<

[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x

5 Reasons Not to Buy SD-WANs

Published on
3,171 Points
171 Views
Last Modified:

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they worth the investment?  As someone who makes and sells SD-WANs for a living, I do love the technology. However, even I know that SD-WANs aren’t a fit for every company. Here, then, are five reasons from an SD-WAN insider why not to buy an SD-WAN.


You might not save as much money as you thought

Numerous surveys show that a driver, if not the major driver, for SD-WANs is reduction in monthly spending for bandwidth. Proponents will point to the 90 percent difference between MPLS and Internet bandwidth. You will reduce costs, but often actual savings are much more conservative than the quoted 90 percent number. Many locations will require dual fiber links for reasons of resiliency, increasing costs. Service provider management, an inherent part of any MPLS service, must be assumed by the enterprise with SD-WAN -- another cost center. There are also security costs that need to be calculated, if branch offices are to use local Internet to improve cloud application performance.


So, where will cost savings come from? Depending on the SD-WAN selection, you can save the cost of replacing end-of-life routers at branch offices. Bandwidth costs will almost certainly reduce when replacing MPLS with Internet, unless you happen to be in a region where Internet availability is limited. SD-WANs offered by some Firewall-as-a-Service providers allow you to eliminate or reduce security as well as networking costs. You’ll also reduce your operational costs through the use of centralized configuration and management.


You might not be able to replace your MPLS networks

To be MPLS-free is the wish of any WAN manager, but there’s an excellent chance that with most SD-WANs, you’ll remain tied to the MPLS umbilical cord. Companies depending on latency-sensitive and loss-sensitive applications will not be able to deliver the kind of consistent, quality experience, day-in and day-out, with the Internet. As I mentioned, routing dynamics and Internet economics are such that there’s very little incentive for providers to deliver the kind of consistent latency and loss statistics needed by enterprise-grade application. This is particularly true when delivering services in underserved areas or between Internet regions. For those applications, organizations should retain MPLS or replace it with another SLA-backed backbone.


It will not make everything faster

The quality of experience (QoE) of some applications will improve with an SD-WAN when compared with MPLS, but not for all applications. SD-WANs are not WAN optimization, which applies a variety of compression, caching and protocol optimization, as well as link correction techniques to improve application efficiency, reduce latency, and minimize loss. SD-WANs are about controlling the overall network; WAN optimization improves one path across the network. SD-WANs may include WAN optimization techniques, but that’s the exception -- not the rule.

All SD-WANs can help improve application performance in three ways:


  • Applications requiring a lot of throughput (think: data replication or backup) will benefit from SD-WAN’s ability to leverage high-bandwidth Internet links.
  • Cloud and Internet application performance will improve by being able to access the Internet directly (direct Internet access, DIA) from a branch office, assuming secured Internet connection is provided. By contrast with MPLS, Internet traffic is commonly backhauled to a secured Internet portal. This can introduce significantly more latency into the connection through the so-called trombone effect.
  • Voice, video and other latency sensitive applications, in particular, benefit from the SD-WAN’s ability to select the path with the least latency.  Normally, Internet routing is application agnostic, routing traffic based on a combination of the number of hops and peering economics. By contrast, SD-WANs monitor the characteristics of the underlying transports and use that information, along with policies describing business logic, to select the optimum path to a destination.

 

Networking will not become easy

SD-WANs go a long way to making wide area networking more plug-and-play, but I don’t think anyone who’s deployed an SD-WAN will say it’s easy. Zero-touch deployment does make deployment far more rapid than configuring dozens of individual routers, but someone still needs to understand routing, policy configuration, network performance and more. Some vendors give you GUIs for those deployments, in which case large scale deployments may be tedious. Other vendors rely on CLI, in which case you’ll certainly want to retain the expertise of a networking engineer. Adding a multi-tunnel environment that’s used in overlay makes troubleshooting more challenging. Now you need to worry, not just about L3 and routing issues, but the SD-WAN, as well.

 

Security problems will not be solved

SD-WANs do not provide advanced security. They encrypt traffic, like any other VPN, which protects against wiretapping and man-in-the-middle attacks, but they provide none of the advanced security services needed to defend against malware penetration, advanced persistent threats and more. This is particularly important because SD-WANs rely on DIA to improve cloud and Internet performance. But direct internet access is only possible if those Internet connections can be secured against Internet-borne threats. You’ll still need to invest in IPS, malware protection, next generation firewall (NGFW) and other advanced security services, increasing the cost of an SD-WAN deployment.


As with any new technology, there are more than a few misconceptions around the value of SD-WANs. But there’s also real value to the technology around operational savings, end-to-end performance, and more. Understanding those benefits will help you get the most from you SD-WAN.

0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
0 Comments

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Join & Write a Comment

In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month