By trying to keep pace with modern application requirements and service delivery, many organizations are undertaking WAN transformation projects. One transitional approach that has garnered attention over the past couple years is software-defined WAN technology.
At first glance, software-defined WAN marketing touts the benefit of lower WAN costs. While SD-WAN can cut costs, it can also centralize network control and management, ease provisioning for new distributed sites, and use multiple types of WAN transport -- including MPLS for mission-critical locations.
According to a recent Cato Networks' survey of 1,621 global IT employees, SD-WAN's ability to reduce WAN expenses is not the most compelling reason to deploy. Instead, survey respondents said they were evaluating SD-WAN based on its potential to improve internet access for branch offices, address bandwidth requirements and bolster last-mile connectivity.
Currently, most enterprises depend on MPLS VPNs to connect global sites, relying on their security, reliability and performance, according to research firm Frost & Sullivan and its 2019 managed SD-WAN market forecast. When considering SD-WAN deployment, most organizations evaluate how to eliminate MPLS.
But, Frost & Sullivan found that enterprises deploying SD-WAN often use the technology to augment their existing MPLS links with high-speed broadband, instead of completely cutting MPLS. With SD-WAN's centralized control and traffic prioritization, enterprises can create policies to assign certain traffic types to travel over specified links.
While SD-WAN acts as a catalyst for WAN transformation and provides networking benefits, Cato's survey found that 85% of enterprises planned to spend time in 2019 dealing with SD-WAN shortcomings. These plans included the following issues:
- secure internet access from any location; and
- visibility and control into mobile activity, especially for cloud applications.
Respondents also said most SD-WAN options don't fully address important security challenges, such as defending against malware and ransomware or enforcing corporate security policies for mobile users.
Managed SD-WAN services
One way enterprises can address SD-WAN shortcomings is with managed SD-WAN services. Enterprises can use these services to outsource provisioning, management and troubleshooting to managed service providers (MSPs) under service-level agreements. MSPs can select additional network services that address weak points in an organization's chosen managed SD-WAN service -- like WAN optimization, security capabilities or management, for example.
Co-managed and fully managed SD-WAN -- as opposed to DIY SD-WAN -- can eliminate much of the hassle that comes with provisioning new sites, procuring access links and managing distributed locations, especially for enterprises with limited resources. As of 2018, Frost & Sullivan found most enterprises preferred buying a fully managed SD-WAN service, which enabled the MSP to control all aspects of the platform.
In Cato's survey, however, 56% of enterprises said they preferred a co-management approach, which gave the organization some levels of management and control. Most enterprises that opt for co-management choose to delegate troubleshooting duties to the MSP, while specified IT employees in the organization maintain policy management, according to Frost & Sullivan.
According to the Cato survey, 71% of respondents said the biggest issue they faced with managed services was the time it took to resolve problems. This challenge encompassed delayed response times, resolutions and feature upgrades -- all of which could lead an organization to choose a co-managed approach that gives its IT team the ability to tackle certain issues.
Ask the right questions for WAN transformation
As with all networking decisions, IT teams need to determine the unique requirements of their organization and network and research vendor and service provider options. Don't hesitate to ask questions about the service, such as the following:
- How does this managed SD-WAN service connect to SaaS and cloud-based applications?
- How does it detect and fix security breaches?
- Does the service offer bandwidth on demand?