|
Listen to post:
Getting your Trinity Audio player ready...
|
SD-WAN networks provide multiple benefits to organizations, especially when compared to MPLS. SD-WAN improves cloud application performance, reduces WAN costs and increases business agility. However, SD-WAN also has some downsides, which modern organizations should take into consideration when choosing SD-WAN or planning its implementation.
This blog post lists the top considerations for enterprises that are evaluating and deploying SD-WAN. It is based on the e-book “The Dark Side of SD-WAN”.
Last Mile Considerations
SD-WAN provides organizations with flexibility and cost-efficiency compared to MPLS. For the last mile, SD-WAN users can choose their preferred service, be it MPLS or last-mile services like fiber, broadband, LTE/4G, or others.
When deciding which last-mile solution to choose, we recommend taking the following criterion into consideration:
- Costs
- Redundancy (to ensure availability)
- Reliability
Learn more about optimizing the last mile.
Middle Mile Considerations
MPLS provides predictability and stability throughout the middle mile. When designing the SD-WAN middle mile, organizations need to find a solution that provides the same capabilities.
Relying on the Internet is not recommended, since it is unpredictable. The routers are stateless and control plane intelligence is limited, which means routing decisions aren’t based on application requirements or current network levels. Instead, providers’ commercial preferences often take priority.
Learn more about reliable global connectivity.
Security Considerations
Distributed architectures require security solutions that can support multiple edges and datacenters. The four main options enterprises have today are:
- The SD-WAN Firewall
Pros:
– Built into the SD-WAN appliance
Cons:
– Do not inspect user traffic - Purchasing a Unified Threat Management Device
Pros:
– Inspects user traffic
Cons:
– Requires a device for each location, which is costly and complex - Cloud-based Security
Pros:
– Eliminated firewalls at every edge
Cons:
– Based on multiple devices – the datacenter firewall, the SD-WAN and the cloud security device. This is also costly and complex. - A Converged Solution
SASE (Secure Access Service Edge) – converges SD-WAN at the edge and security in the middle, with one single location for policy management and analytics.
Cloud Access Optimization Considerations
In a modern network, external datacenters and cloud applications need to be accessed by the organization’s users, branches and datacenters. Relying on the Internet is too risky in terms of performance and availability.
It is recommended to choose a solution that offers premium connectivity or to choose a cloud network that egresses traffic from edges as close as possible to the target cloud instance.
The Dark Side of SD-WAN | Read The eBook
Network Monitoring Considerations
When monitoring the network, enterprises need to be able to identify issues in a timely manner, open tickets with ISPs and work with them until the issue is resolved.
It is recommended to set up 24/7 support and monitoring to orchestrate this and prevent outages that could impact the business.
Considerations When Managing the SD-WAN
Transitioning to SD-WAN requires deciding how to manage relationships with all the last-mile ISPs, as well as the network itself. You can manage these internally or outsource to providers.
Ask yourself the following questions:
- Is it easier to manage multiple providers directly or through a single external aggregator?
- How much control do you need over deployment and integrations?
- What are your priorities for your internal talent’s time and resources?
Conclusion
Organizations today need to shift to support the growing use of cloud-based applications and mobile users. SD-WAN is considered a viable option by many. But is it enough? Use this blog post to evaluate if and how to implement SD-WAN. To get more details, read the complete e-book.
To learn more about SASE, let’s talk.
Eyal Webber Zvik
Eyal Webber-Zvik is Cato’s Vice President of Product Marketing. In his role, Eyal manages a global team of product marketing directors that are tasked driving the company's messaging, position, press and media relations, and more. Previously, Eyal ran Cato's product management organization, translating Cato's SASE vision into a global, successful cloud service. Throughout his years at Cato Networks, Eyal has been involved in dozens of SASE projects across various enterprises and markets. Eyal has more than 20 years of ICT experience in engineering, product management and product marketing.