As compared to traditional WAN architectures, SD-WAN or Software-defined Wide Area Network provides enterprise with significant cost reduction without having to compromise on security and quality. SD-WAN is Virtual WAN Architecture. It employs a centralized control function via software for optimal traffic management across multiple underlying networks.
Since cost reduction is a factor for any business, some providers push for using SD-WAN overlaid on cheaper ISPs and broadband networks. On the other hand, you have vendors that discourage the mutual exclusivity of SD-Wan and MPLS. They recommend using SD-WAN overlaid on MPLS circuits.
What is the best option for you? Should you stick to SD-WAN over the Internet or spend extra for an MPLS circuit and use SD-WAN on it? Let’s discuss both these deployment models with their inherent pros and cons.
Using SD-Wan over the internet means that all your data traffic will be handled over broadband internet. There is no alternate network or VPN available in such a setup, but the SD-WAN overlay provides quite a few advantages, including:
Broadband internet is considerably cheaper as compared to MPLS and is also available globally. No specialized circuits need to be installed for your organisation. The cost savings in using the internet are compelling for enterprises, making them overlook latency issues.
With an SD-WAN on a single internet, the architecture is considerably simpler. This translates into lower maintenance efforts and costs. It allows for quickly scaling up. This can be a benefit to enterprises in terms of ongoing cost reductions
Zero-touch provisioning is another advantage of SD-WAN over the internet. In traditional WAN router deployment, each router needs to be individually configured by a network engineer through CLI (Command Line Interface) —a task that is time-consuming and error prone. When deploying over the Internet, the central controller executes an automated workflow. There is no requirement for the engineer to travel to the site or use a CLI. Any SD-WAN appliance can be plugged into the network with little or no IT skills. Once the device is powered on, it will join the network and establish a connection with the central controller. This controller will automatically configure the device and bring it online by itself.
In SD-WAN on the internet, maintenance of the network can be done through business-aligned policies defined by a network engineer. Traveling to the site is minimized in case of an SD-WAN deployment. The defined operational rules are automatically downloaded to every device under SD-WAN whenever a new policy is created, or existing policy is modified.
Since the management of SD-WAN over the internet is centralized and policy-based, the network engineer can vary the amount of traffic on the broadband links at any time. Adding or decreasing traffic does not require any reconfiguration of gateways and routers.
One of the major concerns with SD-WAN on a single internet is that it is ultimately dependent on a public network or internet for WAN connectivity. Usually network traffic follows a different path across the internet for every transmission, even for the same source and destination.
This increases the probability of high latency and network bottlenecks due to bandwidth constraints and peak-hour congestion. Risks increase further when bandwidth is not guaranteed by the ISP.
As the performance of the internet can be unpredictable, risk increases when sending mission-critical and SLA-bound traffic. Delays in receiving this data can significantly impact business functions and have a direct impact on bottom line. Lack of network segmentation in a single-internet deployment can be a major risk factor for enterprises where critical data is involved.
Some enterprises use redundant services and connections at every breakout point to decrease the risk of bandwidth bottlenecks. They also invest more on underlying ISP infrastructure.
SD-WAN is branded as an ‘internet-only’ service by several vendors. This is however, not 100% correct. SD-WAN and MPLS are not mutually exclusive solutions. You can have an SD-WAN on a single MPLS circuit, which can also help in managing above problems. Let’s look at MPLS circuits and how they can help with SD-WAN deployment.
MPLS or Multiprotocol Label Switching is a technique that speeds up and directs the flow of traffic in service provider at a lower network layer as compared to SD WAN. It is important to note that MPLS is also overlaid on the internet, but it allows for the separation of traffic and creation of VPNs (Virtual Private Networks), virtual leased lines, and private LAN services. Using SD-WAN with MPLS gives you two-layers of network traffic protection and management as compared to single-layer SD-WAN over Internet solution.
The security benefit of SD-WAN is gradually replacing MPLS technology. One of the biggest benefits that come with SD-Wan on the MPLS circuit is that it provides a private connection. This is useful for data where a high-security level between the source and destination is required. The data must go through a very robust security stack as it enters the enterprise.
While the traditional MPLS network was safe but did not have encryption, data is encrypted in the case of SD-Wan over an MPLS circuit. This allows enterprises to get the best of both solutions.
MPLS gives predictable latency and fixed bandwidth. This makes SD-WAN over MPLS the ideal choice in cases where you want to use real-time applications with low latency tolerance like voice and video. It is also the preferred choice for mission-critical data.
Data can be pre-programmed as per the class of service and priority. Further, organizations can choose to allocate a specific percentage of the available bandwidth to different types of data.
Both voice and data applications can be run on a single MPLS network. There is no constraint on the transport medium or protocols in MPLS.
SD-Wan on MPLS gives best of both worlds, but certain adoption barriers remain. These include:
While the cost of set up is high, it is also important to note that MPLS services are not available everywhere. Even after the expense, you may still find remote branch locations unable to access the MPLS advantage.
In MPLS, the management of gateways and routers individually can be error-prone and inefficient, and setup of new equipment may require traveling on-site. You will still require trained engineers to manage the underlying MPLS networks, despite spending on ease of SD-WAN configurability.
Enterprises often ask as to what is better between deploying SD-Wan on MPLS or over the internet. There is no one-size-fits-all approach here.
It is important to remember that you do not need to make an either-or decision. A hybrid approach is the 3rd choice here if your enterprise requires the best of both.
Many large enterprises today are going with a hybrid approach. A ‘Hybrid Networking’ model layers SD-WAN over the top of underlying MPLS and low-cost broadband both. This allows businesses to carve out their own bespoke networking solution that meet their unique requirements. Hybrid solutions provide exceptional performance, security and up-times. Organisations can have the predictable, low-packet loss, private, and reliable backbone provided by MPLS, whilst simultaneously benefiting from the advantages of aggregate bandwidth and reduced operational costs of Broadband.
We have over 180 carriers and service providers to help you deploy and manage an SD-WAN network while delivering great service to your internal team and valuable customers. For immediate service, or to schedule an initial consultation, please contact us.