Searching for answers on SD-WAN isn’t easy, especially as online search results are saturated with marketing paraphernalia and SD-WAN FAQs from North America. The benefits that vendors are peddling for that market, such as immediate cost-savings, don’t necessarily translate to the UK market.
So, if there are still question marks when it comes to your research on SD-WAN, don’t despair. In addition to our earlier posts providing a beginner’s guide to SD-WAN and highlighting key considerations for adoption, we recently held a virtual SD-WAN Q&A to fill in your knowledge gaps.
Node4 experts came together with our technology vendor, Fortinet, to answer some SD-WAN FAQs (as well as some not so frequently asked questions). These came from UK businesses of all shapes and sizes, from various industries, all keen to understand the true value of the technology. Read on for the highlights.
Q: Can SD-WAN improve productivity?
A: Yes, it’s one of the main benefits! If we think about the technologies that teams are using to deliver services, they’re accessing many more cloud applications. Microsoft 365 and Salesforce are just a few examples.
Now, the way SD-WAN can improve productivity is through application intelligence. It can automatically detect and prioritise traffic for critical applications for your business. Employees using these applications no longer experience that lag and the frustration they might have previously had.
This means time and energy otherwise spent on connectivity issues, can be spent on getting their work done.
Q: Can SD-WAN replace MPLS?
A: In the UK, the primary use case we’re seeing is SD-WAN as an overlay technology to MPLS. Here at Node4, all the solutions we’ve delivered have been a blend of internet and MPLS, to varying degrees to meet business requirements.
Why? In terms of quality of service, you just can’t get that assurance from a public network, over the internet. Most businesses rely on having reliable, SLA-backed connectivity, and MPLS can deliver that.
But you’ve got to balance that demand for reliable connectivity with the need for accelerated access to applications and business data.
With the shift towards SaaS applications, cloud-first and multi-cloud working, everyone’s moving applications out of the data centre. This means with MPLS, you’re forcing all of that internet-bound traffic through the data centre, where you might encounter bottlenecks and performance issues.
SD-WAN is a compliment to MPLS, so you have an element of internet and MPLS, giving you that balance of performance and reliability.
Q: Does SD-WAN offer a cost–saving over MPLS?
A: If you just compare the commercials of MPLS and SD-WAN, you’re going to see similar figures. The MPLS market is extremely competitive in the UK, so you’re not going to get savings from SD-WAN as you might in North America.
It’s important to think about the features of SD-WAN and the cost savings you might derive from them. For example, security is integrated into our Secure SD-WAN solutions, minimising the risk and therefore the cost of a security breach.
Also, because SD-WAN allows for centralised management and automation, you need to be looking at it from the efficiency angle too. Time spent implementing, managing and maintaining the solution is reduced.
We’re seeing customers take SD-WAN solutions not for immediate cost-savings, but as a way of saving on things like management, overheads and system integrations in the long-term.
Customers are also looking at developing new features and functionality to get ahead in the market and generate new revenue streams.
Q: How does SD-WAN compare to site-to-site VPN?
A: A lot of SD-WAN solutions incorporate IPSec. But the critical difference is if you’re manually trying to configure IPSec, it becomes quite complex, quite quickly, especially when you’ve got a full mesh of several sites.
With SD-WAN, the management controller takes a lot of that challenge away, so it builds the VPNs between all the sites and does it dynamically, in a way that makes the deployment and maintenance of a wide area network much more efficient.
Q: What are the prerequisites for SD-WAN?
A: There are not many technical prerequisites. If you’re going to look at anything initially, get visibility of your applications and understand which are critical to your business. These are the applications you’re going to have to prioritise and make decisions on.
Other things to ask yourself – are you ready to remove and consolidate legacy technologies, which might be deeply ingrained within the business? Do you have the technical skills to deliver and manage an SD-WAN? If not, you can look at the likes of a Managed Services Provider to help with it.
One of the main challenges we see customers come across is having to standardise everything. You’ll need to look across all of a wide area network, bundle sites into categories, and standardise your configuration as much as possible.
Q: What are the different types of SD-WAN architecture?
A: You’ll need to deploy your SD-WAN on an appliance onsite. This might be an additional appliance alongside your wide area network, or you might have an all-in-one appliance for your full routing stack, wide area network and SD-WAN overlay.
You’ve also got to consider how you integrate security into that. A dedicated SD-WAN appliance might have some basic security built into it, but you might consider deploying a fully-fledged security appliance that’s got SD-WAN built-in for added protection
Alternatively, you could bolt on a dedicated security appliance, but then you’ve potentially got three appliances to manage. You’ve got your router, your SD-WAN and your security, and as you can probably appreciate, this comes with more cost and complexity. You can overlay all of this with cloud security too.
In short, there are many different ways of deploying SD-WAN, but the key is to cut through all the marketing and decide on which deployment method would work best for your business, with advice from consultancy services if need be.
Q: How secure is SD-WAN?
A: So obviously, you need some security for SD-WAN, as you’re not just going to open up your corporate network to the big, bad internet. Now thankfully, there are appliances out there that are security devices in their own right or have security built-in from the ground up.
You can go out and buy a vanilla SD-WAN solution which doesn’t have much security built into it. Or at the other end of the spectrum, you can buy a consolidated, integrated appliance that has SD-WAN, the full routing stack and security all in there.
You can configure your appliance to be secure too, so you’ve got the right features in the right place and you’re following best practices.
Ultimately, SD-WAN is as secure as you make it, but there’s a balance to strike between risk, complexity and cost.
Q: How do I reduce the risks of adopting SD-WAN?
A: Use suppliers and service providers who have experience in deploying SD-WAN solutions.
You don’t have to reinvent the wheel. You’ll massively reduce risk by turning to people who’ve done it before and have that experience. You’ll have that peace of mind, knowing that they know what they’re doing, and you get an opportunity to learn from their experience.
Q: What is the future for SD-WAN?
A: Further adoption. All market commentators are predicting that more businesses are going to adopt SD-WAN, as wide area network contracts come up for renewal and they start looking at the alternatives.
Expansion into SD-Branch, adding wired and wireless, is going to get bigger as well. Then there’s more talk of overlaying that with Zero Trust Network Access Control, making sure that all the devices on your network are valid and are continually profiled so they’re not doing anything untoward.
Gartner’s SASE model is going to take off as well. It incorporates SD-WAN massively into the core function and consolidates a lot of features and functions to merge networking and security together. That’s the most significant development we’re seeing, the demarcation lines between networking and security disappearing.
For SD-WAN in even more detail, watch the Q&A: Let’s Talk SD-WAN