December 18, 2023 5m read

How to Build the Perfect Network Without SLAs

Dave Greenfield
Dave Greenfield

Table of Contents

Wondering where to begin your SASE journey?

We've got you covered!
Listen to post:
Getting your Trinity Audio player ready...

If you are used to managed MPLS services, transitioning to Internet last-mile access as part of SD-WAN or SASE might cause some concern. How can enterprises ensure they are getting a reliable network if they are not promised end-to-end SLAs? The answer: by dividing the enterprise backbone into the two last miles connected by a middle mile and then applying appropriate redundancy and failover systems and technologies in each section. In this blog post we explain how SD-WAN and SASE ensure higher reliability and network availability than legacy MPLS and why SLAs are actually overrated.

This blog post is based on the ebook “The Future of the SLA: How to Build the Perfect Network Without MPLS”, which you can read here.

The Challenge with SLAs

While SLAs might create a sense of accountability, in reality enforcing penalties for missing an SLA has always been problematic. Exclusions limit the scope of any SLAs penalty. Even if the SLA penalties are gathered, they never completely compensate the enterprise for the financial and business damage resulting from downtime.

And the last-mile infrastructure requirements for end-to-end SLAs often limited them to only the most important locations. Affordable last-mile redundancy, running active/active last-mile connections with automatic failover, wasn’t feasible for mid to small-sized locations. Until now.

SD-WAN/SASE: The Solution to the Performance Problem

SD-WANs disrupt the legacy approach for designing inherently reliable last-mile networks. By separating the underlay (Internet or MPLS) from the overlay (traffic engineering and routing intelligence), enterprises can enjoy better performance at reduced costs, to any location.

  • Reduced Packet Loss – SD-WAN or SASE use packet loss compensation technologies to strengthen loss-sensitive applications. They also automatically choose the optimum path to minimize packet loss. In addition, Cato’s SASE enables faster packet recovery through its management of connectivity through a private network of global PoPs.
  • Improved Uptime – SD-WAN or SASE run active/active connections with automatic failover/failback improves last-mile, as well as diverse routing, to exceed even the up-time targets guaranteed by MPLS.
The Future of the SLA: How to Build the Perfect Network Without MPLS | Get the eBook

Reducing Latency in the Middle Mile

But while the last mile might be more resilient with SD-WAN and SASE, what about the middle mile? With most approaches the middle-mile includes the public Internet. The global public Internet is erratic, resulting in high latency and inconsistency. This is especially challenging for applications that offer voice, video or other real-time or mission-critical services.

To ensure mission-critical or loss-sensitive applications perform as expected, a different solution is required: a private middle mile. When done right, performance can exceed MPLS performance without the cost or complexity.

There are two main middle mile cloud alternatives:

1. Global Private Backbones

These are private cloud backbones offered by AWS and Azure for connecting third-party SD-WAN devices. However, this option requires complex provisioning and could result in some SD-WAN features being unavailable, limited bandwidth, routing limits, limited geographical reach and security complexities.

In addition, availability is also questionable. Uptime SLAs offered by cloud providers run 99.95% or ~264 minutes of downtime per year. Traditional telco service availability typically runs at four nines, 99.99% uptime for ~52 minutes of downtime per year.

2. The Cato Global Private Backbone

Cato’s edge SD-WAN devices automatically connect to the nearest Cato PoP into the Cato Global Private Backbone. The Cato backbone is a geographically distributed, SLA-backed network of 80+ PoPs, interconnected by multiple tier-1 carriers that commit to SLAs around long-haul latency, jitter and packet loss. Cato backs its network with 99.999% uptime SLA (~5m of downtime per year).

With Cato’s global private backbone, there is no need for the operational headache of HA planning and ensuring redundancy.  As a fully distributed, self-healing service, Cato includes many tiers of redundancies across PoPs, nodes and servers.

Cato also optimizes the network by maximizing bandwidth, real-time path selection and packet loss correction, among other ways. Overall, Cato customers have seen 10x to 20x improved throughput when compared to MPLS or an all Internet connection, at a significantly lower cost than MPLS.

The Challenge with Telco Services

While a fully managed telco service might also seem like a convenient solution, it has its set of limitations:

  • Telco networks lack global coverage, requiring the establishment of third party relations  to connect locations outside their operating area.
  • Loss of control and visibility, since telco networks limit enterprises’ ability to change their WAN configuration themselves.
  • High costs, due to legacy and dedicated infrastructure and appliances.
  • Rigid service, due to reliance on the provider’s network and product expertise.

Do We Need SLAs?

Ensuring uptime can be achieved without SLAs. Technology can help.  Separating the underlay from the overlay and the last mile from the middle mile results in a reliable and optimized global network without the cost or lock-in of legacy MPLS services.

To learn more about how to break out of the chain of old WAN thinking and see how a global SASE platform can transform your network, read the entire ebook, here.

Related Topics

Wondering where to begin your SASE journey?

We've got you covered!
Dave Greenfield

Dave Greenfield

Dave Greenfield is a veteran of IT industry. He’s spent more than 20 years as an award-winning journalist and independent technology consultant. Today, he serves as a secure networking evangelist for Cato Networks.

Read More