5 Considerations When Evaluating SD-WAN Architecture
Quick reality check for all enterprise IT decision makers: Legacy Hub-and-Spoke networks that were built around customer premise and data center-hosted apps have gone out of style. In their place are cloud-hosted and SaaS-based apps, which are swiftly taking the world by storm. As such, moving from a centralized Hub-and-Spoke network to a distributed wide area network leveraging technology like software-defined WAN (SD-WAN) is something that should be at the forefront of every IT decision maker’s mind.
Few technologies have grown as rapidly as SD-WAN in recent years, with figures from International Data Corporation (IDC) revealing growth in revenue from around $225m in 2015 to more than $800m in 2017.
But does that mean every business should be rushing into building an SD-WAN architecture? Absolutely not. As with all new technologies, there is limited standardization, which means that there are a multitude of different factors that IT stakeholders must consider for their business. A full market study is necessary to understand the inherent differences between SD-WAN vendors, because although one vendor may be best for a certain type of business, that doesn’t mean it’s best for yours.
In other words: the worst mistake your IT team can make is to rush into moving to an SD-Wan platform before conducting a complete evaluation of the marketplace.
With this in mind, here are 5 key considerations that every IT decision maker needs to take into account when evaluating SD-WAN vendors and deployment options for your business.
Choosing the Correct Bandwidth and Configuration
According to Network World, businesses need an average of 20% more bandwidth year-over-year. This is a huge driver for SD-WAN adoption as it allows companies to purchase cheaper internet and even LTE circuits rather than provisioning additional, expensive MPLS circuits.
Getting the most bang for your buck means ensuring that your network is fully optimized. For example, your network should normally be configured on an active-active basis over multiple circuits. This will deliver maximum cost-savings, as backup circuits will be fully utilized at all times, not just when the main circuits fail.
You’ll also want your latency-sensitive and mission-critical applications (e.g. VoIP connection, media streaming, etc.) to be prioritized over normal network traffic so you’re your quality of service (QoS) remains high.
Determining Your Need for a Managed Service
One of the biggest considerations IT stakeholders need to make is whether or not to opt for a managed SD-WAN deployment or manage it yourself. Vendors offer different levels of managed service, ranging from simply taking care of the customer premise equipment (CPE) to a full end-to-end tiered management service.
If you do decide to outsource your SD-WAN management, it’s a smart business decision allow your IT managers access to the performance data so they can intervene if needed.
One other critical consideration is your vendor’s SLA. Not only should they offer high availability and uptime, but the best often provide guarantees around latency, packet loss and jitter as well. An experienced SD-WAN consultant like Shamrock can help you navigate SLAs to find the perfect balance of control and convenience.
Many of the large telcos offer not only single pane of glass management and visibility from network edge to network core, but also cover umbrella SLAs that are contiguous between core net transport and edge, which can guarantee the best overall gains in visibility, issue remediation and uptime guarantees, as well as minimize multiple vendor finger pointing and troubleshooting.
Finding a Partner You can Trust
Even seasoned IT pros can encounter challenges when navigating the complexities of SD-WAN. Shamrock Consulting Group has partnerships with every leading SD-WAN provider in the industry, and we’ve led full-scale RFPs for dozens on Fortune 500, 100 and 50 companies with some of the largest enterprise deployments in the world.
Our RFPs include comprehensive network and service audits, custom design, product procurement, contract negotiations and more. In most cases, or RFP services come at no cost to our customers.
Choosing a Flexible Vendor
If your company is looking to expand rapidly through mergers and acquisitions, you’re going to need a vendor who excels in speed to deployment and maturity, which will allow you to quickly and efficiently get new sites online. Whereas this can traditionally take days or even weeks to achieve for some SD-WAN vendors, the cream of the crop can integrate new sites within minutes. One caveat to this, however, is that certain SD-WAN vendors are limited to operate within certain regions, and others are only familiar with specific types of connections.
Special consideration should be given to companies with advanced network function virtualization (NFV) offerings at the edge. Using NFV technology, the most elegant way to deploy an edge solution such as SD-WAN would be inline integration with perimeter-based security and potential WAN optimization or caching solutions.
Shamrock can help you to explore a host of realistic scenarios with your vendor shortlist to find out which ones can handle the direction you are likely to be moving in.
What’s the Deal with Security?
It’s 2019, people. In today’s fast-moving world, there are only two types of companies: ones that have been hacked and know it, or others who’ve been hacked and have absolutely no idea.
It’s a common misconception that SD-WAN technology is automatically secure. The reality is that you will still need to address security issues through choosing the right type of on-premise hardware and cloud security solutions.
Security posture should be the absolute, #1 consideration when designing and implementing a distributed SD-WAN solution. Legacy Hub-and-Spoke networks typically had one or few ingress-egress points that were generally secure with a next gen firewall in place. In moving to distributed model where every location is open to inbound and outbound traffic (preferably over multiple links), IT decision makers need to keep perimeter security at the top of mind, always.
Proper security can be accomplished with either an inline next gen firewall, a virtual firewall delivered on an NFV stack, or even a cloud-based firewall. If leveraging a cloud-based solution, IT decision makers need to make sure that both inbound and outbound security is addressed, and should also look towards solutions that utilize a unified threat management (UTM) functionality with cutting-edge capabilities around anomaly detection, malware and botnet detection and prevention, zero-day response services, sandboxing, and threat exfiltration and remediation.
This task may sound daunting, but that’s Shamrock is here: to assist in giving a full market study of your options, explaining the granular pros and cons of each approach, and enabling end users to be productive while maintaining a safe corporate security posture.
We can help you research every security option available, from NGFW devices to encryption protocols, to ensure that your deployments are safe and secure. Our proven RFP process and partnerships with top SD-WAN, MPLS and VPLS providers puts us in a unique position to support your business as you adopt a burgeoning technology like SD-WAN.