How to get an SD-WAN implementation right

A real world story.

In my previous post, I have shared possible side effects of SD-WAN which enterprise and CIOs should understand prior to implementation. But SD-WAN can be a great solution to enterprise if the company’s objective is clear, and when the solution is implemented in the right way. The best way to explain this is by considering an actual use case.

This customer had been growing consistently and fairly quickly for the past decade. Its traditional MPLS WAN was becoming the bottle neck for its expansion. The application performance - and with it the user experience - was getting worse and it wasn't clear why this was so and what could be done to improve it, while containing the overall costs. Also the customer was struggling with the complexity and slow speed of execution for any change required at their branch offices.

The solution that NTT Communications (NTT Com) implemented is a managed hybrid-WAN network infrastructure with an SD-WAN overlay network – I will define these terms later.

The main advantages of this solution are: improved user-experience with visibility of the application performance, not just of the traffic by application, simplified change management and substantially lower operational cost.

The original network of the customer was a typical MPLS-based network, a so-called traditional WAN. The access technology used to connect to the network was leased lines or the internet (for IPSec access into MPLS). Backups were passive - so no traffic traveled through them until an outage occurred.

The side effect of this solution was the ‘hairpin routing‘ via the regional data center for: internet, public cloud, remote workers and extranet — which was the main reason for the degraded user-experience; and a lot of unutilized backup capacity.

The network infrastructure that NTT Com delivered is a hybrid-WAN, which fixes the troubles of the traditional WAN by taking advantage of the internet as transport and by integrating this with an MPLS core to ensure a balanced compromise between cost and performance.

Additional functions, such as the cloud-based secure web gateway are provided through function virtualization without the need of additional hardware devices to be deployed on site.

Wherever multiple accesses are available then the traffic can be balanced between the MPLS and the internet VPN by defining which application would use which connection: so it would either travel over MPLS or over the internet.

The common side effects of a hybrid-WAN are the static routing of the applications on a predetermined path and a fairly complex management.

The SD-WAN adds an overlay network to the hybrid-WAN, with the objective being to optimize the performance of the applications transported over the WAN by dynamically selecting the best available path to reach the destination (so, differently from a hybrid WAN where the path is not predefined). This optimization feature is provided by a central controller that monitors the health of the end-to-end connectivity in real time. Application visibility is a critical feature in this use case and is an integral part to the solution.

Takeaways from this series of posts:

  • SD-WAN is great but not as simple as it seems to most enterprises

    • Unless you have dedicated IT staff with SD-WAN and network expertise, look for a managed SD-WAN provider

  • Not all providers are made equal: this has been always true but with SD-WAN the difference can be substantial and meaningful

    • Take time to select the right provider 

  • Not all SD-WAN products bring the same value

    • Evaluate different solutions and choose the solution that fits you now and tomorrow — consider your own roadmap and not just the vendors.