As it stands now, most businesses are highly reliant upon WAN connectivity. This is due to the centralization of applications, services transitioning to the cloud, and an increased reliance on collaboration tools.
Businesses deploy MPLS to meet their requirements, but MPLS is costly and challenging to manage. Many administrators believe that MPLS is the only way to provide priority to critical applications using QoS to meet SLAs.
The problem with MPLS, however, is that it routes non-critical traffic over the same high-cost link as time-sensitive, critical traffic. Traditional networking uses destination-based routing. All traffic going to the same place takes the same path. Routing is hop-by-hop as well as two-way.
When a business using MPLS wants higher availability, a backup path is implemented, which is traditionally IPsec VPN. This backup usually sits dormant until the primary path is out of service. For years, this technology and topology have been adequate, but emerging trends require new solutions.
These days, businesses have far higher bandwidth needs than they did even a few years ago thanks to applications like video conferencing, UCaaS, and streaming video. New bandwidth requirements have made costs skyrocket. Now the old topologies are especially unattractive, but many organizations are unaware that there are better, cheaper alternatives.
Enter SD-WAN. Gartner Incorporated, the world’s leading IT research company, estimates that by 2023, 30% of all enterprises will be using SD-WAN technology. This is because SD-WAN offers lower total cost of ownership, more efficient use of bandwidth, more availability, carrier agnosticism, increased security, quick and effortless deployment, application visibility and control, as well as an unparalleled degree of flexibility.
Businesses now have a choice beyond just MPLS with an IPsec VPN backup.
How SD-WAN Works
SD-WAN’s three main promises are lower cost, greater simplicity, and application control. At its core, SD-WAN is an overlay VPN technology. It leverages secure VPN tunnels over any transport into a full-meshed any-to-any topology. Your transport can be anything: MPLS, direct Internet access, broadband, DSL, 3G, 4G LTE, or anything else you’re using. Your transport can come from one ISP or several, because, once again, SD-WAN is carrier agnostic.
The meshed environment bears many similarities to MPLS and DMVPN, with one key difference. SD-WAN offers application-aware routing and real-time circuit monitoring. Combining these two, SD-WAN routes traffic by application type and circuit performance. This is what provides the flexibility SD-WAN has that traditional destination-based routing lacks.
SD-WAN matches your application requirements to circuit performance. Here are some examples: SD-WAN can identify your email traffic. That is important to your business, but it’s not terribly time-sensitive. SD-WAN routes your email traffic over the lowest cost link. Videoconferencing, however, is extremely time-sensitive. SD-WAN routes that traffic over the most efficient link available. Sometimes, however, the lower-cost link has issues. That might be a significant delay or packet loss or even both.
SD-WAN’s real-time monitoring circuit can recognize when channels are not performing to SLA. SD-WAN can then switch your email traffic (or any other kind of traffic) to flow over a higher-cost link or even just another lower-cost link. Traffic remains on the “second-choice” link until the first choice is performing to SLA. When that happens, SD-WAN switches traffic back to the lower-cost link, and traffic continues to flow normally. Traditional backup paths on lower-cost circuits are no longer just that. All circuits are active. That’s something destination-based routing topology struggles to do. The active-active scenario is what adds the flexibility organizations have been hungering for.
You can now get the most out of your bandwidth available at any given location. Another key is the centralized controller. This is the brains of SD-WAN, offering a bird’s-eye view on all possible paths. Appliances can be either hardware-based or virtual. You can spin up a virtual machine and run the SD-WAN on that hardware if you like. The centralized controller also allows for zero-touch deployments, speeding up and simplifying the installation process while automatically creating secure tunnels. This creates a full-mesh topology, further reducing complexity to the end-user.
SD-WAN is the modern solution for keeping your users connected to the applications they love at the lowest possible cost, securely and reliably. If you’d like to learn more, our experts are here to help.