Listen to post:
If your enterprise SD-WAN contract is due for renewal but your existing SD-WAN solution doesn’t align with your functional or business objectives, you have other options. In this blog post, we review four potential paths to replace or enhance your SD-WAN infrastructure. Then, we list which considerations you should take when deciding on your next steps.
This blog post is based on a webinar held with Roy Chua, principal analyst at AvidThink and a 20-year veteran of the cybersecurity and networking industry, which you can watch here.
What is Triggering SD-WAN Evaluation?
For many enterprises, the decision to re-examine their SD-WAN network and ultimately migrate to a different solution is triggered by their evolving business and technical needs. While SD-WAN still serves the enterprise, there are additional use cases it does not answer:
- Global connectivity
- Improving cloud connectivity
- Scaling remote access
- Zero Trust Network Access
- Architecture simplification
- Mobile networking
- Connecting Supply-chain partners
- TAdvanced security
- Supporting M&A
Take Into Account The Growing Importance of the Cloud
When choosing your path forward, it’s important to remember there have been changes since your last SD-WAN deployment. In recent years, Cloud has risen in importance and become a cornerstone of the organizational networking and security strategy.
Many organizations have adopted cloud as their deployment of choice, moving their enterprise applications to cloud and utilizing cloud storage. This is due to the operational benefits of moving to the cloud, namely offloading the maintenance of the security and networking stacks to vendors who provide it as a service.
Moving to cloud also leverages economies of scale: a single vendor can amortize the cost of R&D over many clients.
4 Technology Paths Forward
Now that we’ve mapped out what brought us here and the considerations we need to take, let’s discuss the four main possible transformation paths forward.
1. Replace your SD-WAN vendor
2. Keep your existing SD-WAN and add on SSE
3. Switch your SD-WAN vendor and add on SSE
4. Switch to SASE (including SD-WAN)Don’t Renew Your SD-WAN Contract Before Watching This Webinar | Watch the Webinar
Path #1: Replace Your SD-WAN Vendor
If you want to enhance your existing SD-WAN with more features, transition from self-management to an MSP, or adopt a new managed services model, it may be beneficial to find a new SD-WAN vendor. Look for a solution that offers a network of private global PoPs to ensure scalable and reliable global connectivity. A global private backbone with controlled, optimized routing can provide high availability, self-healing capabilities, and automated failover routing without the need for infrastructure or capacity planning.
Upgrading your SD-WAN network is also a good idea when there is no need to address security. This may be when your existing security stack answers all your needs or when security decisions in your company are made by other stakeholders. Just make sure to be conscious of potential security gaps. In addition, when choosing a new vendor, make sure you’re not simply trading one pain point for another.
Path #2: Keep Your Existing SD-WAN and Add on SSE
If you’re satisfied with your SD-WAN vendor or you don’t have the budget to upgrade, and you also need to improve security posture and simplify your security architecture, the right solution for you may be to add an SSE (Security Service Edge) solution. SSE complements SD-WAN by providing converged, cloud-native security. SSE converges SWG, CASB, DLP, ZTNA, FWaaS, and IPS. SSE is also easier to manage than point security solutions and enables greater operational savings.
Make sure you have a plan in place for managing two distinct vendors. Also make sure the two integrate well to ensure security is delivered continuously and consistently throughout your entire network.
Path #3: Replace Your SD-WAN Vendor and Add SSE
If you have already signed with a new SD-WAN vendor or have specific requirements only a certain SD-WAN vendor can provide, you can still add SSE features the SD-WAN vendor doesn’t have. This will help you deliver security capabilities and protect against cyber attacks across your organization.
However, be aware you’ve taken on a challenging task: onboarding a new SD-WAN vendor and an SSE vendor at the same time. This creates significant overhead and operational difficulties.
Path #4: Switch to SASE in One Go
The fourth option you have is to transition directly to SASE (Secure Access Services Edge). SASE provides a converged networking and security platform in a cloud-native architecture with a unified networking-security policy. This is the ideal path when your organization can make a joint networking and security decision. With SASE, organizations can benefit by eliminating the cost and complexity of managing fragmented legacy point solutions while providing secure, high performing connectivity to all users and for all resources.
Upgrading your network and security can be hard. So make sure you choose a SASE vendor that has a converged solution for both aspects, rather than loosely-integrated point solutions.
How to Decide On Your Next Steps
You have four possible paths ahead. How can you determine which one is right for you? Here is a framework to help you decide:
1. Understand your short and long-term needs – Know your short and mid-term networking and security requirements and understand your resource and budget limitations.
2. Eliminate weakest fits – Review the four options again. Eliminate the architectural solutions that aren’t a good fit. Determine which route is the best fit for you.
3. Talk to trusted partners – Leverage your professional network to obtain recommendations, reviews and new points of view for evaluating your choices. Then, re-evaluate the sub-set of vendors to ensure they fit your options and needs.
4. Make an informed decision – Decide when and how the next major infrastructure upgrade will take place.
Whichever solution you choose, make sure you take into account future needs, so you’re always ready for whatever is next.
Watch the entire webinar here.