The widespread adoption of Software-Defined Wide-Area-Network (SD-WAN) in recent years has caused many to wonder whether WAN optimization is still necessary.
The technologies are similar. Both improve the underlying network but they do so in different ways: WAN optimization improves the throughput of a specific link; SD-WAN improves the agility and manageability of the full network.
By understanding the strengths and limitations of these two technologies you can best understand how they should be deployed and where secure access service edge (SASE) fits into the picture. Let’s take a closer look.
Understanding WAN Optimization
Definition of WAN Optimization
WAN optimization — also referred to as WAN acceleration — refers to a collection of technologies designed to improve the throughput of a wide area network (WAN) connection. More specifically, the rise of WAN optimization began around 2004 and addressed the limitations of the limited capacity of costly MPLS and leased line connections.
The Pros of WAN Optimization
WAN optimization addresses MPLS limitations by tackling the three primary networking issues impacting the user experience when accessing data from across the WAN: bandwidth, latency, and packet loss.
- Bandwidth: Bandwidth limitations are addressed by minimizing the amount of data passed across the network. Typically this is done through compression and deduplication algorithms. To ensure applications don’t “hog” the capacity of a connection, WAN optimization appliances will also prioritize application traffic. This way applications that need immediate access to the wire, such as voice calls, for example, are guaranteed access even during heavy usage.
- Latency: As the distance between end-users and their data grows, bandwidth gives way to latency and packet loss as the primary determinants of session capacity. Network delay, or latency, defines how long packets take to travel from one designated point to another. Latency is often measured to the destination and back what’s called the “round trip time” (RTT). Caching techniques and protocol-specific optimizations minimize latency by reducing the number of application-layer exchanges that are necessary across the network.
- Packet Loss: Packet loss occurs when network congestion or problems in the physical infrastructure cause packets to be lost during transmission. It’s expressed as a percentage of packets. As a rule of thumb, Internet connections frequently experience 1 percent packet loss. Packet loss will be addressed by some WAN optimization appliances using forward error correction (FEC) that allows receiving stations to automatically regenerate lost packets without requiring transmission.
The Cons of WAN Optimization
While WAN optimization can improve the throughput of a single connection, it doesn’t address the agility and management requirements of today’s enterprises. Furthermore, there are specific limitations to the WAN optimization technology itself: particularly as they relate to today’s enterprise challenges:
- Performance degradation for dynamic or real-time applications: Real-time applications, such as voice and video conferencing, are not helped by WAN optimization. These applications require low latency and real-time data transmission, and the additional processing introduced by WAN optimization techniques can potentially introduce delays and affect performance.
- Limited effectiveness for certain applications: Data compression and data deduplication work well with files with a lot of repeatable data, such as imaging files. But compressed files or files without repeating data patterns will not benefit substantially from the compression or deduplication of WAN optimization.
- The encryption problem: Most enterprise traffic today is encrypted and data compression and deduplication are ineffective on encrypted traffic. Encrypted data cannot be compressed or deduplicated as it is already scrambled for security reasons.
- Limited effectiveness for certain network conditions: While WAN optimization can significantly improve network performance under normal or congested conditions, its benefits may diminish in cases where the network conditions are extremely poor, such as high packet loss or severe network congestion. In such scenarios, WAN optimization may not be able to overcome the inherent limitations of the network itself.
- High cost: Implementing and maintaining WAN optimization solutions is expensive, requiring specialized hardware at each site. Appliances need to be scaled as traffic levels grow. Additionally, organizations may need to invest in ongoing support and maintenance for the WAN optimization appliances.
- Deployment complexity: WAN optimization can be complex to deploy, involving the configuration and management of multiple devices across different locations. This complexity can require expertise and careful planning during the deployment process.
When to Use WAN Optimization
WAN optimization is a technology designed to improve the throughput and stability of an individual path on a WAN. It’s especially important when networks suffer from high latency, such as global connections. When the main challenge is a high-latency, bandwidth-limited connection carrying highly compressible traffic, WAN optimization may be the right solution.
Definition of SD-WAN
Originally coined in 2014 by Gartner, SD-WAN is a virtual WAN architecture that abstracts the applications and services from the underlying network infrastructure by creating a secure overlay between the SD-WAN devices situated at each location. The overlay is application-aware and handles all traffic steering and path selection, enabling the SD-WAN to select the optimum path for each application.
Advantages of SD-WAN
Whereas WAN optimization focuses on the performance of an individual connection, SD-WAN improves traffic management and agility of the overall network. More specifically, SD-WAN addresses key issues impairing MPLS networks:
- Reduced Costs: SD-WAN provides high throughput and reliable connections across affordable Internet lines, eliminating the costs of multi-protocol label switching (MPLS) circuits. This reduces the expense of a corporate WAN that still meets the needs of the business and its applications.
- Enhanced WAN Performance: SD-WAN improves WAN performance by aggregating connections for more throughput and by identifying the optimum path for each packet across the WAN. SD-WAN eliminates the “trombone effect” where traffic is backhauled through the corporate data center for security inspection.
- Improved WAN Agility: SD-WAN separates the network from the underlying transport, letting IT select the last-mile connection — xDSL, fiber, and 3G/4G. This provides a more agile WAN than MPLS, which requires the provisioning of dedicated circuits for new offices.
- Simplified WAN Management: SD-WAN can be implemented as a network of centrally-managed, identical solutions. This makes it easier to manage than other solutions for creating a corporate WAN, such as MPLS or VPNs.
- Increased WAN Availability: SD-WAN is capable of distributing traffic across multiple last-mile connections. This provides a high level of resiliency and availability since the solution can failover if a preferred line is unavailable.
Disadvantages of SD-WAN
However, SD-WAN suffers from several disadvantages when it comes to addressing the needs of today’s enterprises:
- Lack of Security: SD-WANs do not provide the advanced security needed to protect enterprises from today’s cyber attacks. There’s no antimalware or IPS built into SD-WAN. As such, SD-WAN devices require the deployment of firewalls and other security tools in addition to SD-WAN appliances.
- Poor Global Performance: SD-WAN alone runs across the public Internet, which means it’s subject to the unpredictability of Internet routing. As such, SD-WAN cannot provide the predictability enterprise expect from their corporate networks.
- Remote Access Not Included: SD-WAN was devised as an MPLS replacement to better connect branch offices. It was never extended to address the problem of hybrid and remote work. For the remote or mobile user, additional remote access software is required, increasing management complexity as IT is forced to secure, maintain, and manage a whole other infrastructure.
- Poorly Suited for the Cloud: SD-WAN doesn’t naturally extend to cloud applications and cloud data centers.
When to Use SD-WAN
SD-WAN is a technology aimed at improving the agility and manageability of the entire WAN. As such, use SD-WAN when looking to address the limitations of legacy MPLS networks. Just be aware of its limitations: lack of advanced security, poor global performance, lack of remote access, and cloud limitations. Whichever SD-WAN provider you choose should articulate a simple migration path for addressing those challenges.
Comparison between WAN Optimization and SD-WAN
Both solutions are designed to improve the performance of the corporate WAN, yet they do so in different ways.
WAN optimization improves network performance within the existing network medium and infrastructure. For example, it might take steps to optimize how data is transferred over the network and reduce the volume of data being transferred via caching and similar solutions.
SD-WAN, on the other hand, redefines the network infrastructure. It creates a virtual overlay over one or more existing transport media and optimally and securely routes traffic between SD-WAN appliances.
In essence, SD-WAN improves network performance and resiliency by making use of all available transport media and restructuring the network. WAN optimization works within the existing architecture to make it perform as well as possible.
SD-WAN and WAN Optimization Working Together
To take advantage of the benefits of both SD-WAN and WAN optimization, look for single-vendor SASE solutions such as Cato Networks Secure, Global SD-WAN as a Service. SASE solutions contain elements of WAN optimization and SD-WAN while addressing the limitations of both.
Cato SASE Cloud is the world’s leading single-vendor SASE platform, converging Cato SD-WAN and a cloud-native security service edge, Cato SSE 360, into a global cloud-native service. Cato optimizes and secures application access for all users and locations – everywhere.