Accelerating Secure Access

Facing a need for secure logins, an Oil and Gas client enlisted BlueSky IT Partners to manage an SSO/IGA RFP. Overwhelmed with other projects, the CIO relied on BlueSky’s expertise to navigate the vendor landscape, streamline the process, and make informed decisions. This collaboration shortened the RFP timeline by 70%, leading to the selection of two previously unknown vendors with the best pricing and solutions.

by | Oct 15, 2020

SD-WAN, or Software-Driven WAN, is shaping up to be a major game-changer in wide-area networking (WAN) for several reasons. SD-WAN combines centralized and policy-driven WAN management with the use of multiple active-branch links and intelligent traffic direction within these links.

It presents a unique opportunity to leverage disparate low-cost internet services with conventional services like MPLS. Such features, among others, are central to SD-WAN’s potential to transform the relationship between IT, WAN, and the entire business.

There’s even more good news; SD-WAN promises to cut WAN service bills by millions. Additionally, it promises to reduce branch-level WAN outages and decrease troubleshooting and repair costs by 90 percent. How? SD-WAN provides cheaper, more transparent, and automatic failover to take over when WAN linkages break down.

This article provides an introduction to SD-WANs and the two major types of SD-WANs that enterprises can adopt. Keep reading for details.

What is SD-WAN?

The old engineering principle is that you can get one or two improvements – cheaper, better, or faster – but seldom all three with a single solution. On occasion, some technologies revolutionize the assumptions and capabilities of existing solutions, therefore delivering all three in one fell swoop.

SD-WAN is one such solution; it changes the assumptions regarding branch connections to the WAN (and the very definition of a ‘branch’) to improve performance, reliability, and agility, all while reducing costs. Making the business case for deployment of SD-WAN should focus on these three benefits, in addition to savings in terms of actual cost decrease and avoidance of expected cost increase.

To understand SD-WAN, you must understand its governing concepts, which are:

  • Abstracting EDGE connectivity – makes all connections to one location one capacity pool that can be used by all services
  • WAN virtualization – overlaying multiple logical WANs within the connectivity pool, and defining each overlay’s topology and behavior according to the specific needs of users, locations, or network services
  • Centralized and policy-driven management – configuring overlay WAN behaviors and implementing them across the entire infrastructure instead of device-by-device
  • Flexible traffic management – optimization of performance and security management needs in various ways, including selective traffic routing based on pre-specified criteria

SD-WANs can provide the above advantages in two key ways, which inform the types of SD-WAN below.

Overlay SD-WANs

New SD-WAN appliances are deployed on the existing router network. They may be placed behind the routers, or replace the routers as branch-to-WAN connections. SD-WAN appliances may also collapse the branch stack by substituting more branch WAN appliances like firewalls and optimizers.

Over a dozen companies are selling physical and virtual SD-WAN appliances; some are made to replace routers, others to stand behind them, while others allow both options. It is critical to evaluate the appliance options against your organization’s specific needs.

Overlay SD-WAN appliances make it easy to add or remove link types and network services providers since their enterprise infrastructure is separate from the WAN connectivity. Overlay types offer maximum agility for connectivity services.

The only downside is the new operational responsibility of managing the SD-WAN solution itself. It is easier to manage than old-school router plants, but it is still a significant responsibility for the IT team.

In-Net SD-WAN

Conversely, in-net SD-WAN ties SD-WAN functionality to the connectivity services. The functions may be availed in the provider’s EDGE and core infrastructure, such that the brand uses traditional routers to connect to the ISP’s closest point. Alternatively, some or all functions may be availed on-premise through appliances managed by the service provider.

In-net SD-WAN may be connected with Network Functions Virtualization (NFV), where distinct functions are offered by separate but collaborating Virtual Network Functions (VNFs). The VNFs are downloaded dynamically to on-premise devices or connected into the traffic path within the carrier infrastructure.

Handing off SD-WAN management to the service provider comes with a trade-off, namely, the loss of autonomy in connectivity. It isn’t as easy to mix and match links from various vendors, so if the provider cannot give connectivity to all your sites, you’ll have a problem.

Similarly, you have limited options regarding diversity in branch, path, or link-type connectivity, e.g., one provider for MPLS and another for the Internet. Your SD-WAN provider must provide for any partnerships with other providers you want to use if you will fold in links from them.

The Bottom-Line

Because there are significant potential savings, it is easy to build the business case for SD-WANs in your enterprise, not counting the other business benefits that result from more reliable connectivity.

Given these impressive advantages, the work, going forward, is cut out for the CIO and his/her IT and networking team. IT teams must evaluate the WAN locations that could use lower rates, more reliability, higher bandwidth, or a combination of these.

Next, model the cost of remaining with your current architecture vis-à-vis moving to an SD-WAN solution. You’ll need to decide which type of SD-WAN is more suited for your organization’s needs. Compare quotes for the two types, and from at least two providers.

b7e7c6f8 1b59 448b 9aca 3774f55400bf
Shared this post