Many new technologies promise increased performance, reduced downtime and lower operating costs. Most can deliver on only two of the three. However, we’ve seen Software Defined Wide Area Networking (SD-WAN) not only make this promise, but deliver on it as well.
SD-WAN goes beyond the capabilities of simple routers and firewalls. It adds a layer of intelligence to Wide Area Networks (WAN) while proactively monitoring WAN connections and making bandwidth and routing decisions, intelligently routing your data over the best link.
Traditional leased line services are seldom cost effective when compared to commodity internet services. The most common bandwidths offered with traditional leased lines include 1.5Mbps, 10Mbps and 20Mbps.
Commodity internet services are available on fiber optic cables at bandwidths exceeding 200Mbps. SD-WAN “bonds” the available bandwidth from multiple internet services to form a single larger bandwidth link. This means if you have two 100Mbs internet services, SD-WAN can “bond” these into one 200Mbps service for your site to site traffic.
Traditional leased line services are generally very reliable. However, it’s often not cost effective to purchase multiple leased lines to protect your business from a service interruption. When compared to an MPLS service, commodity internet services are very cost effective.
Multiple services can be purchased and linked together in a SD-WAN appliance to offer protection from a service interruption. We always recommend that these services be purchased from different providers and if possible use a different media, such as fiber, cable or fixed wireless to further reduce the risk of a service interruption.
SD-WAN allows you to replace expensive MPLS or other traditional leased line services with commodity internet services. Traditional leased line services come with long term contracts that seldom included technology upgrades.
On the other hand, commodity internet service agreements are short term, sometimes month to month. This allows you to easily upgrade to higher performance services as they become available. These are much more flexible to changing business needs.
SD-WAN vs. MPLS
Traditional MPLS services allow clients to setup private WANs with fixed bandwidth leased lines. The configurations are controlled by the provider and are static. SD-WAN configurations can be managed by the client and are as dynamic as the client requires. SD-WAN can prioritize VOIP traffic and route it over the optimum VPN tunnel.
SD-WAN Security Concerns
SD-WAN relies on IPSec VPN tunnels with encryption to protect your data as it flows over the internet. These tunnels are usually configured with large encryption keys to make decryption incredibly difficult. The VPN tunnels are also protected with a passphrase.
The passphrase should be a random combination of supported characters of over 48 digits. The passphrase is necessary to establish the VPN tunnels.
While you have multiple options when it comes to SD-WAN, we’ve seen excellent results with Cisco’s SD-WAN products Viptella and Meraki. The Viptella products are perfect for large enterprises that require granular configuration and reporting features.
The SD-WAN service from Meraki is targeted at small to medium businesses and is built into their MX series firewalls. Even thought It has fewer features than Viptella, it’s much easier to operate, making it ideal for smaller businesses.
ZAG can help you choose the correct SD-WAN solution for your company. We’re happy to assist you determine the TCO of your current MPLS solution and show you how using SD-WAN can increase performance, reduce downtime and lower operating costs.