Multinational corporations operate from offices spread all over the world. The users in these offices rely on a large number of applications such as e-mail, Enterprise Resource Planning (ERP) software such as SAP, accounting software and collaboration software such as Slack and Microsoft Teams.
The traditional method of interconnecting these offices was through the use of a Wide Area Network or WAN, which used links leased from service providers and routers to route traffic between the branch offices and the central office.
The rise of cloud computing has led to the emergence of a novel network architecture known as Software-Defined WAN or SD-WAN. Compared to the traditional WAN model, SD-WANs are more cost-effective and offer several other advantages.
In this article, we will discuss the most important considerations related to SD-WAN migration.
Traditionally, all the corporate data was stored in a data center typically located at the corporate HQ. This meant that users at the branch offices needed to access the central data center. The traditional WAN provided an effective way of accessing this data.
With cloud computing, many of the applications that were traditionally hosted at the corporate HQ have moved to the cloud. Now, it does not make sense for all traffic to be routed to the HQ and then to the Internet, as doing so requires expensive leased bandwidth and slows down application performance.
In this era of cloud computing, SD-WANs provide a cost-effective and efficient way of routing traffic: SD-WANs use a combination of transport services, including broadband Internet and LTE, for providing application access. SD-WANs are application-aware and use software for providing the required level of quality of service (QoS) and security.
SD-WANs offer local data offloading: instead of being routed to the corporate HQ, traffic destined for the cloud is routed over broadband Internet links. This leads to lower latency and improves application performance.
SD-WANs separate the control plane from the data plane: low capacity links can be used for the control plane to connect branch office network devices to the SD-WAN controller(s) at the corporate HQ, and high capacity broadband links can carry data between branch offices. In the traditional WAN, all traffic would be routed through the corporate HQ which is a highly inefficient approach.
Managing an SD-WAN is also much easier: through zero-touch provisioning, a new policy can be implemented remotely through the SD-WAN controller. In contrast, each network device in a traditional WAN has to be accessed individually for the required configuration changes.
As with every new technology, there are some inevitable tradeoffs. Moving from the old WAN to the new SD-WAN is a complex and multi-phase exercise that involves time, effort and cost. Unless the migration is done with proper planning and execution, it will not yield the expected benefits.
The user experience definitely improves after migration to an SD-WAN. However, connecting to the Internet at the branch office also increases the security threat. Therefore security solutions should be considered to prevent any undesirable scenario: options include SD-WAN solutions that offer native security functions and SD-WAN solutions that enable service chaining with 3rd party security services.
The migration to an SD-WAN is a multi-phase process: during the migration there will be some sites that will be connected to the SD-WAN while others remain connected through the legacy WAN. Even then the question arises: should you migrate the whole network to an SD-WAN? The answer, as in most other cases, is that is depends…..
One argument that is used to counter the advantages of SD-WANs is the reduced level of security. A well-planned SD-WAN can actually offer a higher level of security than traditional WANs.
SD-WANs implement many features that may actually make them more secure compared to private networks. The use of end-to-end encryption on SD-WANs is one such security measure that is typically not available on private networks.
Traditional WANs apply the bulk of the security intelligence at the corporate HQ. SD-WANs offer a better alternative: the application of advanced security services at the edge sites.
The centralized management of SD-WANs gives improved visibility and control of the traffic, leading to an enhanced capability for network risk management.
There are two ways to adopt or migrate to a new network technology:
SD-WANs offer many benefits over the traditional WANs including centralized management, lower cost and improved application response. But rather than getting carried away with the hype, organizations need to develop a comprehensive big picture view of the migration process that covers all relevant aspects. This will enable the development of an effective migration strategy: only a properly executed strategy for migration to an SD-WAN will yield the expected benefits.