On June 3, 2017, Andrew Lerner, vice president of research for enterprise networking at Gartner published a new blog: SD-WAN is going Mainstream. In this blog, Andrew offered two key takeaways:
- SD-WAN is real and has real and tangible benefits.
- At the same time, SD-WAN has downsides and/or challenges affiliated with early deployments. The downsides are mainly around gaps many vendors have for features like IPv6, WAN optimization, etc.
I agree with Andrew’s assessment that there are downsides to many offerings, and want to underscore the key considerations for distributed enterprise when selecting the right SD-WAN solution. It’s reflective of carefully listening, learning and adapting to our more than 400 production customers around the world who evaluated multiple SD-WAN solutions before selecting Silver Peak Unity EdgeConnect.
Five things show up consistently in our customer engagements that any enterprise should think about longer-term. Moving beyond PowerPoint claims, it’s critical that an SD-WAN solution is capable of the following:
- Deliver SLAs for enterprise apps over consumer broadband. One of the promises of an SD-WAN is the ability to leverage broadband for connecting branch office users to applications. However, the challenge is to ensure that application performance doesn’t suffer in the process. Most solutions simply move traffic off of an underperforming link and route around the problem. Be sure to evaluate SD-WAN solutions with the capability to automatically and intelligently correct for errors resulting from dropped packets or packets received out of order. Additionally, a solution that bonds several underperforming links into a single, robust connection will deliver higher application performance and availability. Furthermore, while the challenge may not be as pervasive as it once was, many applications still require latency mitigation. So, finding a solution with integrated WAN optimization that can improve performance over long distance should also be a key consideration.
- Steer SaaS and web-based apps directly over the Internet granularly and intelligently. As more and more applications migrate and reside in the cloud (IaaS, SaaS), it raises the requirement to connect directly to the Internet rather than backhauling this traffic over the legacy WAN which introduces latency and consumes incremental and expensive MPLS circuit bandwidth. A robust solution must have the capability to identify and classify apps on the first packet of the flow and automatically steer this traffic on a per-application basis. As a result, applications performance is enhanced while remaining in compliance with business intent and policy.
- Bring new branches online in hours. Another SD-WAN promise is the ability to dramatically accelerate provisioning time, going well beyond the concept of zero touch provisioning. The business has priorities and policies and therefore, different applications have varying priorities. Deployment, configurations and changes need to be simple and easy, and done centrally, not on a branch by branch or device by device basis. The solution must drive application QoS and security policies in alignment with business needs and centrally push them out to branch offices.
- Deploy an SD-WAN over existing infrastructure. Simply put, customers have invested in appliances like branch firewalls or routers, and they may not be ready to replace them – even if that’s the long-term goal. The solution must offer the flexibility to be deployed in line with existing infrastructure so it’s not a rip and replace, nor does it require that all branches be migrated at once.
- Enhance WAN and application security. This goes along with points #2 and #4. While a customer may or may not remove the branch firewall, they do likely have additional security appliances whether in the cloud, at a regional hub or in the data center. Ask the question: Can the SD-WAN service chain easily to those devices and steer applications that aren’t headed directly over the internet accordingly, based on policy? Additionally, does the SD-WAN provide virtual overlays that extend application segmentation from the data center to the WAN for additional security? All SD-WANs should have encryption built in, but these additional security elements are critical to mitigating risk.
Whenever a customer selects an SD-WAN solution, it’s also imperative to ensure there is a longer-term vision and opportunity to fully realize the benefits from it. Here are two additional forward-thinking concepts Silver Peak EdgeConnect customers have benefitted from:
- The ability to replace branch routers. Customers want to simplify and streamline their architecture and operation. This could and should include replacing legacy routers.
- A future vision of a self-driving SD-WAN. If we are moving into self-driving cars, why can’t we move into autonomous and adaptive self-driving WANs?
Would love to hear your thoughts on these seven key criteria and considerations.