The WAN landscape has changed significantly over the last decade. MPLS (Multiprotocol Label Switching) used to be the go-to WAN connectivity solution for the enterprise. In recent years, MPLS has begun to age poorly and proven inadequate for many use cases, particularly those where cloud and mobile are the norm. During the same timeframe, SD-WAN popularity has soared. This is in large part because SD-WAN offers the agility and flexibility required to accommodate the dynamic cloud and mobile computing challenges MPLS struggles with.
However, there isn’t just a single SD-WAN solution available, so enterprises need to be informed about their options. Three of the more popular approaches to SD-WAN are: appliance-based or DIY (Do-It-Yourself) SD-WAN, telco-managed SD-WAN, and cloud-based SD-WAN.
Below, we’ll dive into the commonalties SD-WAN solutions share and explain why cloud-based SD-WAN has pulled ahead of the pack.
Common SD-WAN features & characteristics
What is SD-WAN? say GOODBYE to MPLS, DMVPN, iWAN… w/ SDN, Cisco and Viptela
There are some characteristics that all SD-WAN solutions share. They all act as a network overlay that helps virtualize WAN infrastructure and use a variety of transport methods (4G LTE xDSL, cable, etc.). Features like Policy-based Routing (PbR) and QoS (Quality of Service) are common across SD-WAN platforms. The shift to a virtualized, “software-defined” approach to the WAN is what set SD-WAN apart from legacy solutions like MPLS. SD-WAN is easier to manage, more agile, and more flexible. It also enables enterprises to benefit from purchasing economical Internet bandwidth as opposed to expensive MPLS bandwidth.
Appliance-based SD-WAN a.k.a. DIY SD-WAN
Appliance-based or DIY SD-WAN is simply an SD-WAN appliance purchased from a vendor and provisioned, maintained, and managed by the enterprise. Appliance-based SD-WAN enables the standard SD-WAN functionality you would expect and gives the enterprise full control over the appliances. The upside to the full control DIY SD-WAN offers is there are no wait times for support tickets for changes and enterprises can move at whatever speed their enterprise is capable of.
However, there are 3 major downsides to DIY SD-WAN:
- Unlike MPLS, there is no underlying network infrastructure to reliably route WAN traffic, public Internet (or even MPLS links) are used
- Security is not built-in and must be integrated
- WAN configuration can become complex and many enterprises lack the resource or in-house expertise to keep up
Telco-managed SD-WAN gets rid of the complexities associated with managing DIY SD-WAN deployments. The service provider takes care of maintenance, management, patching, and security integrations, significantly reducing the complexity associated with DIY SD-WAN while leveraging effectively the same technology.
However, these upsides aren’t without a cost. Telco-managed SD-WANs include a hefty markup for their services and you become dependent on the provider for changes. Even simple rule changes can require a support ticket and drag out response time. In a competitive environment where speed and agility are important, that can be a major issue. Further, with a telco managing the WAN, in-house IT may lose a significant level of network visibility along with the loss of control. It’s also worth noting that shifting the complexity to a telco doesn’t eliminate the complexities and scalability challenges associated with DIY SD-WAN, it just shifts them to someone else for a premium.
Thus far, we have two comparable solutions where complex security integrations, lack of an underlying network, and management models at two extremes create problems. It seems like the ideal would be an SD-WAN solution that:
- Provides a reliable network backbone
- Integrates security to the network
- Provides a flexible management model
Fortunately, premium cloud-based SD-WAN providers do just that. With cloud-based SD-WAN, enterprises benefit from an SLA-backed global private backbone with SLA guarantee. They also gain a full security stack, including features like next-generation firewall (NGFW), intrusion prevention system (IPS), Secure Web Gateway (SWG), anti-malware, and advanced threat detection, built into the network. This eliminates the need for most costly and complex integrations. Finally, cloud-based SD-WAN offers enterprises a flexible co-managed model that gives the enterprise the option to offload complexity to the provider when it makes sense, but still retain the ability to make changes themselves and retain network visibility. In short, cloud-based SD-WAN delivers all the benefits of appliance-based and telco-managed SD-WAN, while also addressing their downsides.
Cloud-based SD-WAN maximizes the upside of SD-WAN
As we have seen, both DIY and telco-managed SD-WAN lack the underlying cloud-native network infrastructure that set cloud-based SD-WAN apart. Additionally, DIY SD-WAN can significantly increase network complexity while telco-managed solutions can limit control and decrease agility.
By providing a robust underlying network infrastructure that includes security, monitoring, and self-healing, cloud-based SD-WAN provides a platform that enables enterprises to get the most out of SD-WAN. By adopting a co-managed approach to WAN infrastructure, cloud-based SD-WAN helps reduce management complexity without limiting enterprise agility and control. In short, cloud-based SD-WAN delivers all the upside of SD-WAN, without the downsides of DIY or telco-managed solutions.