MPLS, VPN Internet Access, Cloud Networking or SD-WAN? Choose Wisely

April 4, 2018

When it comes to the enterprise network, decisions need to be made with cost, performance, security, and future plans in mind.  Enterprise networking is moving from traditional hub-and-spoke WAN architectures to infrastructure that must support the migration of critical applications to the cloud.  And yet, according to Gartner analyst Joe Skorupa, “When businesses decide to move to the cloud, the network tends to be an afterthought.”

Many businesses today are expanding globally, relying on data and applications in the cloud, and are driven by an increasingly mobile workforce.  Rather than leave networking to be an afterthought, shrewd IT leaders reconsider the available options on an ongoing basis to ensure their enterprise networks are optimized to keep their business ahead of the competition.

For your business to stay ahead of the pack, you should be looking to improve network and security infrastructure to have the flexibility and strength to handle not just today’s bandwidth demands, but tomorrow’s demands as well. So what are the options in dealing with your ever-changing enterprise network requirements?

MPLS: Reliable, But Comes with a Price

The popularity of MPLS deployments in corporate WAN infrastructures comes from its predictability.  Service providers can use MPLS to improve quality of service (QoS) by defining network paths that meet pre-set service level agreements (SLAs) on traffic latency, jitter, packet loss, and downtime.

However, MPLS traffic from the service provider to the on-premises routers is notoriously expensive.  And provisioning with the provider can take 3-6 months. As adoption of cloud services and Software-as-a-Service (SaaS) delivery models grow, traditional MPLS network architectures become less effective. Cloud and SaaS traffic must be first brought from the branch to a secured Internet access point at central location. As such, traditional MPLS architecture find it difficult to offer low latency/high performance access to cloud and SaaS applications and services.

Internet VPNs: Cheaper, But Flawed

For the past decade, Internet VPNs have been a staple of many global enterprise WANs. This solution is often used out of necessity with cost pressure forcing enterprises to just deal with Internet performance limitations.  Although it provides a lower-cost solution compared to MPLS, with Internet VPNs there is no SLA regarding performance, and performance guarantee during peak hours.

Internet VPNs also require physical appliances, such as routers and firewalls, to be installed and maintained at each location in the enterprise network.  Appliance sprawl is a common issue and appliance refreshes impact the cost savings of the solution.

SD-WAN: The New Contemporary

Software-defined WAN (SD-WAN) is a new approach to network connectivity that lowers operational costs and optimizes resource usage for multi-site deployments. This allows bandwidth to be used more efficiently and ensure the highest possible level of performance for critical applications without sacrificing security or data privacy. According to the Gartner report, Market Guide for WAN Edge Infrastructure published in March 2017, SD-WAN and vCPE are key technologies to help enterprises transform their networks from fragile to agile.

One of the primary characteristics of an SD-WAN is its ability to manage multiple connections. The technology dynamically routes traffic over the best available transport, regardless if that’s MPLS, cable, xDSL, or 4G/LTE.  As such, SD-WAN can connect offices to multiple active transports at one time. This intrinsically allows for improved redundancy and more capacity.

SD‐WAN can eliminate the backhaul penalties of traditional MPLS networks and leverage the Internet to provide high‐performance connections from the branch to cloud. With SD‐WAN, remote users can see significant improvements in their experience when using cloud or SaaS‐based applications.

Another significant benefit of an SD WAN network is cost. Gartner analyst Andrew Lerner, who tracks the SD-WAN market closely, estimates that an SD-WAN can be up to two and a half times less expensive than a traditional WAN architecture.

A standard SD-WAN does have its challenges.  SD-WAN directs WAN traffic across encrypted Internet tunnels. This provides the most basic security needed to send traffic over a public network. However, accessing websites and cloud applications directly from a remote office requires separate firewall services.  Companies have to extend their security architecture to support SD-WAN projects using edge firewalls, cloud-based security services or backhauling, which, of course, increases complexity and costs.

Since SD-WAN uses the public Internet where latency is unpredictable, enterprises will need to maintain some MPLS capacity if they need to support latency-sensitive applications such as voice and video.

Cato: Global Cloud Network + SD-WAN

To address the challenges that a basic SD-WAN presents, Cato Networks is building the new Software-defined WAN, in the cloud, protected by a tightly integrated set of security services. The Cato Cloud connects all business resources including data centers, branches, mobile users and cloud infrastructure into a simple, secure and unified global network. No more costly connectivity services, complex point solution deployments, capacity constraints, maintenance overhead, or restricted visibility and control.

Cato Networks’ focus has been SD-WAN from the start.  But what really sets Cato apart from other SD-WAN offerings is the global backbone the company has developed. This backbone is built across 40 global Points of Presence (PoPs) and uses connections from multiple carriers.  An enterprise-grade network security stack built into the backbone extends security everywhere without the need to deploy additional security products.  This eliminates the need for a stack of security devices at each branch location, and provides a more unified management and policy domain.

Essentially, Cato provides all the benefits of SD-WAN and removes the challenges, thus making SD-WAN an elegantly simple solution that eliminates costs, streamlines operations, in a secure high performance enterprise network.

It’s time to choose, and SD-WAN using Cato Global Cloud Networks is a wise choice. Learn more about SD-WAN and related topics at https://www.catonetworks.com/blog/

Related posts:

Cloud MPLS – The business case for SD-WAN

Cloud Network Automation

Dave Greenfield

Dave Greenfield

Dave Greenfield is a veteran of IT industry. He’s spent more than 20 years as an award-winning journalist and independent technology consultant. Today, he serves as a secure networking evangelist for Cato Networks.