Software-defined WAN, or SD-WAN, is a more practical and usually more cost-effective alternative to a pricey Multi-Protocol Label Switching (MPLS) network. But treating SD-WAN only as a cost-saving MPLS replacement can lead to a loss in confidence about the WAN and put the project at risk if something goes awry during deployment.
Managed SD-WAN services provider Cato Networks discovered this to be the case in a recent survey of roughly 1,300 IT professionals working in companies around the world. As shared in Cato’s
Networking in 2020 report, a whopping 74% of respondents said they’re significantly less confident in their networks after deploying an SD-WAN. At the same time, only 37% said they believe they can protect their networks from threats post-deployment.
What respondents seem to have forgotten is that SD-WAN isn’t just about cheap connectivity. It’s about being able to achieve a distributed network architecture that’s cloud-ready, allows for secure transport, and supports mobility.
Compelling Factors for SD-WAN
Most businesses choose an SD-WAN because of site-related issues. According to the Cato report, 56% of respondents think a SD-WAN can reduce WAN costs and improve network agility — either through faster site deployment or increased bandwidth. Most respondents said they expect to deploy some kind of SD-WAN by the end of 2020. This means, by end of year, most MPLS customers will have at least partially deployed SD-WAN.
Another reason why businesses want to move away from legacy networking architecture is security, with 66% of respondents citing malware and ransomware protection as a security challenge in 2020. Yet, those same respondents said they aren’t confident that an SD-WAN can safeguard networks against threats and attacks.
Factor in secure mobile access — a strategic goal for IT executives — and the SD-WAN security shortcomings grow. While more than half (52%) of respondents said they want to enforce corporate security policies on mobile users in 2020, the survey found that respondents believe that most SD-WAN solutions ignore secure mobile access.
Addressing Complexity
Adding more network and security features on top of an SD-WAN can further complicate deployment. The same is true for cloud applications. Deploying additional software to support the cloud doesn’t get easier with an SD-WAN. Proliferation of cloud applications and other software solutions further complicate SD-WAN connectivity requirements. IT needs to build security into their WAN transformation strategy so they can successfully restrict access to certain applications and secure all edges, including mobile and the cloud access.
Respondents with an architecture that uses a secure access service edge (SASE) expressed the most satisfaction with their WAN transformations because they were able to tackle the aforementioned network challenges. The SASE technology category, which Gartner coined the term for in 2019, converges the WAN edge and network security in an as-a-service cloud delivery model.
SASE combines elements of SD-WAN and network security, and it supports all types of edges. So, it’s not surprising that 62% of businesses with a SASE architecture surveyed in the Cato report felt confident in their networks after a digital transformation, compared to 26% of businesses that deployed an SD-WAN.
To be fair, only a small fraction of businesses today have deployed SASE, as the technology is still in its infancy. Gartner anticipates at least 40% of businesses will have strategies in place to adopt SASE, but not before 2024.
The 2020 outlook for networking and security is generally optimistic. According to the report, 56% of respondents plan to grow their networking budgets in 2020, while 73% expect to increase their security budgets. Over the next 12 months, 48% of businesses will concentrate on replacing MPLS with a more affordable alternative like SD-WAN. This is slightly different than in the previous data point as the majority of MPLS customers will deploy an SD-WAN, which includes hybrid, whereas this 48% will replace some or all of their MPLS circuits.
The transition from MPLS to SD-WAN will allow business to learn the limitations of their networks and then decide where they need to make improvements. And businesses considering a SASE migration must broaden their mindset from connectivity-focused to network security-focused.
One final note: This kind of disillusionment is not uncommon for new technologies. Often companies deploy new technology without changing the underlying architecture or deployment model. As the market matures, businesses figure out what the new stuff can do that the old stuff couldn’t. When this happens, the value accelerates.
With SD-WAN, SASE makes the deployment of networking and security together significantly simpler, improving agility and better protecting the company. Companies looking to deploy SD-WAN today should look past cost-savings and focus on security, manageability, and agility.