In this post
Node4experts came together withour technologyvendor,Fortinet,toanswer some SD-WAN FAQs (as well as some not so frequently asked questions).
Searching for answers on SD-WAN isn’t easy, especially as online search results are saturated with marketing paraphernalia and SD-WAN FAQs from North America. The benefits that vendors are peddling for thatmarket, such as immediate cost-savings, don’t necessarily translate to the UK market.
So,if there are still question marks when it comes to your research on SD-WAN, don’t despair. In addition to our earlierpostsprovidinga beginner’s guide to SD-WANand highlightingkey considerations for adoption, we recently held avirtualSD-WANQ&Ato fill in your knowledge gaps.
Node4experts came together withour technologyvendor,Fortinet,toanswer some SD-WAN FAQs (as well as some not so frequently asked questions). These camefrom UK businesses ofall shapes andsizes, fromvariousindustries, all keen to understand the true value of the technology.Read on for the highlights.
Watchthe fullQ&A:Let’s Talk SD-WAN
Q:Can SD-WAN improve productivity?
A: Yes, it’s one of the main benefits! If we think about the technologies that teams are using to deliver services, they’re accessingmanymore cloud applications.Microsoft 365andSalesforceare just a few examples.
Now, the way SD-WAN can improve productivity is through application intelligence. It can automatically detect and prioritise traffic for critical applications for your business.Employeesusingthese applications no longerexperiencethat lag and the frustration they might have previously had.
Thismeans time and energy otherwise spent on connectivity issues,can be spent on getting theirworkdone.
Q:Can SD-WAN replace MPLS?
A:In the UK, theprimaryuse case we’re seeing is SD-WAN as an overlay technology to MPLS. Here at Node4, all the solutions we’ve delivered have been a blend of internet and MPLS, to varying degreesto meet business requirements.
Why? In terms of quality of service, you just can’t get that assurancefroma public network, over the internet.Most businesses rely on having reliable, SLA-backed connectivity, and MPLS can deliver that.
But you’ve got to balance that demand for reliable connectivity with the need for accelerated access to applications and business data.
With the shift towards SaaS applications, cloud-first and multi-cloud working, everyone’s moving applications out of the data centre. This means with MPLS, you’re forcing all of that internet-bound traffic through the data centre,whereyou might encounter bottlenecks and performance issues.
SD-WANisa compliment to MPLS,so you have an element of internet and MPLS, giving you that balance of performance and reliability.
Q:Does SD-WAN offer a cost-savingover MPLS?
A:If you just compare the commercials of MPLS and SD-WAN, you’re going to see similar figures.The MPLS market is extremely competitive in the UK, soyou’re not going togetsavingsfrom SD-WANasyou might in North America.
It’s important to thinkabout the features of SD-WAN and the cost savings you might derive from them. For example,security is integrated into ourSecure SD-WAN solutions, minimising the risk andthereforethe cost ofasecurity breach.
Also, because SD-WANallows for centralised management and automation, you need to be looking at it from the efficiency angle too.Time spent implementing, managing and maintainingthesolution is reduced.
We’re seeing customers take SD-WAN solutions not for immediate cost-savings, but as a way ofsaving on things like management, overheads and system integrationsin the long-term.
Customers arealso looking atdeveloping new features and functionality to get ahead in the market and generate new revenue streams.
Q:How does SD-WAN comparetosite-to-site VPN?
A:A lot of SD-WAN solutions incorporateIPSec. But thecriticaldifference is if you’re manually trying toconfigureIPSec, it becomes quite complex, quite quickly, especially when you’ve got a full mesh ofseveralsites.
With SD-WAN, the management controller takes a lot of that challenge away, so it builds theVPNsbetween all the sites and does it dynamically, in a way that makes the deployment and maintenance of a wide area networkmuchmore efficient.
Q:What are the prerequisites for SD-WAN?
A:There are not many technical prerequisites.If you’re going to look at anything initially,get visibility of your applications and understand which are critical toyour business. These are the applicationsyou’re going to have to prioritise and make decisions on.
Other things to ask yourself – are you ready toremove and consolidate legacy technologies, whichmight bedeeply ingrained within the business?Do you have the technical skills to deliver and manage an SD-WAN? If not, you can look at thelikes of aManaged Services Provider to help with it.
One of the main challenges we see customers come across is having to standardiseeverything. You’ll need to look across all of a wide area network, bundle sites into categories, and standardise your configuration as much as possible.
Q:What are the different types of SD-WAN architecture?
A:You’ll need to deploy your SD-WAN on an appliance onsite.This might be an additional appliance alongside your wide area network, or you might have an all-in-one appliancefor your full routingstack, wide area network and SD-WAN overlay.
You’ve also got to consider how you integrate security into that.A dedicatedSD-WAN appliance might havesome basicsecurity built into it,butyou might consider deploying a fully-fledged security appliance that’s got SD-WAN built-infor added protection
Alternatively, you could bolt on a dedicated security appliance, but thenyou’ve potentially got three appliances to manage. You’ve gotyour router, your SD-WAN and your security,and as you can probably appreciate, this comes withmorecost and complexity.You can overlay allof thiswith cloud security too.
In short, there are many different ways ofdeploying SD-WAN, but the key is to cut through all the marketing and decide on which deployment method would work best for your business, with advice from consultancy services if need be.
Q:How secure is SD-WAN?
A:So obviously,you need some security for SD-WAN, as you’re not just going to open up your corporate networkto the big, badinternet. Now thankfully, there are appliances outthere that are security devices in their own right orhave security built-in from the ground up.
You can go out and buy a vanilla SD-WAN solution which doesn’t have much security built into it. Orat the other end of the spectrum, you can buy a consolidated, integrated appliance that has SD-WAN, thefullrouting stack and security all in there.
You can configureyour applianceto be secure too, so you’ve got the right features in the right place and you’re following best practices.
Ultimately, SD-WAN is as secure as you make it, but there’s a balance to strike between risk,complexity and cost.
Q:HowdoI reduce the risksofadopting SD-WAN?
A:Use suppliers and service providers who have experiencein deploying SD-WAN solutions.
You don’t have to reinvent the wheel. You’ll massively reduce risk byturning to people who’ve done it before and have that experience. You’ll have that peace of mind, knowing that they know what they’re doing, andyouget an opportunity to learn from their experience.
Q:What is the future for SD-WAN?
A:Furtheradoption.All market commentators are predicting that more businesses are going to adopt SD-WAN, as wide area network contracts come up for renewal and they start looking at the alternatives.
Expansion into SD-Branch, addingwired and wireless, is going to get bigger as well. Then there’s more talk of overlaying that with Zero Trust Network Access Control, making sure thatall the devices on your network are valid andare continuallyprofiled sothey’re not doing anything untoward.
Gartner’sSASE modelis going to take off as well. Itincorporates SD-WAN massively into the core functionandconsolidatesa lot offeatures and functions to merge networking and security together. That’s themost significant development we’re seeing, thedemarcation lines between networking and security disappearing.
For SD-WAN in even more detail, watch theQ&A:Let’s Talk SD-WAN
