SD-WAN Value: More Than Cost Savings
For me, the second day of Enterprise Connect began bright and early with a panel on software defined (WANs SD-WAN), which I previewed in this No Jitter post last week. Much of the value proposition of SD-WANs has revolved around cost savings on bandwidth as businesses look to cut the high cost of running a wide area network today. Much of the cost savings comes from replacing, or at least augmenting, high cost MPLS networks with much lower cost broadband Internet connections. Organizations can use the higher price, high-value network for real-time or mission-critical traffic, and then send general-purpose data down the Internet connection.
Most people I talk to inherently get the cost saving argument, but after that, the value proposition isn't very well understood. So I spent a fair amount of time drilling down on this topic in the panel. Here's a summary of the benefits businesses should expect with an SD-WAN (other than cost savings on bandwidth).
Ability to handle "brown outs" -- Legacy networks are based on the concept of "active-passive" pairs where a primary circuit is used to connect two points, and the backup only becomes active when the primary fails. The flaw with this architecture is that "black outs" aren't nearly as big a problem as "brown outs". A black out is when a network connection actually goes down from a failure in equipment, a circuit outage, or some other cause. Networks are built extremely reliably today, and these don't happen nearly as often as they used to. A bigger problem is that networks can get congested, creating a situation where a circuit is still connected, but the performance of the applications suffer. An SD-WAN can be configured to not only protect against failures but also dynamically change paths when application performance degrades.
Centralized configuration -- During the panel, VeloCloud's Mike Wood mentioned that SD-WANs run on infrastructure that separates the control plane and data plane. This is technically correct, but I'm not convinced that anyone other than engineers understand the significance of this. When the data and control planes are tightly coupled, each network device needs to be configured individually. So a network with 100 locations would require 100 individual routers to be logged into and configured. This can take months in large networks. By decoupling the control and data plane, the control elements can be made available in software, extracted from the location and centralized. SD-WANs enable a configuration change to be made once and pushed out to all the devices simultaneously. Now changes can be made in minutes instead of months.
Networkers become orchestrateable -- All SD-WAN solutions have Northbound APIs, which means applications can talk directly to the network enabling policy driven automation. For example, if a customer wants to perform a video call to two locations that aren't directly connected, a network engineer may have to manually create a path between the locations prior to the video session. Then when the call is over, the engineer would need to take that path down. Through the APIs, the video server could talk to the network, dynamically create an overlay path, the video could happen, and then the path could be torn down.
Zero touch provisioning -- One of the challenges with branch offices is turning up network services remotely. One solution is to try and preconfigure the router before it's sent out, have it plugged in, and hope it works. Another is to ship the network device to the location, fly someone out, configure it, and return. Neither is ideal. Most SD-WAN infrastructure is built on a model of "Zero Touch" where it can "call home" when plugged into a network and self configure.
Direct cloud connectivity -- With a legacy hub and spoke design, cloud services are accessed via the Internet connection from the hub. Traffic goes from the Internet to the hub, up the spoke, the user does stuff, the traffic goes back down the spoke, through the hub, and back to the Internet. This is obviously highly inefficient and a waste of bandwidth. Many of the SD-WAN solution providers offer direct connectivity to a cloud service so instead of going through a dozen or more network hops, the cloud is reached with a single hop. Direct cloud connectivity can significantly improve the performance of SaaS applications, as the amount of jitter and latency will be significantly reduced.
Operationally simpler -- The physical topology of an SD-WAN will be more complex than a legacy network because it does more stuff. However, SD-WANs have robust centralized management systems that mask much of the complexity so it's operationally much simpler. According to my research, 45% of the TCO of running a WAN is people-related costs, so an SD-WAN can not only save on bandwidth but high-level engineers can spend less time doing mundane tasks and can spend more time on strategic initiatives.
Cost savings are certainly a good reason to investigate migrating to an SD-WAN but very quickly businesses will realize it will also offer higher uptime, better application performance, and for network operations to work much faster. My panel was titled "Is SD-WAN right for the cloud era?" and my answer is a most emphatic yes -- because it's the network architecture than can match the speed and agility of the cloud.