There are a number of challenges associated with procuring Global SD WAN services. IT Managers and their teams are faced with creating an architecture which encompasses user cloud access and security. At the same time as ensuring traffic performance is acceptable both within UK national reach and across international connectivity.
IT Managers must consider the architecture of Global WAN services across network performance, business continuity and support.
Perhaps one of the key data points to understand is that SD WAN is not singularly an Internet VPN technology. If we believe the massive amount of hype, software networking allows you to deploy any low cost ISP connectivity in the confidence that your SD WAN device (virtualised or otherwise) will sort out any performance issues. In many cases, the technology will certainly assist with degraded circuits but we need to remember, deploying cheap Internet between core Enterprise business offices is probably not the best idea unless you are buying from a single public IP backbone provider.
MPLS, VPLS and VLL services represent a great option as part of the overall global WAN architecture mix. With Cisco Meraki and Viptela, businesses are able to leverage the right circuits across Internet, MPLS and VPLS with an acceptable SLA.
Above. A site from our free NU Connect report showing which of your sites are a good fit across 9 different service providers. * Only available within the UK at the moment.
In 2019, most large enterprises are now aware of SD WAN and many have even migrated all or select portions of their global WAN to an SD WAN platform. While each SD WAN vendor introduces minor features as a point of differentiation, most mature platforms have settled around a core set of common features, though these features may be implemented slightly different among each vendor. The most common feature touted by nearly all SD WAN platforms is the ability to use two or more WAN connections simultaneously, as opposed to the previous common paradigm of active/standby links.
The hype surrounding SD WAN is propagated by claims of the ability to use simple commodity broadband circuits and even wireless 4G/5G connections for all of your connectivity needs with the promise of drastically lowering your monthly WAN operating costs. This claim is touted by all major SD WAN vendors, but circuit costs and performance in the real world are not so black and white.
The major variables are network application requirements, the types of connectivity available at your locations, and the cost to deliver that connectivity to you. Some network applications require a lot of bandwidth, like large file transfers. Some have a low tolerance for delay across the WAN, such as VoIP telephony. Still, other applications require both high bandwidth and low latency, like video conferencing for example. This is why Service Level Agreement (SLA)-backed private WAN circuits such as MPLS, Virtual Leased Lines (VLLs), and multipoint VPLS remain very popular in 2019. In many cases, these private circuits are still the only way to guarantee the performance you need for your applications.
Medivet, a Network Union customer at the BT SD WAN Workshop in St Pauls, London.
Just five years ago the concept of SD WAN was fairly new and different vendor platforms were still up and coming. Today, SD WAN vendors have rich, mature platforms that take advantage of previous years of operational experience and exposure to customers’ live production networks. Many vendors now include capabilities within their platform beyond just utilising multiple links simultaneously, such as WAN optimisation and Forward Error Correction (FEC) that enables your locations to get the very best performance possible across all of your connections.
SD WAN represents a new way to utilise and manage your WAN infrastructure. When you couple the WAN optimisation capabilities with general platform orchestration and zero-touch provisioning (ZTP), these are the reasons why SD WAN is here to stay.
Many people equate SD WAN as simply a VPN over the Internet, but this is not true. SD WAN platforms like Cisco Meraki and Cisco Viptela are transport agnostic and can use whatever kinds of connectivity you provide, whether it is through the public Internet or through private services like MPLS. In each case, Meraki and Viptela will utilise all of the available features of the underlying connectivity, such as Quality of Service (QoS) if the connection supports it.
Large enterprise networks with a global reach have different requirements from those that only have a regional presence. When you require global connectivity, it is critical for your overall SD WAN architecture to account for the time it takes for your packets to go around the world (propagation delay). This is why most large global enterprises still use SLA-backed private connectivity in their backbone network.
While SD WAN will make the most of what is available, you still have far less control and no guarantees when you use the public Internet for your transport. ISPs may reroute their public Internet traffic on a whim to suit their needs which can introduce new levels of latency. This is not as critical for regional networks but can be greatly compounded as you add more public Internet hops and distance in the overall path.
With private circuits, you are guaranteed a specific maximum amount of latency across the entire path, regardless of the number of hops the traffic passes through. Using private circuits with SD WAN across your global backbone ensures you get the performance quality guarantees along with the added-value features of the SD WAN platform.
Above. Global SD WAN design example using MPLS.
Large telcos still have a major role to play despite transport independence being a fundamental tenet of SD WAN. For instance, most large service providers offer multiple kinds of connectivity. For each of your locations, you could provision a more expensive private circuit to take advantage of its performance along with a less expensive broadband solution for backup or additional bandwidth.
Setting WAN pricing is important. The detail is critical to understand.
Both of these can usually be provided by the same telco along with the SD WAN service itself which gives you the advantage of a single point of billing and support. When it comes to network support, a large telco is more likely to have a higher number of expert-level staff employed who can handle the deepest of technical issues.
The other major advantage of using a large telco for your SD WAN service when you have a global enterprise is that large carriers often have their own global reach and strategic partnerships as well. This has the dual advantage of higher-performing circuits within the carrier’s network as well as a potential for faster resolutions when network issues arise since the telco will have visibility into their own global network whereas a public Internet solution may pass through many different independently-owned networks.
SD WAN has the potential to provide a new operational paradigm with regard to enterprise-wide network security. SD WAN edge appliances, whether physical or virtual, are points of network policy in addition to traditional network transport. Each appliance can serve as a firewall itself or integrate with other security solutions. With SD WAN it is easy to centrally control and manage security policies across your global enterprise. This has the advantage of ensuring your policies are consistent across all security zones. This improves ROI and TCO because less time will be spent troubleshooting policies across individual devices.
Cisco Meraki and Viptela also both offer cloud service integration and optimisation. Virtual Meraki and Viptela appliances are available that run in Amazon AWS and Microsoft Azure. These virtual appliances allow you to extend your private WAN into the public cloud environment just like any other physical location. Meraki and Viptela also offer integrations with AWS Direct Connect and Azure ExpressRoute, which are high-performance private connectivity options for the respective public cloud environments. As more enterprise workloads are placed into the cloud, having tight integrations with the largest cloud players like AWS and Azure ensure SD WAN solutions like Meraki and Viptela make the transition easier.
Cisco offers SD WAN solutions under the Meraki and Viptela platforms. There is an overlap of functionality between the two, and while both can be used with global enterprises, they do have two somewhat distinct operational considerations. Meraki was designed from the beginning to have operational simplicity. It is fairly easy to design and implement a global SD WAN infrastructure with Meraki which allows the solution to be supported by less knowledgeable IT staff. The trade-off is that there are some more advanced features and deployment scenarios that Meraki does not support.
The Cisco Viptela solution bridges the gap between simple SD WAN and very advanced deployment scenarios. Viptela supports more SD WAN uplinks than Meraki, along with IPv6 and multicast routing across the SD WAN fabric. These are all more advanced networking features that require support staff with a higher level of expertise to design and operate. The Viptela SD WAN software also runs on some of Cisco’s more advanced hardware platforms that are capable of higher levels of performance than the Meraki product line, which may be critical depending on the size of your datacentres and your WAN needs.
However, just like in the migration scenario, there is nothing preventing you from operating both a Meraki and a Viptela environment simultaneously. With a global SD WAN environment, one possible approach is to use Viptela in your network backbone and larger sites and Meraki across smaller locations where IT support staff may be limited. This approach gives you the best of both including the advanced features of Viptela with the true operational simplicity of Meraki.
Above. An example Global SD WAN design using Cisco Viptela.
Enterprises that have a global presence are typically large enough to require employing IT staff with advanced technical knowledge. Frequently, large enterprise networks have specific requirements that are difficult to manage with outside support personnel who are not dedicated solely to your organisation as they may not be familiar with the more intimate details of your company’s network.
However, SD WAN makes general network operations much simpler through centralised policy management which can make outsourcing your WAN operations more enticing since you simply purchase connectivity along with the SD WAN service, and the managed SD WAN provider takes care of the details and maintenance which allows you to reduce your operational technical headcount. One of the considerations of a managed service is that the managed services provider (MSP) will have the advanced technical staffing to handle your needs, but any changes that you need in the network may take additional time as compared to having your own technical staff.
Ultimately, deploying SD WAN across a large global enterprise is similar to any other major project where you must determine your goals, requirements, and desired outcome. There are many ways to approach the deployment and with platforms like Meraki and Viptela, you can achieve exactly what you’re looking for in the network design.
Request our award winning resources, the step-by-step IT Managers Mindmap and our free WAN procurement workshop hosted by Techtarget.com writer Robert Sturt.
Everything an IT Manager needs to buy WAN services. Our Mindmap has been developed to define the key areas your team must consider when buying SD WAN, MPLS and VPLS.
Our free workshop, hosted at your office, is an ideal way to build on your knowledge. An interactive version of the Mindmap, Robert Sturt will walk you through the latest thoughts and considerations.