SD-WAN services are starting to hit the market. Are they right for your organization?
When we first started evaluating SD-WANs, the market was pretty straightforward. You had a few appliance (virtual and hardware) providers, a service provider and that’s about it. Today, more than 30 vendors deliver some kind of SD-WAN.
Mind boggling? A bit, but we can help. There are three categories of SD-WAN offerings today. You can buy SD-WAN equipment (and software) and do it yourself (DIY), subscribe to an over-the-top (OTT) SD-WAN service, or have your SD-WAN bundled with a carrier network, such as MPLS or Direct Internet Access (DIA). We’ll look at each one of them. The video below is the overview of one Service Provider’s SD WAN Offering.
One of SD-WAN’s major selling points is the freedom from carrier commitment. There’s no carrier lock-in, no maintenance windows, and no service delays. If you have a problem with your MPLS service, there’s not much you can do, assuming there’s no violation of the service-level agreement (SLA). (And even then, there’s often not much that can be done). However, with DIY SD-WANs you can just switc
The downside? Be ready to take on the heavy lifting involved with building any WAN. Vendor research and selection is complicated by the range of vendors and offerings. To make matters worse, sales and marketing people tend to blur the lines between “slideware” and shipping features. Preliminary vendor selection based on accurate product information will dramatically shorten, simplify and reduce the costs of selecting an SD-WAN vendor.
For example, one SD-WAN provider recently told Steve’s customers that they could manage their SD-WAN entirely through the vendor’s graphical management interface. The customer was thrilled to get away from CLIs and was ready to move forward with the implementation. We explained to the IT manager that while the provider’s SD-WAN product is robust, at least two more software cycles would be required before the pretty management interface could, in fact, meet all of their needs. They would still need commands for certain functions.
You’ll also need the engineering talent to build the SD-WAN. What traffic do you want to keep on your existing network and which do you want to send over the internet? How should you configure traffic management policies? What security measures need to be implemented? Answering those questions and more requires a deep understanding of application performance, network security, and network engineering. And then, having built out your SD-WAN, you’ll face numerous operational challenges, most notably the provider management issues that we explored in our previous blog post.
Don’t get us wrong. DIY SD-WANs are a powerful approach to re-envisioning the WAN. It’s just that while DIY SD-WANs dramatically simplify and improve the WAN, their deployment still requires good engineering. Plug and play isn’t quite as simple as it looks on a vendor video. While large enterprises will have the engineering talent to make the transition or can command the attention of SD-WAN supplier, smaller business often lack both. But some suppliers will do the initial configuration for you, which is a good thing.
System integrators can be a resource, providing the necessary network assessment and implementation services. Be sure that they understand the nuances of SD-WANs and can be objective. All too often, integrators will advocate for the vendors they carry, not your needs.
OTT SD-WAN services
The second problem with DIY SD-WANs is that they continue to rely on the internet. While internet stability and performance has improved dramatically over the years, the reality is that the internet is still an unmanaged service. DIY SD-WANs try to maximize stability, uptime and performance by selecting the best-performing path from multiple connections, ideally from different service providers for availability purposes. But being subject to internet performance can still be a challenge, depending on the location of your offices, business needs, and application requirements.
OTT SD-WAN service providers address the performance and complexity challenges of DIY SD-WANs. Rather than relying on the internet end to end, OTT SD-WAN providers use their own core networks. Last-mile access is provided by the local internet provider, which carries traffic between the provider’s points of presence (PoPs). OTT SD-WAN providers claim to locate PoPs within 30ms of most major commercial areas, marginalizing the performance impact of the internet.
By providing SD-WAN as a service, enterprises are freed from the design and management hurdles of DYI SD-WAN. And by using internet access only for the last mile and their networks for long haul, OTT SD-WAN providers claim to deliver better end-to-end performance than what’s possible with the internet. Enterprises still retain the flexibility to select the local ISP of their choice.
On the flip side, though, customers need to check the OTT SD-WAN providers. They may not offer all of the bells and whistles that can be found in DIY SD-WAN. SLAs and network coverage can also be an issue. Service providers have their own SLA language, and the better you understand those terms, the better you’ll be able to negotiate. With one customer of ours, for example, we were able to triple the amount of bandwidth quoted by their carrier without increasing their monthly charge.
Geographic coverage can also be an issue, particularly as offices are located in less densely developed internet areas. Enterprises may find that their traffic is forced to travel significant distance across the internet before reaching the closest PoP.
Bundled SD-WAN services
As service providers have realized the opportunity of hybrid WANs, many have bundled SD-WANs with their existing MPLS and private data services. In effect, they take an OTT SD-WAN service a step further, providing the option to control the local access and core of their networks. For companies looking to augment their existing provider relationships with the flexibility of SD-WANs, bundled SD-WAN services can be an attractive approach.
The problems of bundled SD-WAN services are the same for any services provided by a service provider or carrier. With the right operations and customer team, services can be a godsend. But for service providers to turn a profit, it often means cutting back
on technology, or in the quantity and quality of their personnel.
The good news with SD-WANs is that so many of the tasks we originally relied on service providers to fulfill can be handled by your IT group. The bad news? You’re still locked into that service provider and their offerings. Network coverage becomes an even bigger issue because you depend on the service provider for local access (at least within their region).