If a software-defined WAN (SD-WAN) vendor calls you up and says you need their product because it will help you save money, hang up the phone.
Okay, maybe you shouldn’t hang up the phone—but you should at least tell him that he’s selling his product wrong.
It’s true that the early conversations about SD-WAN were all about cost savings, and those promised cost savings were to come via replacing MPLS with internet connectivity. To some extent, SD-WAN definitely delivers on this promise. That being said, saving money is not the real business driver for SD-WAN.
EMA explored this issue thoroughly in its recent report, “WAN Transformation: How Enterprises Succeed with SD-WAN.” We asked 250 enterprises currently engaged with SD-WAN to identify their top two business drivers. Cost reduction was the least popular response.
Three other business drivers tied for first on their list of priorities. Enterprises are adopting SD-WAN to cloud-enable their businesses, improve network security, and close skill gaps in the IT organization. EMA identified two secondary business drivers, as well. Companies want network agility and improved visibility into networks and applications.
The public cloud has profoundly disrupted wide-area networking. Networks are no longer connecting users only to a central data center. Today, enterprises are connecting users from hundreds of sites to multiple IaaS cloud providers and dozens of SaaS providers. This shift to the cloud requires direct connectivity from remote sites into the cloud, typically through the internet.
SD-WAN solutions simplify the creation of secure site-to-cloud connections. First, SD-WAN solutions automate and secure local internet breakouts at remote sites, with granular policies dictating the applications that can go over the internet and the ones that must traverse managed WAN connectivity. Thus, the SD-WAN solution can steer cloud traffic directly to the internet, which is the primary means of connecting most users with cloud applications.
Second, enterprises can deploy an instance of SD-WAN software in an IaaS cloud provider’s environment to establish the other end of a secure connection from the branch to the cloud via the internet. Teams can manage these SD-WAN cloud gateways as just another node on the WAN, with security, visibility, and performance.
Improved security is a huge opportunity with SD-WAN, and I will cover this topic in greater detail in a subsequent blog in this space. Stay tuned. For now, let’s just recognize the fact that the typical SD-WAN solution ships today with a number of native network security capabilities, including branch firewall and zone-based segmentation at minimum. Not only that, but the central controller of an SD-WAN solution allows you to manage that security functionality more efficiently. A network engineer can create security templates for different classes of sites on the WAN, and an administrator can roll those templates out programmatically.
Moreover, leading SD-WAN vendors are building out a portfolio of security partners who integrate their third-party solutions with the SD-WAN technology, giving enterprises even more powerful options for branch security with every new partnership.
Closing the Skills Gap
The wide-area network presents unique personnel challenges to IT organizations. By its very nature, the WAN is distributed, and it’s quite rare for an enterprise to have skilled networking personnel at every site where network infrastructure is deployed. In fact, EMA research found that the majority of enterprises have skilled networking personnel at only 41 to 80 percent of their sites. These enterprises need a centralized management solution, like those offered by an SD-WAN controller.
A key area where the skills gap is most pronounced is around the command-line interface (CLI), which is a vendor-proprietary management interface on routers and other network devices that require advanced, specific knowledge. Some network engineers build a whole career on certified CLI skills, but these engineers are expensive and in short supply. In fact, EMA’s research found that only 20 percent of today’s enterprises prefer to manage WAN devices exclusively through CLI. The rest want at least some of their WAN management conducted via a graphical user interface (GUI) with point-and-click workflows. This is exactly what an SD-WAN solution offers.
Network Agility and Visibility
The secondary business drivers—network agility and network visibility—are supported by many of the features I described above. For instance, the GUI-based, central management SD-WAN offers is essential to an agile network. The technology’s point-and-click management makes it extremely easy to configure overlays for different classes of applications and quickly apply moves, adds, and changes on the network.
Also, the central management console of an SD-WAN solution typically presents deep visibility into network and application traffic that crosses the SD-WAN overlay, along with granular performance metrics for the underlying WAN transport services. Most SD-WAN solutions excel at collecting traffic and telemetry and presenting that information in a network operations console.
Thus, while it’s true that SD-WAN technology can drive down WAN costs by enabling a transition from MPLS to the internet, EMA believes this shouldn’t be the primary focus of any enterprise today. Cost savings might win you budget approval, but it should never be your ultimate goal with SD-WAN.