SD-WAN for SPs: Look Before You Leap

Over the past few years, business networks have been utterly transformed by digital innovation. BYOD was the first salvo. Onboarding personal devices into the corporate network forever blurred the line between personal and business lives. The cloud was next. Whether private, public, or hybrid, the cloud put critical applications and services – such as video teleconferencing, productivity tools, and data management resources – right at our fingertips. And now, SD-WAN is focused on connectivity and application performance, ensuring that the cloud applications we use in our core networks and personal devices are also available in our branch offices.

SD-WAN is a relatively new technology, so the fact that it has had such a significant impact is astonishing – especially when, as with most new technologies, many early SD-WAN solutions were not fully baked. Initial use cases were primarily focused on simply replacing rigid and costly MPLS and WAN routers combinations with more flexible and dynamic solutions that could easily connect to online applications. But many critical functions, such as security, performance, and scalability, were neglected.

And now, the early adopter market is rapidly moving to a managed services model, enabling businesses to enjoy the benefits of SD-WAN while shifting the responsibilities of deployment, management, and upgrading onto the shoulders of managed service providers.

The opportunity is massive. According to Gartner, managed SD-WAN services are expected to grow at an astounding 76% CAGR through 2023. But to make this transition work, service providers will have to sift through a nascent marketplace of solutions to find one best suited for their unique requirements. To help with the process, managed service providers will need to consider several critical factors as they look to implement an SD-WAN service model.

Essential SD-WAN Functionality – First, any SD-WAN solution needs to provide all of the essential networking functions, such as SLA-based application steering, dynamic failover, and application availability – even during blackout or brownout conditions, and forward error correction. However, while most vendors claim to provide these and similar functions, real-world implementations often show mixed results. These solutions should also support a wide range of transport protocols, including MPLS and LTE/5G.

Performance and Scalability – Next, an effective SD-WAN candidate needs to be able to scale out and up to ensure SLAs while minimizing capital expenses. The problem is many SD-WAN solutions built using standard, off-the-shelf components quickly run into performance and scalability issues. Look for solutions designed with purpose-built hardware for maximum performance and scale.

Accelerated Cloud On-Ramp – The internet was not designed for speed, and most traditional methods used for steering traffic through the public network, such as BGP, do not identify and reroute traffic to avoid congestion. What’s needed is a cloud on-ramp solution that links colocation sites to a cloud-based application accelerator such as Equinix for accelerated cloud connectivity. At the same time, it is important to focus on middle-mile optimization using sensors embedded in backbone networks by providers such as Teridion.

This seems straight-forward, but most SD-WAN solutions come in two parts: a box and a cloud-based controller, owned by the vendor, that directs its device’s SD-WAN traffic. This two-part technology introduces an additional hop on the way to an application on-ramp, adding unnecessary distance and delay. A much better strategy is to select an SD-WAN solution with a built-in controller to eliminate the need to haul application traffic through an extra connection.

Security – Another of the biggest challenges for SD-WAN is that traditionally static security solutions struggle to keep up in an environment where connections and traffic are in a state of constant flux. This is why the vast majority of SD-WAN vendors never really attempted to address the issue. Rather than trying to build their own security overlay, security vendors will find more success when using a Secure SD-WAN solution that already includes a full stack of security solutions fully integrated into its networking and connectivity functions. That way, rather than playing catch-up, security is automatically included in any dynamic changes to connections or configurations.

Multi-Tenancy and Open APIs – Any SD-WAN solution genuinely designed for service providers should deliver an intuitive interface, powered by open APIs, that allow quick integration with their customers’ environments and devices. APIs should also enable service providers to easily integrate the SD-WAN solution into things like their orchestration systems to enable dynamic topology changes and automated workflows. And APIs should also allow the SP to connect their solutions directly into the Secure SD-WAN device, allowing them to enhance and customize its services and functions.

Value-Added Services – A recent MEF (Metro Ethernet Forum) survey asked service providers what essential SD-WAN services they were looking to provide. 87% identified security as their top choice, followed by Network Analytics and Cloud Interconnect Services. A Secure SD-WAN solution that combines its functions with an open API program can enable the delivery of these critical overlay services, independent of any existing underlay transport modes, to deliver additional value to their customers.

As the SD-WAN market matures, more and more organizations will look to providers of managed services to provide a cost-effective, low touch/no touch solution. But to make this happen, MSPs will need to carefully sift through the marketplace of vendors to find a partner that can help them scale and grow their business, add value-added services, and limit overhead. This requires a solution designed for the greatest number of use cases, that provides the broadest range of solutions and services, and is committed to an open platform strategy.

And a vendor that can be relied on to still be in business long after other solutions have been acquired or commoditized. But those MSPs who manage to navigate this process successfully are likely to reap a significant reward for many years to come.

— John Maddison has more than 30 years of executive management experience in the cybersecurity and telecommunications industries. He joined Fortinet in 2012 to lead the Cloud/SaaS Security development teams and is now the Chief Marketing Officer and EVP of Products.

This content is sponsored by Fortinet.

Be the first to post a comment regarding this story.
Sign In