Key considerations for SD-WAN tech selection
Finding the best tech fit starts with evaluating branch WAN bandwidth and application requirementsPrint
3 December 2018 | 0
Software-defined wide area network (SD-WAN) traffic is exploding, and so is the number of technology providers competing for enterprise SD-WAN customers. Here are some key issues to consider as IT pros investigate SD-WAN deployment options and weigh the importance of features such as application prioritisation, multicloud support and integrated network security.
SD-WAN technologies and services are designed to combine multiple physical WAN links into one logical network and provide traffic prioritisation to accelerate application performance. Using network abstraction, SD-WAN improves the economics of branch connectivity by enabling organisations to leverage inexpensive circuits, such as the Internet, to address growing bandwidth requirements. SD-WAN is relatively easy to deploy and manage as it maps new services – application prioritisation, security, management – on top of existing physical networks.
When evaluating SD-WAN options (there are currently more than 30 providers of SD-WAN technologies and services), it’s important to focus on the business value the technology can bring to an organisation. For starters, organisations should review their current and near future requirement for connecting employees (and customers) in remote branch offices to mission-critical applications that reside either in a central data centre or in the cloud. Some initial questions to consider include:
- How many branch locations do you currently have? How many employees are at distributed branches?
- Which applications are mission critical to distributed employees? Where are these applications hosted? (data centre, SaaS, public cloud)
- What are the current WAN bandwidth requirements at each location and how fast is the demand for WAN bandwidth growing? What is your current spending on WAN bandwidth?
- What are your key security requirements at the branch?
Answers to these questions will help IT organisations prioritise the key features and capabilities required of an SD-WAN provider.
Internal deployment vs. managed service
The first strategic choice is deciding what kind of partner you want to deploy and support your SD-WAN architecture.
IT organisations can work directly with the leading SD-WAN technology providers and their channel partners, or purchase a managed SD-WAN service from a service provider. Most organisations will benefit from an experienced channel partner to integrate SD-WAN into their existing branch/WAN infrastructure, which may include routers, WAN optimisation appliances, firewalls and other network security elements. Many organisations will want to outsource SD-WAN technology and related bandwidth decisions to a managed service provider.
Organisations that plan to implement an internally developed (non-managed) SD-WAN solution need to examine several key issues for deployment. These include a review of their branch WAN/LAN architecture, WAN bandwidth requirements and providers, and, of course, selecting an SD-WAN technology.
Determining WAN bandwidth requirements
On average, an organisation’s WAN bandwidth requirements are growing at approximately 20% per year. SD-WAN enables the deployment of hybrid WAN, which employs two or more distinct WAN circuits to increase available bandwidth and improve reliability. Most organisations leverage SD-WAN to add inexpensive Internet bandwidth to their existing MPLS links. Selecting WAN services from multiple service providers with diverse fibre connectivity can provide insurance against WAN outages. IT teams should also evaluate the potential to leverage 4G LTE links as backup for their remote branches.
Reviewing WAN/LAN branch architecture
Most distributed organisations have an installed base of WAN and LAN equipment already deployed at their branch locations. This gear may include WAN routers, network security (such as firewalls and IP VPNs), LAN switches, Wi-Fi controllers and WAN optimisation products. SD-WAN technology generally integrates well with existing WAN/LAN infrastructure, but it does typically require organisations to deploy another box (appliance or server) at the branch location and has its own unique management interfaces. Migration to SD-WAN offers IT organisations the ability to review and, in some cases, replace existing network equipment at the branch. For example, some SD-WAN solutions allow organisations to forego the need to deploy routers and WAN optimisation gear. SD-WAN can also provide basic network security at the branch.
After evaluating their WAN requirements, considering WAN bandwidth options, and reviewing their branch network architecture, IT organisations are ready to select from the numerous SD-WAN technology suppliers. Key product features that should factor into any evaluation include: traffic prioritisation, multicloud support, ease of deployment, centralised management, network security, and partnership ecosystem.
Traffic prioritisation via SD-WAN
SD-WAN enables application prioritisation and traffic load balancing to ensure critical applications use the best link available. SD-WAN solutions can recognise most leading applications and provide preset levels of prioritisation. IT organisations can adjust these settings as required over time.
Remote and branch users typically access applications in a variety of cloud locations, including the internal data centre, IaaS (AWS and Azure) and SaaS (Salesforce and Office 365). SD-WAN solutions need to understand the location and security requirements of traffic coming to and from the Internet. SD-WAN providers are working with leading IaaS and SaaS providers to offer streamlined access and improved performance for specific applications/platforms.
SD-WAN ease of deployment
All SD-WAN suppliers position their products as being easy to deploy in remote locations, and this is critical for distributed organisations without IT personnel at their branch offices. SD-WAN products should be plug-and-play with WAN circuits and remote configuration. They should also be easy to integrate with existing network equipment (router, for example) and network security products (such as firewalls) at the branch.
SD-WAN architecture places much of the “intelligence” for management in centralised data centre or cloud-base locations. SD-WAN products should be highly automated and easy to manage. They should adjust to changing WAN traffic conditions and application requirements. SD-WAN products also need to integrate with existing network and application management systems.
SD-WAN technology includes the ability to secure unreliable Internet links and identify anomalous traffic flows. Most SD-WAN products provide basic firewall capabilities as well as content filtering, endpoint identification and management, and policy enforcement capabilities. They employ packet identification to understand traffic flows – determining, for example, if the traffic is going to or coming from a trusted location or cloud-based service.
SD-WAN providers continue to broaden the technology capabilities of their solutions, but many organisations will continue to require SD-WAN to integrate into their installed network and security solutions. SD-WAN solutions must easily integrate into your existing network security paradigm, and most suppliers have created (and are expanding) the list of integrated network security partners. SD-WAN suppliers are also partnering with Wi-Fi technology providers to offer SD-Branch solutions.
SD-WAN has emerged as must-have technology for many distributed organisations. It offers significant benefits in terms of increased bandwidth (for less money) and improved application prioritisation, and it helps to enable a multicloud environment. IT leaders implementing SD-WAN should carefully evaluate their branch WAN bandwidth and application requirements. SD-WAN needs to fit seamlessly into existing branch network and security systems. Selecting the “right” channel or managed service provider is always critical for any complex technology decision – and SD-WAN is no different. Many service providers offer fully or partially managed (outsourced) SD-WAN solutions.
There is a tremendous range (dozens) of technology suppliers to choose from when selecting a specific SD-WAN product – from very large suppliers to innovative start-ups. IT leaders should evaluate their unique branch networking and application requirements and select the SD-WAN supplier that best meets their current and near future requirements. Longer term, IT organisations should consider the integrated capabilities of SD-Branch architectures to simplify branch IT operations.
IDG News Service