Is MPLS a must-have component in your enterprise network architecture?

Listen to post:
Getting your Trinity Audio player ready...

MPLS cost reduction is the target of the emerging SD-WAN market that is bustling with solutions looking to take the corporate wide area network to a whole new level. The core value proposition of SD-WAN is the use of a standard, low-cost Internet link to augment an expensive managed, low-latency and guaranteed capacity MPLS link. By offloading traffic from the MPLS link, costly capacity upgrades can be delayed. SD-WAN also promises to reduce the management complexity of this hybrid WAN, which naturally increases with the need to mix and match connection types, and dynamically allocate application traffic.


MPLS designed for the pre-Cloud era

MPLS links are often used within mid-to-large organizations to carry latency sensitive traffic such as VOIP, Video, and other critical enterprise applications. Carriers charge a premium, often a significant one, for MPLS links. Beyond SLA-backed availability, latency and capacity, MPLS provides a coordinated prioritization of application traffic from the customer premise to the carrier and to the ultimate destination. Yet, MPLS as a service offering and as protocol is limited in many ways:

  • MPLS requires an end to end physical control of the connection: to achieve its QoS objectives dedicated infrastructure  has to be deployed to all connected locations and coordinated through the carrier. This results in long provisioning cycles for new locations or existing locations that require capacity upgrades.
  • MPLS is a single carrier solution: connecting global branch locations across carriers to achieve end-to-end MPLS is a challenging task.
  • MPLS isn’t encrypted by default: MPLS relies on the carrier private network for security because the data doesn’t flow on the public Internet. Generally speaking, no 3rd party can be assumed to be 100% safe these days, so encryption should always be used for data in motion.
  • MPLS is designed to connect organizational locations to the carrier: and not to the Internet. In the 1990s and early 2000s this made sense, but not any longer. Backhauling all Internet traffic through the carrier MPLS makes little sense.

Is MPLS a required component of your WAN strategy? Obviously, many organizations don’t use MPLS in their WANs at all. A very common alternative architecture is to use firewalls to establish Internet-based VPN tunnels between enterprise locations. This typically works in scenarios where MPLS is not available or not affordable, or the vast majority of applications are not latency sensitive.

But if you are using MPLS today – can you switch? For many years, the answer had been “no”. However, we observe several key trends that are putting pressure on MPLS as a required connectivity solution.


Massive increase in Internet capacity and availability

Internet bandwidth availability and capacity have increased dramatically over the past decade as prices plummeted. This expansion occurred both at the last mile and the middle mile (long haul transit). Last mile Internet links can be packaged in an offering that has similar SLA-backed commitments like MPLS (i.e., symmetrical fiber connection) but don’t have the same architectural restrictions and benefits such as QoS. However, Internet links also offer a wider range of latency, availability and capacity options and price points. In many scenarios, “best effort” bandwidth availability of asymmetrical internet links can provide a compelling cost-effective option for WAN connectivity. In fact, it is the actual performance of these so-called “low quality” connections that is the basis of augmenting MPLS and moving away from using MPLS for all traffic. We are all experiencing them in our homes, where consumer-grade Internet successfully serves massive amounts of latency sensitive traffic from Skype Internet telephony to Netflix video streaming.


The emergence of the new global Internet backbones

A new type of carriers has emerged: the global Intelligent backbone providers. Starting from a clean slate, these providers built a global private network using a relatively small number of Point of Presence (PoPs). The PoPs are connected via redundant multiple tier-1 Internet providers to deliver SLA-backed long haul connectivity – at an affordable price. These backbones solve the need to stitch together MPLS carriers to provide global WAN connectivity across regions.


The Cloud-based, Software-Defined WAN

The use of agile and flexible Cloud-based software to optimize WAN connectivity end-to-end creates new opportunities to rebuild the WAN using flexible Internet-based connectivity.

Some of the new capabilities include:  

  • Last Mile link aggregation: Aggregating multiple inexpensive Internet links including ADSL, Cable and LTE connections to maximize bandwidth and availability.
  • Internet and WAN traffic optimization: Applying sophisticated algorithms to optimize traffic and reduce packet loss in both the last mile and the middle mile.
  • Efficient traffic routing across the middle mile: over a software-defined backbone that is not subject to the Internet routing. As we described in “This is Why the Internet is Broken” blog post, routing over the Internet has a limited sense of route quality (in terms of latency and packet loss) and is heavily influenced by commercial interests.  
  • Integrating Cloud and Mobility into the WAN: extending last-mile WAN connectivity to both Cloud resource and the mobile workforce, expands the value of the WAN beyond the narrow scope covered by MPLS.
  • Integrating security into the network fabric:  Internet access if forcing enterprises to extend security into the branch and eliminate backhaul. By integrating network security into the WAN, complexity and cost of the branch office footprint are reduced.



MPLS had faithfully served businesses for the past 15 years. It is a custom-built connectivity solution, that was optimized for a time of scarce capacity and fragile connectivity to address mission critical applications. The rapid expansion in capacity, availability, and quality of Internet-based connectivity, coupled with innovation in software, Cloud, and global routing is establishing the Internet as a viable alternative to MPLS.

If you want to learn more how Cato Networks can help unleash the potential of your legacy WAN, either MPLS-based or Internet-based, drop us a note.   

Related Articles