Light trails

Reasons to choose a managed SD-WAN, and some to think twice

When weighing the choice between DIY and a managed service for SD-WAN, consider current WAN conditions, IT skill levels, geographic scope of the WAN, and how much control you are willing to relinquish
(Image: Stockfresh)

13 August 2019

A chain of grocery stores in southern California was launching a fast-paced digital transformation initiative that required a complete revamp of its WAN infrastructure.

It was taking the bold step of eliminating its data centre and moving around 500 servers’ worth of applications and data to the cloud. The old WAN topology of backhauling traffic from each of its 43 locations to a central data centre via two T-1s had to be replaced with a direct, reliable, resilient, secure connection from each individual location to the cloud.Harrison Lewis, CIO and chief privacy officer at Northgate Markets, settled on an SD-WAN deployment. After evaluating the pros and cons of the do-it-yourself (DIY) option versus a managed service, Lewis decided that a managed approach was preferable for multiple reasons, with speed at the top of the list. “We had a compressed timeline,” he says. “We didn’t have the luxury of saying, ‘Let’s take our time with it.”’ 

Another key consideration was the sheer wherewithal it would have taken for his IT staffers to plan, pilot, configure, deploy, troubleshoot and manage the SD-WAN infrastructure at all of those locations. “We were able to leverage the knowledge and skills of someone who had done it before,” Lewis says. While SD-WAN hardware vendors argue that deploying their devices is pretty much plug-and-play, Lewis points out that “there’s a lot to be considered, and it was critically important that we get it right.”




For Lewis, a third key driver in favour of a managed approach was the ability to go beyond core SD-WAN connectivity and order up additional features from the managed service provider, including web content filtering, anti-virus, web firewalls and secure Web gateways.

What is a managed SD-WAN service?

Enterprise adoption of managed SD-WAN has been slowed by the lack of standards and the lack of a clear definition. In response, a global industry alliance called MEF is working to create standardised SD-WAN terminology, service components, reference architectures and a basic SD-WAN service definition. According to MEF, fundamental capabilities of SD-WAN managed services are:

  1. Secure, IP-based virtual overlay network
  2. Transport-independent underlay network
  3. Service assurance for each SD-WAN tunnel
  4. Application-driven packet forwarding
  5. High availability through multiple WAN links
  6. Policy-based packet forwarding
  7. Service automation through centralised management, control and orchestration

Trend lines for managed SD-WAN

Northgate Markets is part of a growing trend of companies moving to SD-WAN via managed services.

Gartner analyst Lisa Pierce points out an interesting dichotomy: Most companies outside the US use managed services for their WAN needs, while the majority of US companies, especially the larger ones, have historically taken the DIY route – but that is changing.

Enterprises that are trying to reduce expenses while also achieving greater WAN agility and performance are increasingly turning to managed SD-WAN services, according to Gartner, which predicts that managed SD-WAN will grow at a compound annual growth rate of 84.7% between 2017 and 2022.

“By year-end 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on virtualised customer premises equipment (vCPE) platforms or software defined WAN (SD-WAN) software/appliances versus traditional routers,” says the latest Gartner report on WAN edge infrastructure. “Evaluate WAN-as-a-service for your next refresh, even if you have traditionally pursued a DIY approach,” the research firm recommends.

New research from Vertical Systems Group likewise finds that the US market for carrier-managed SD-WAN services (this does not include managed SD-WAN provided by systems integrators) is expected to surge to $4.5 billion (€4 billion) by 2023. That figure counts revenue from WAN access services as well as overlay features.

Managed versus DIY

The reasons to adopt SD-WAN itself are pretty clear cut: flexibility, agility, efficiency, centralised management, and better security. With an SD-WAN overlay, companies can slash MPLS costs, optimise WAN traffic on an application by application basis, and enable branch offices to connect directly to cloud services, which translates into an improved user experience and more efficient business processes.

The choice between DIY and a managed service is more complex and depends on a variety of factors, including the state of your current WAN, the types of business pressures that might be driving a switch to SD-WAN, the skill level of IT staffers, the geographic scope of the WAN, and how much control you are willing to hand over to a service provider.

Here are five reasons to choose a managed SD-WAN:

  1. Speed: The managed route is simply faster to implement. Once
    you have identified SD-WAN as a key element of the company’s digital
    transformation efforts and you have received a green light to proceed, the
    business expects to see the benefits as soon as possible. With the DIY
    approach, you essentially have to coordinate two sets of parallel vendors
    selections – one for the SD-WAN gear that you buy and install at branch
    locations and one for the WAN access service that provides cloud connectivity.
    With a managed service, installations can begin right away, as you reap the
    benefit of the service provider’s large and geographically dispersed workforce.
    Plus, the managed service provider does not have the same learning curve that
    internal staffers would face; it has developed a repeatable, standardised
    installation methodology that is not only fast, but also constantly being
    refined based on the shared experience of the service provider’s staff. The
    managed service provider should also be able to avoid or at least minimise the
    normal glitches and configuration errors that typically slow down a complex
  2. Staffing: Does your existing IT staff have the
    skills, the training, and the bandwidth to go around installing new WAN edge
    devices at every location? Even if they do, is that the best use of their time?
    And do you want to assume the ongoing task of troubleshooting, updating,
    monitoring and managing all of these far flung devices? The advantage of a
    managed service is that those headaches fall on the service provider.
  3. Security: MPLS or a site-to-site VPN provides a secure,
    encrypted connection, but once you decide to switch to direct links from branch
    offices to the cloud over the public Internet, security becomes a concern.
    Security can be bundled into an SD-WAN managed service contract.
  4. Management: With a managed SD-WAN, the service provider,
    who controls the entire end-to-end WAN infrastructure, implements the latest
    automated monitoring, management and performance optimisation techniques, down
    to the individual application. In addition, most enterprises are already
    managing too many vendor relationships; a managed SD-WAN means there is only
    ‘one throat to choke.’
  5. Geography: If you have a regional network and can satisfy
    your WAN requirements with a single service provider, DIY is an option. But if
    you have a multi-national, multi-continent network, it makes more sense to
    allow a service provider to work behind the scenes with its international
    partners to stitch together an integrated, global WAN.

However, there are some issues to ponder before signing up for a managed SD-WAN service.

  1. Lack of control: Depending on the industry, the applicable regulations and the sensitivity of data traversing the WAN, handing control over to a third-party service provider could be an issue.
  2. Lack of flexibility: In a DIY scenario, IT staffers can move quickly to respond to changing business conditions, for example a branch office closing or a new one opening somewhere else. Gartner’s Pierce notes that some of these managed service providers are not known for stellar customer service, so that is something to keep in mind.
  3. Lock-in: Typical contracts are in the three- to four-year range, so enterprises need to be really confident that the relationship will work out.
  4. Cost: This one is tricky: the argument that SD-WAN cuts costs because it allows companies to reduce reliance on expensive MPLS links is true. But the calculation between DIY and managed services is far from clear cut. In fact, Pierce cautions that when all the access charges plus add-on security and management services are factored in, companies might not save any money going the managed route.
  5. Lack of standards and definitions: In a recent survey of carriers worldwide conducted by Vertical Systems, 82% of carriers said their biggest challenges associated with managed SD-WAN services were the lack of standardised interoperability between devices from different vendors and the lack of an industry accepted definition for managed SD-WAN.
  6. Lack of standards and definitions: In a recent survey of carriers worldwide conducted by Vertical Systems, 82% of carriers said their biggest challenges associated with managed SD-WAN services were the lack of standardised interoperability between devices from different vendors and the lack of an industry accepted definition for managed SD-WAN.
  7. Managed SD-WAN vendor options
    While analysts are projecting an explosion of managed SD-WAN uptake over the next few years, the market has been somewhat slow in developing. According to Vertical Systems, current market penetration for carrier-managed SD-WAN is only 5% of the total $40 billion (€35.7 billion) market for managed WAN services, which also includes MPLS and site-to-site VPNs.

“Misperceptions about SD-WAN have delayed network purchase decisions and limited market growth,” says Rosemary Cochran, principal and co-founder of Vertical Systems Group. “Migration to SD-WAN is a more complex undertaking than has been pitched to date, particularly for larger enterprises and global networks.”

Cochran adds that it took some time for carriers to build out the internal processes and infrastructure required to offer a new service. But carriers are now all-in on managed SD-WAN. Of course, enterprises also have the option of working with a systems integrator. In addition, going to a managed SD-WAN does not have to be all or nothing; there are hybrid options that allow enterprises to pick up management responsibilities post-installation or to enter into a co-management arrangement.

Northgate and AT&T

In the case of Northgate Markets, AT&T, the incumbent, was almost an afterthought when Lewis was putting together a list of potential vendors. He says he did not think AT&T would respond well to a proposal that called for it to cannibalise its cash cow MPLS service. But AT&T came back with an impressive managed SD-WAN proposal, and Lewis has not looked back.

He has been able to increase bandwidth, boost reliability, improve security and prioritise traffic at the application level. AT&T installed SD-WAN gear from VeloCloud (owned by VMware) and cloud security tools from Zscaler. The installation went “incredibly smoothly,” Lewis says.

And by having two broadband access modes – one wired, one wireless – Lewis has enjoyed uninterrupted service. In fact, he has occasionally received a notice from AT&T that there was a service interruption on the wired network several days prior, but the failover was so seamless that he wasn’t even aware of it and there was no business impact. “That’s a pretty crazy place to be as IT organisation,” Lewis says.

Lewis says he is on track to have the entire data centre moved to cloud platforms by October. “This has opened up a lot of possibilities for us to continue a reduction in expenses, improve resiliency, be able to scale, innovate and differentiate. It has also enabled us to focus in on driving value to our business.”

IDG News Service

Read More:

Comments are closed.

Back to Top ↑