August 10, 2023 5m read

Don’t Renew Your SD-WAN Contract Before Reading This Article

Demetris Booth
Demetris Booth

Table of Contents

Wondering where to begin your SASE journey?

We've got you covered!
Listen to post:
Getting your Trinity Audio player ready...

If your enterprise SD-WAN contract is due for renewal but your existing SD-WAN solution doesn’t align with your functional or business objectives, you have other options. In this blog post, we review four potential paths to replace or enhance your SD-WAN infrastructure. Then, we list which considerations you should take when deciding on your next steps.

This blog post is based on a webinar held with Roy Chua, principal analyst at AvidThink and a 20-year veteran of the cybersecurity and networking industry, which you can watch here.

What is Triggering SD-WAN Evaluation?

For many enterprises, the decision to re-examine their SD-WAN network and ultimately migrate to a different solution is triggered by their evolving business and technical needs. While SD-WAN still serves the enterprise, there are additional use cases it does not answer:

  • Global connectivity 
  • Improving cloud connectivity
  • Scaling remote access 
  • Zero Trust Network Access
  • Architecture simplification
  • Mobile networking
  • Connecting Supply-chain partners
  • TAdvanced security
  • Supporting M&A 

Take Into Account The Growing Importance of the Cloud

When choosing your path forward, it’s important to remember there have been changes since your last SD-WAN deployment. In recent years, Cloud has risen in importance and become a cornerstone of the organizational networking and security strategy.

Many organizations have adopted cloud as their deployment of choice, moving their enterprise applications to cloud and utilizing cloud storage. This is due to the operational benefits of moving to the cloud, namely offloading the maintenance of the security and networking stacks to vendors who provide it as a service.

Moving to cloud also leverages economies of scale: a single vendor can amortize the cost of R&D over many clients.

4 Technology Paths Forward

Now that we’ve mapped out what brought us here and the considerations we need to take, let’s discuss the four main possible transformation paths forward.

1. Replace your SD-WAN vendor

2. Keep your existing SD-WAN and add on SSE

3. Switch your SD-WAN vendor and add on SSE

4. Switch to SASE (including SD-WAN)

Don’t Renew Your SD-WAN Contract Before Watching This Webinar | Watch the Webinar

Path #1: Replace Your SD-WAN Vendor

If you want to enhance your existing SD-WAN with more features, transition from self-management to an MSP, or adopt a new managed services model, it may be beneficial to find a new SD-WAN vendor. Look for a solution that offers a network of private global PoPs to ensure scalable and reliable global connectivity. A global private backbone with controlled, optimized routing can provide high availability, self-healing capabilities, and automated failover routing without the need for infrastructure or capacity planning.

Upgrading your SD-WAN network is also a good idea when there is no need to address security. This may be when your existing security stack answers all your needs or when security decisions in your company are made by other stakeholders. Just make sure to be conscious of potential security gaps. In addition, when choosing a new vendor, make sure you’re not simply trading one pain point for another.

Path #2: Keep Your Existing SD-WAN and Add on SSE 

If you’re satisfied with your SD-WAN vendor or you don’t have the budget to upgrade, and you also need to improve security posture and simplify your security architecture, the right solution for you may be to add an SSE (Security Service Edge) solution. SSE complements SD-WAN by providing converged, cloud-native security. SSE converges SWG, CASB, DLP, ZTNA, FWaaS, and IPS. SSE is also easier to manage than point security solutions and enables greater operational savings.

Make sure you have a plan in place for managing two distinct vendors. Also make sure the two integrate well to ensure security is delivered continuously and consistently throughout your entire network.

Path #3: Replace Your SD-WAN Vendor and Add SSE

If you have already signed with a new SD-WAN vendor or have specific requirements only a certain SD-WAN vendor can provide, you can still add SSE features the SD-WAN vendor doesn’t have. This will help you deliver security capabilities and protect against cyber attacks across your organization.

However, be aware you’ve taken on a challenging task: onboarding a new SD-WAN vendor and an SSE vendor at the same time. This creates significant overhead and operational difficulties. 

Path #4: Switch to SASE in One Go

The fourth option you have is to transition directly to SASE (Secure Access Services Edge). SASE provides a converged networking and security platform in a cloud-native architecture with a unified networking-security policy. This is the ideal path when your organization can make a joint networking and security decision. With SASE, organizations can benefit by eliminating the cost and complexity of managing fragmented legacy point solutions while providing secure, high performing connectivity to all users and for all resources.

Upgrading your network and security can be hard. So make sure you choose a SASE vendor that has a converged solution for both aspects, rather than loosely-integrated point solutions.

How to Decide On Your Next Steps

You have four possible paths ahead. How can you determine which one is right for you? Here is a framework to help you decide:

1. Understand your short and long-term needs – Know your short and mid-term networking and security requirements and understand your resource and budget limitations.

2. Eliminate weakest fits – Review the four options again. Eliminate the architectural solutions that aren’t a good fit. Determine which route is the best fit for you.

3. Talk to trusted partners – Leverage your professional network to obtain recommendations, reviews and new points of view for evaluating your choices. Then, re-evaluate the sub-set of vendors to ensure they fit your options and needs.

4. Make an informed decision Decide when and how the next major infrastructure upgrade will take place.

Whichever solution you choose, make sure you take into account future needs, so you’re always ready for whatever is next.

Watch the entire webinar here.

Related Topics

Wondering where to begin your SASE journey?

We've got you covered!
Demetris Booth

Demetris Booth

As the Product Marketing Director for Cato Networks in Asia Pacific, Demetris leads the strategic engagements around Cato’s Cloud-Native approach to Secure Access Service Edge (SASE). He is a strong advocate and champion of network and security convergence, promoting SASE as the pathway to better business and technical outcomes. Prior to Cato, Demetris held various leadership roles with Sophos, Cisco, Juniper Networks and Citrix Systems. As a 20+ year technology industry veteran, he brings a diverse, global perspective, having lived and worked in North America, Europe, and Asia.

Read More