Software defined wide area networks (SD-WANs) are accelerating in the market. “Businesses are recognising the tangible benefits SD-WANs offer – from cost to speed to ease of control and agility. An issue businesses are however still grappling with is how to evaluate a managed SD-WAN service provider,” says Anton Jacobsz, managing director at Networks Unlimited – the distributor of total SD-WAN solution provider, Silver Peak, for the Sub-Saharan African market.
Roopa Honnachari, who writes a blog series for Silver Peak and leads the Business Communication Services practice at Frost & Sullivan, provides the following five points, in no particular order, to consider once the decision is made to go with a managed SD-WAN service provider (as opposed to building and managing an SD-WAN in house). She says:
#1: Global, SLA-driven hybrid WAN services
The initial premise and catalyst behind an SD-WAN is to efficiently use any combination of public and private network services to dramatically lower WAN connectivity costs. Meaning, instead of using an Internet or a wireless link in a passive mode as a back-up link to a MPLS link, the SD-WAN solution should enable enterprises to use both these services in an active-active mode. Therefore, a managed SD-WAN service provider should be able to support a variety of WAN services – MPLS, Ethernet, Internet, wireless and others, across a global footprint, backed by service level agreements (SLA) for both in region and out of region footprints, regardless of the underlying network. SLAs for network availability, latency, packet loss and jitter are highly critical in a hybrid network as the performance guarantees are not the same as an MPLS-based WAN. Furthermore, SLAs that extend to SD-WAN CPE is a key consideration given the repair or replacement time of CPE is critical to ensure continued operations of SD-WAN locations.
#2: Application performance monitoring and visibility tools
Most enterprises evaluating an SD-WAN solution already have some form of private WAN services, either MPLS or Ethernet, in place. The ability to prioritise traffic (voice over data, for example) over private links and ensure quality-of-service across applications, and have access to application performance monitoring tools and analytics are foundational reasons enterprises swear by MPLS and Ethernet. Application-aware routing, the ability for the SD-WAN CPE to choose the most optimal network path, in terms of bandwidth and quality of service that best suits an application requirement, is a key feature of an SD-WAN solution.
Two valuable features that enable intelligent, on-demand application-aware routing are path conditioning and dynamic path control (DPC). Path conditioning overcomes the adverse effects of dropped and out-of-order packets on best-effort Internet links to provide performance comparable to private networks. The DPC feature provides real-time traffic steering over any broadband or MPLS link based on company-defined business intent policies. In the event of an outage or brownout, DPC automatically fails-over to the secondary connection in under a second, ensuring uninterrupted service to end-users. As your organisation transitions to an SD-WAN, which at a minimum includes a combination of MPLS and Internet links, the managed service provider should be able to support the two features discussed above, and extend monitoring and visibility tools to their managed SD-WAN services.
#3: Service chaining
Network security is of critical importance in any SD-WAN deployment, especially if it relies on best-effort Internet links alongside private networks. It is important for a managed SD-WAN service to offer a flexible approach to network security integration. While there are managed service providers that have chosen to leverage SD-WAN vendors that have collaborated with multiple security vendors to integrate and validate them with their solution, there could be scenarios wherein your organisation would like to use a different security solution. It is imperative that the managed service provider demonstrates expertise and the flexibility across a wide range of security solutions to support service insertion and service chaining. Service chaining with micro-segmentation offers the ability to add network functions such as security and WAN optimisation at specific regional locations. SD-WAN controllers can define policies for chosen traffic to pass through the service chained network functions to meet both the security and performance requirements of certain applications. For example, traffic to private clouds should pass through a regional firewall for filtering, and a WAN optimisation appliance to overcome latency issues over distance.
# 4: Flexible, tiered managed SD-WAN services
The characteristics described above are all important in an SD-WAN deployment. However, enterprise SD-WAN requirements vary across business sizes and verticals and even within the same company across applications and locations. For example, a simple overlay could be sufficient to ensure high-speed access to and from retail locations to their cloud-based inventory system; but the retail outlet surveillance monitoring systems may require additional security mechanisms to ensure tamper-proof operations. Additionally, the point-of-sale terminals may require optimised and secure links to ensure compliance with PCI mandates. The managed SD-WAN service provider your organisation selects should be able to offer tiered services that support a variety (low, high and mission-critical) of premises-based and cloud-based enterprise applications. Tiered services offerings include additional non-disruptive software services such as WAN optimisation-as-a-service or analytics-as-a-service, which provide additional performance and visibility benefits for enterprise customers.
# 5: Co-managed and fully managed options
Choosing a managed SD-WAN service yields several key benefits. However, for enterprises that elect to deploy a managed SD-WAN service over a DIY model, it is imperative they understand what “managed” SD-WAN really means. Will the managed service provider deploy and manage the solution end-to-end (CPE, networks, SLAs, routing policies, and more.) or can the IT managers have some level of control or visibility over the service if they prefer to? As the SD-WAN market is still relatively new, the managed services wrapped around it are still evolving. Nevertheless, insisting on a co-managed option will ensure your organisation continues to retain visibility and control over certain features of the solution, while still taking advantage of the managed services capabilities of the provider.
“As SD-WAN gains traction in the market, SD-WAN managed service providers are broadening their vendor partnerships to include solutions that cater to different segments of the market. For example, a low-cost CPE-centric basic SD-WAN solution versus an advanced feature-rich solution that addresses a wide range of enterprise application requirements including service chaining to network security services, WAN optimisation or optimised connectivity to SaaS services,” concludes Honnachari. “Therefore, it’s critical for enterprises to carefully consider, compare and contrast the various solutions the managed SD-WAN provider offers to ensure they select the most optimal solution for their organisation.”
SD-WAN technology differentiators include dynamic path control, zero-touch provisioning, cloud intelligence and path conditioning, which ensures private-line performance over the Internet.