SD-WAN redundancy vs MPLS redundancy

SD-WAN redundancy vs MPLS redundancy

According to a recent Uptime Institute report, network failures trail only power outages as a cause of downtime. The data also suggests that full “2N” redundancy is also an excellent way to mitigate the risk of downtime. This got me thinking about a reoccurring conversation about SDWAN redundancy I have with IT managers. In one form or another the question: “how can SD-WAN deliver the same reliability and redundancy as MPLS when it uses the public Internet?” comes up. My response? SD-WAN + public Internet alone can’t. You have to have a private backbone.

Cato’s cloud-native approach to SD-WAN not only matches MPLS reliability across the middle-mile, it offers better redundancy in the last-mile. Why? MPLS provides limited active-passive redundancy in the last-mile while Cato delivers active-active redundancy and intelligent last-mile management (ILLM).

Here, we’ll compare MPLS redundancy to SD WAN redundancy and explain why active-active redundancy and ILLM are so important.

Related content: Learn more about network redundancy

MPLS redundancy: a reliable middle-mile with limited last-mile options

MPLS has a well-deserved reputation for reliability in the middle-mile. MPLS providers have a robust infrastructure capable of delivering the reliability enterprises demand from their WAN. In fact, reliability is often used as justification for the high price of MPLS bandwidth.

However, practically, the cost of MPLS circuits makes delivering the same level of reliability in the last-mile challenging. For many enterprises, the cost of MPLS connectivity simply puts redundant circuits out of reach. And without redundant circuits, sites are susceptible to last-mile outages. Tales of construction crews cutting through wires and causing downtime are well-known.

Even with redundant circuits, sites remain susceptible to carrier outages, as evidenced by last year’s CenturyLink outage. The disruption was caused by a single faulty network card. Protection against those types of failures and failures in the last mile all but requires dual-homing connections across diversely routed paths to separate providers.

Cato SD-WAN redundancy: a robust global backbone and intelligent last mile management

Cato meets enterprise-grade uptime requirements without MPLS’s high costs. Across the middle mile, our global private backbone comes with a 99.999% uptime SLA. Every Cato PoP is interconnected by multiple tier-1 carrier networks. Cato’s proprietary software stack monitors the real-time performance of every carrier, selecting the optimum path for every packet. In this way, the Cato backbone can deliver better uptime than any one of the underlying carrier networks.

Across the last-miles, Cato Sockets automatically connect to the nearest PoPs. The Sockets are designed with Affordable HA for local, inexpensive redundancy and connect across any last-mile service provider. This allows enterprises to layer in inexpensive Internet connections for resiliency affordable enough for even small locations. As opposed to being tied down to select providers or technologies, enterprises can choose the carriers and transport methods (5G, xDSL, etc.) that provide them the best mix of cost, resilience, and redundancy.

Cato’s intelligent last mile management features also enable rapid detection of network brownouts and blackouts, ensuring rapid responses and failover. Further, as Cato controls the entire global network of PoPs and the customer has self-service management capabilities, troubleshooting and responding to issues with agility is never a problem.

Active-passive redundancy vs active-active redundancy in the last-mile

What truly sets Cato’s SD-WAN redundancy apart from traditional MPLS redundancy is Cato’s ability to provide built-in active-active redundancy.

MPLS doesn’t provide active-active redundancy per se. At best, you’d configure dual paths and add a load-balancer to distribute traffic loads. Practically, MPLS last-mile redundancy has been active-passive with failover between circuits is based on route or DNS convergence. This means failover takes too long to sustain active sessions for many services like VoIP, teleconferencing, and video streaming. The result? Some level of downtime.

With Cato Cloud, active-passive redundancy is an option, but active-active redundancy is also possible. This is because our cloud-native SD-WAN software enables load-balancing for active-active link usage. As a result, last-mile “failover” is seamless. Since both transport methods are in use, packets can immediately be routed over one or the other in the event of a failure. The end result is reduced downtime and optimized application performance.

Further, Cato’s approach to active-active redundancy is also able to account for IP address changes. Select applications and policies can stop functioning. Cato’s Network Address Translation functionality obtains IP addresses from a Cato PoP as opposed to an ISP. This means that failing over between ISPs in the last-mile won’t compromise network functionality.

Cato enables true SD-WAN redundancy in the last-mile

The Uptime Institute’s data demonstrated the importance of “2N” redundancy to uptime, and Cato’s active-active redundancy brings 2N to the WAN. By coupling active-active redundancy in the last-mile with an SLA-backed private backbone, Cato Cloud is able to deliver the uptime enterprises demand.

If you’d like to learn more about how Cato’s approach to SD-WAN can improve throughput by five times and optimize WAN connectivity for brick-and-mortar locations, the cloud, and mobile users download our free WAN Optimization and Cloud Connectivity eBook. If you have specific questions about Cato’s cloud-native SD-WAN, don’t hesitate to contact us today.


  • What is SD-WAN?

    Software-defined Wide Area Network (SD-WAN) devices sit in company locations and form an encrypted overlay between themselves across any underlying transport service including MPLS, LTE, and broadband Internet services.

  • What are the benefits of SD-WAN?

    Reduced Bandwidth Costs: MPLS bandwidth is expensive. On a “dollar per bit” basis, MPLS is significantly higher than public Internet bandwidth. Exactly how much more expensive will depend on a number of variables, not the least of which is location. However, the costs of MPLS aren’t just a result of significantly higher bandwidth charges. Provisioning an MPLS link often takes weeks or months, while a comparable SD-WAN deployment can often be completed in days. In business, time is money, and removing the WAN as a bottleneck can be a huge competitive advantage.
    Reliable Network Across the Unreliable Internet: The ability to connect locations with multiple data services running in active/active configurations. Sub-second network failover allows sessions to move to new transports in the event of downtime without disrupting the application.
    Secure Communications: Encrypted connectivity secures traffic in transit across any transport.
    Bandwidth on Demand: The capability to immediately scale bandwidth up or down, so you can ensure that critical applications receive the bandwidth they need when they need it.
    Immediate Site Activation: Bring up a new office in minutes, instead of weeks and months that it takes with MPLS. SD-WAN nodes configure themselves and can use 4G/LTE for instant deployment.

  • What are the key trends driving SD-WAN adoption?

    Enterprises built their networks using legacy carrier services, such a managed MPLS service. These services are expensive, require weeks to months to activate sits, and require waiting for the service provider to make even the simplest of changes.
    SD-WAN offers an escape from that bringing agility and cost efficiencies to IT networking. The SD-WAN connects locations with several Internet connections, aggregating them together with an encrypted overlay. Policies, application-aware routing, and dynamic link assessment in the overlay allow for the optimum use of the underlying Internet connections.
    Ultimately, SD-WAN delivers the right performance and uptime characteristics by taking advantage of the inexpensive public Internet with the security and availability needed by the enterprise.

  • What are the limitations of SD-WAN?

    Lack of a global backbone: SD-WAN appliances sit atop the underlying network infrastructure. This means the need for a performant and reliable network backbone is left unaddressed by SD-WAN appliances alone.
    Lack of advanced security features: SD-WAN appliances help address many modern networking use cases, but don’t help with security requirements. As a result, enterprises often need to manage a patchwork of security and networking appliances from different vendors (Like CASBs) to meet their needs. This in turn leads to increased network cost and complexity as each appliance must be sourced, provisioned, and managed by in-house IT or an MSP.
    No support for the mobile workforce: By design, SD-WAN appliances are built for site-to-site connectivity. Securely connecting mobile users is left unaddressed by SD-WAN appliances.