN are the same
Given the similarity of their names it’s not surprising the two are often mixed up, but while they share a common heritage they are different technologies which address very different business goals.
Both SD WAN and SDN start with the separation of the control and data planes, both can be virtualised and both support Virtual Network Functions (VNFs), but that’s where the similarities stop. SDN was built to support processes inside a Local Area Network (LAN), whereas SD WAN focusses more on the external side, complementing existing networks and enabling connections to public clouds without relying purely on MPLS.
SDN is enabled by Network Function Virtualisation within a closed system, whereas SD WAN addresses application routing and this can be run on a local SD WAN device or virtualised. SDN is usually managed and programmable by the end customer, whereas SD WAN varies depending on the deployment model, for example if you take the Managed NSP route it will be managed by a network service provider rather than in-house.
SD WAN sits within the NFV structure and the ability to virtualise network applications is enabled by Universal Customer Premise Equipment (uCPE). In simple terms this is the smartphone of the networking world, allowing network managers to deploy multiple applications on a single device, whether that’s Firewalls, SBCs, security applications or load balancing, all available as VNFs on a single box.
Rather than dedicated hardware for each application, uCPE gives network managers access to the latest virtualised services from the widest range of suppliers, all on-demand and under end-user control. Costs are reduced with shared commercial off-the-shelf infrastructure, and standardisation enables processes and skillsets to be optimised and streamlined. Once services are running, using virtualised applications makes it easier to manage version control and to update services. For setting up new branch sites, uCPE equipment can be provisioned with zero touch, making it easy for non-technical staff to quickly get offices up and running.
The future of SD WAN
Deploying SD WAN enables a network estate that is application and user behaviour driven, able to ‘morph’ its logical shape to deliver the best service for each application, while minimising risk and offering a standardised user experience anywhere in the world. The rollout of uCPE will bring the ability to virtualise functions that traditionally have required dedicated on-site hardware, with all the associated cost and complications. As enterprise requirements evolve, and as more mission critical applications move to a multi-cloud environment, this flexibility will help CIOs manage the changing needs of the business.
This need for flexibility will drive further innovation, potentially combined with Artificial Intelligence (AI) to automate tasks or spot problems before they occur. A future SD WAN network could use AI to spot problems before they impact users, switching traffic to alternate routes and managing application impact.
Colt’s award-winning SD WAN platform combines the breadth and depth of the Colt IQ Network, with features such as application-based traffic steering, real-time service changes via an interactive customer portal, virtual routing and firewall services enabled via Network Function Virtualisation (NFV).
Security will need to remain a key consideration. Colt SD WAN considers security as an important element of network edge and core. Colt provides an integrated firewall with SD WAN CPE at the network edge. It enables secure local internet breakout from all branch sites and protects them from DDoS attacks. Colt’s SD WAN portal provides customers with the ability to create firewall policies and rules required as per their specific requirements.
Solutions are delivered via universal CPEs, which are now also available on a self-install basis for faster customer delivery. Colt provides a range of network access options including delivery over Colt’s owned fibre network, third party internet and 3G/4G radio access at remote sites, with customers also being able to prioritise traffic using advanced routing techniques.