Digital transformation challenges IT organizations to adapt their operations to rapidly deploy new applications and to provide quality user experience for all applications – data center or cloud-based. The Wide Area Network (WAN) has an important role to play, providing a platform to connect a distributed workforce to mission-critical applications. As the recent COVID-19 pandemic highlighted, the agility of an organization’s network is fundamental to business continuity. To address these needs (and many more), an increasing number of organizations are adopting SD-WAN strategies.
When it comes to understanding SD-WAN, there’s a lot to take in. GTT recently asked me to write a guest post that would help answer the top most important questions. So, whether you’re considering implementing DIY SD-WAN, or if you’re evaluating managed SD-WAN service providers, the purpose of this post is to help you to understand more about SD-WAN. Please enjoy the first of a two-part series. Part two will be published next week.
The SD-WAN Advantage
SD-WAN (Software-Defined Wide Area Network) offers significant advantages to distributed enterprises with branch operations. These include improved business agility, increased application performance, and enhanced security. With the increased popularity of SaaS/Cloud-based applications as well as pervasive IoT deployments, SD-WAN is rapidly becoming the preferred platform for connecting organizations worldwide. It brings with it a range of operational benefits too - rapid provisioning, improved quality of user experience, and better in-branch customer experience to name just a few.
SD-WAN deployments can be complex and difficult to integrate with an organization’s existing network and security infrastructure. As a result, IT organizations of all types and sizes are opting to outsource the challenges of WAN connectivity – and thus driving significant growth in managed SD-WAN services.
It’s important that you carefully evaluate your SD-WAN implementation options. By understanding your specific needs for network scope, application prioritization, reliability, performance, and security, you become better positioned to select the solution that’s right for you.
Finding the right solution for your organization
Doyle Research expects SD-WAN-based offerings to become the standard for distributed organizations over the next five years. There are, however, several key differentiating factors to consider when evaluating competing SD-WAN solutions. These include:
In addition to the factors outlined above, the service provider should also have extensive experience and global capacities to provide customized end-to-end network engineering.
An Introduction to Managed SD-WAN
SD-WAN is a software-based network overlay technology that provides an abstraction for WAN services. It enables service providers to rapidly deploy new hybrid WAN services—for example, internet plus MPLS—with significant improvements in ease of deployment, centralized management, application prioritization, and security.
Managed business service is a model where networking services are fully outsourced to a managed or communications service provider. SD-WAN services reduce the complexity of IT teams and in parallel, enable the full benefits of the technology. The service provider typically provides the hardware, software, and transport services required to deliver connectivity for a number of branches with appropriate service level agreements (SLA’s) such as uptime and performance. Once deployed, the service provider is responsible for the monitoring, management, and security of the WAN service.
The WAN is a key platform for digital transformation as it connects distributed users to cloud-based applications. It must provide continuous operations, security, and low latency. Any disruption of WAN service is likely to impact user productivity, customer satisfaction, and ultimately the profitability (or efficiency) of the organization.
The rapid growth in wide area network traffic (approximately 20% per year) continues to place a strain on communications budgets for many organizations. And in recent times, the COVID 19 crisis has further highlighted the importance of an organization’s wide area network – the ability to maintain business continuity, even during unprecedented disruptive events, is crucial to business success.
In addition, the popularity of software as service (SaaS) has shifted WAN traffic flow from the data center to the cloud (via the Internet). Organizations with traditional WAN architectures now find that they have insufficient bandwidth and that backhauling all cloud traffic to central locations creates unacceptable latency for their cloud applications. Enterprises that depend on communications to their remote sites (e.g. financial services, retailers, and distributed manufacturing companies) are rapidly adopting SD-WAN to provide reliable, secure, high-speed connections to their applications.
The software-based intelligence of SD-WAN provides you with a flexible platform to deliver advanced WAN services. This includes the rapid deployment of new services and branch locations with a “plug and play” architecture, and the ability to leverage high-speed Internet circuits to meet increasing bandwidth requirements with the requisite security.
Improved user experiences, from IT departments to end-users
Quality of user experience is always paramount for IT organizations. SD-WAN technology identifies applications and can apply granular prioritization to make sure critical applications receive the bandwidth they require. Many organizations have found that SD-WAN significantly improves the responsiveness of applications such as Office 365, VoIP, and video conferencing.
SD-WAN enables “zero-touch deployment” where an appliance is shipped to the branch, plugged into AC power, and the Internet and configured remotely by a centralized console. This ease of installation, with the ability to pre-set templates for configuration for dozens or hundreds of branches, provides smooth, rapid SD-WAN installation at any number of branch locations.
Many distributed organizations large and small, across a wide variety of verticals (including retail, restaurants, financial services, health care, manufacturing, transportation, etc.) have experienced the benefits of SD-WAN technology.
Today, many IT organizations are deploying SD-WAN technologies with hybrid WAN architectures. These may or may not maintain existing MPLS connections for secure connectivity from the branch to the data center. By adding one or more Internet circuits (and or 4G LTE links) they can provide additional bandwidth along with direct connectivity to cloud-based applications.
It’s important that you carefully evaluate the wealth of SD-WAN solutions available in the market. Each solution (managed or do-it-yourself) will offer its own specific advantages and disadvantages.
Here are some questions you should ask as you evaluate which SD-WAN capabilities you require:
Doyle Research projects that Internet links combined with the intelligence and security built into SD-WAN will (over time) carry the majority of branch WAN traffic. Wireless 4G/5G services will also play an increasing role.
Application performance is a core requirement for just about every distributed organization. The WAN needs to be highly reliable, secure, and of course, low latency. It must also be agile to deploy, simple to operate, and built for cloud-based applications. To ensure ongoing high performance, the network should be continually monitored and adapted for optimal application delivery and security.
SD-WAN allows for traffic prioritization for critical applications. For example, it identifies real-time traffic (e.g. VoIP and video) and provides prioritized transport to ensure high-quality communications. It constantly monitors the status of each WAN link and can intelligently steer traffic according to WAN traffic conditions, link status, and application priority. SD-WAN management consoles can provide excellent visibility into the status and health of WAN traffic and application performance.
SD-WAN also enables you to set prioritization policies for quality of service for mission-critical or latency-sensitive (e.g. voice and video) applications. It identifies the traffic type (coming to or from the branch) and routes it over the best WAN link to meet its associated policy.
Today’s organizations are adopting a multi-cloud architecture in which applications run on the best platform, regardless of location. SD-WAN technology facilitates this with secure, reliable, and high-quality connectivity to the leading IaaS cloud platforms. To achieve this, it must seamlessly connect users to private cloud, IaaS, and SaaS platforms based on defined business policies and with proactive traffic steering and prioritization.
Numerous SD-WAN technology providers also partner with leading IaaS providers, including Amazon, Google, and Microsoft, to make sure remote traffic headed for the cloud receives priority access. Many now offer direct access to local, edge cloud on-ramps – which accelerates traffic over the cloud providers’ private network.
The reliability of your network is of course a key factor in business continuity. Many organizations lose significant revenues when their network is down. SD-WAN enables traffic to flow over 2 or more independent WAN links. A typical configuration would feature a combination of MPLS, Internet, and wireless 4G services to provide link and path diversity. This provides the redundancy to provide highly available communications for remote branch offices.
Many organizations have implemented dual Internet architectures – which when delivered over diverse circuits – provides highly reliable WAN services. A combination of wired (Internet) links and wireless (4G LTE) can be particularly effective in offering a dependable architecture for smaller branch sites.
Security at the branch presents a challenge for many organizations due to the increased number of devices that must be managed. PCs, tablets, phones, point of sale devices, and IoT endpoints must all be considered. These devices offer opportunities for malware to infect the corporate network and for hackers to access sensitive data. The lack of trained staff at remote locations and the complexity of managing multiple security appliances (e.g. VPNs, IPS, and firewalls) exacerbates branch network security challenges.
SD-WAN provides enhanced security for branch locations and for traffic coming to and from the Internet. It uses packet-based identification to look into traffic flows and to analyze traffic patterns. For example, where is the traffic going to (public cloud or private data center)? Is this a trusted location and what data is being sent? Its security includes advanced firewalls, VPNs and encryption, data loss prevention, content filtering, endpoint identification and management, and policy enforcement capabilities.
Leveraging cloud-based security intelligence
Security integrated with SD-WAN technology enables you to safely leverage (potentially insecure) Internet links. Increasingly, SD-WAN platforms employ cloud-based intelligence to address direct security threats and identify changes in traffic flows that can indicate potential data loss.
Security and networking technology are converging in the Secure Access Service Edge (SASE) – a term coined by Gartner. Over time, SASE will provide an architecture for comprehensive cloud-based networking/security at the edge. In the near term, effective SD-WAN implementation requires additional security within the enterprise infrastructure. This ensures that your corporate security policy is enforced throughout the organization.
Part 2 of this blog post will be published Wednesday, August 19, 2020.
Lee Doyle is the Principal Analyst at Doyle Research, providing client-focused targeted analysis on the Evolution of Intelligent Networks. He has over 25 years’ experience analyzing the IT, network, and telecom markets. Lee has written extensively on such topics as SDN, NFV, enterprise adoption of networking technologies, and IT-Telecom convergence.
GTT connects people across organizations, around the world and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.