What are the Pros and Cons of SD-WAN?

In this article, we'll help you identify how SD-WAN is able to complement your networking strategy.

By Robert Sturt October 13, 2017
Share this post
t f i g

Click to learn about our free data analytics portal. Compare SD WAN providers & vendors in minutes, generate reports for your peers & request pricing.

The BT SD WAN Workshop

Above. Medivet, discussing their SD WAN demo at BT St Pauls, London.


The SD WAN Playbook, 14 providers compared in one stunning Mindmap.

The Network Union SD WAN Playbook provides an at-a-glance comparison of major UK/Global providers & vendors. If your business is considering a move to software WAN services, there's no easier way to evaluate the market. Request your free copy. We've included sales contacts for UK IT teams.

Learn more +


First, the high level Pros of SD-WAN?

  • Public cloud adoption is growing fast, SD-WAN is well aligned to meet the demands of global Internet usage.
  • SDN based technology is providing granular application treatment including local QoS, security and statistics.
  • The marketing buzz suggests the software-based networking is cost effective compared to MPLS. If the price is your main concern then reducing networking spend is achievable but be wary of service providers leading from this angle.
  • Procure everything in one box from network appliance to stateful packet inspection security, DDOS (Distributed Denial of Service), remote access, VPN and content filtering.
  • Connectivity agnostic, a single device to terminate Internet and Private connections from layer 3 MPLS and layer 2 VPLS networks.

And the high level Cons of SD-WAN?

  • Depending on your vendor or service provider, on premise equipment may represent a high cost.
  • The majority of SD-WAN services are provisioned over the public Internet with no end to end QoS for traffic flow (Quality of Service).
  • SD-WAN is also a challenge for Global providers where multiple ISPs are often deployed to meet reach requirements.
  • Certain providers are predicting the 'death of MPLS' to suit their own stipulation to provision across Public IP connectivity (the Internet).
  • No true end to end QoS if using an Internet only SD-WAN provision.
  • Vendor capability is variable and often does not meet the original vision of software based networking (SDN).
The Pros and Cons of SD-WAN Visio

Above, multiple connectivity types.

The buzz around WAN technologies.

If you’ve been working in the industry for a period of time, you’ll remember how MPLS was labeled (forgive the pun) as the saviour of networking, replacing IPSec, Frame Relay and ATM networking.

On the subject of marketing hype, I’ll refrain from mentioning the service provider in question, but I recall a particular ‘large telco’ pushing MPLS as a serious alternative to their Frame and ATM network. Unfortunately, for their customers, the providers MPLS network consisted of nothing more than a single Provider Edge (PE) located in London.

The lesson? Forcing service provider transparency when dealing with hype was important back then as it is today.

Have a search on ‘death of MPLS' for multiple examples of hype from certain providers pushing a single technology.

Is there confusion around the benefits of SD-WAN?

It looks very much as if the industry has forgotten the original vision of SD-WAN services. An application based technology with the ability to interface with whatever connection type is required for a given need. While there are SD-WAN providers pursuing the original vision, the majority are pushing SD-WAN as the Internet VPN version 2.

The main reason why the marketing of cost reduction is so prevalent surrounds the use of low-cost Internet connectivity. At a high level, the thought process encompasses leveraging the lowest cost Internet provider in any given area with SD-WAN technology sorting out any connectivity problems.

The laws of physics apply, and even with clever packet inspection and prioritisation, traffic must still receive good latency and jitter in order to perform well for the long term.

The majority of Network Union clients operate hybrid networks; ensuring the right technology applies vs. specific requirements. The needs of most corporate WAN services do not meet one particular technology; many are made up of layer 3 MPLS, layer 2 VPLS / VLL, simple IPSec VPN and of course, SD-WAN.

True Software deployments can terminate ANY connectivity type.

How does QoS compare, SD-WAN vs. MPLS?

When deploying missing critical, delay sensitive services there is a need to offer your business peers the confidence that the said services will perform. SD-WAN services meet the need to service applications via granular identification of traffic (think packet inspection) with the ability to sense network conditions.

The SD-WAN traffic treatment feature set has evolved the capability of standard Layer 3 MPLS QoS which normally offers the following service provider configuration.

  • EF - Expedited Forwarding
  • AF - Assured Forwarding
  • Be - Best Effort


However, the fundamental benefit of private MPLS and VPLS remains: End to End QoS across tail circuit and network provider infrastructure.

And this is perhaps why most networks end up as a hybrid of WAN connectivity. Where core high performance office to office network connectivity is required, end to end QoS provided by MPLS is perhaps the optimum route. However, for smaller branch offices or remote users, SD-WAN offers up the ability to make the most of whatever connection is presented.

The QoS discussion is further complicated when dealing with the Global Enterprise. In many instances, Global connectivity is often on the borderline of the required latency for Voice and Video. Therefore, adopting a provider agnostic SD-WAN approach or even using a single public IP backbone may not provide the required infrastructure to confidently support delay sensitive traffic.

With the above said, many Enterprises are adopting single Internet providers with the confidence that the ISP network is well scaled and engineered. We would keep an open mind, every design is different and should be based on transparency of provider infrastructure performance.

The Pros and Cons of SD-WAN Security.

The lines are becoming a little blurred on this subject of SD-WAN vs. any connectivity type or services due to the necessity to support both public and private Cloud infrastructure on public and private networks.


Security is becoming the most discussed topic at almost all of our workshops and customer meetings regardless of WAN type. The reason is fairly straight forward, cybercrime is here and growing in sophistication thus creating a serious potential impact on businesses.

DDOS (Distributed Denial of Service) is becoming ever more sophisticated with IP enabled devices high jacked due to their low onboard security.

Where once MPLS was deamed private and therefore no added security was required, today we’re seeing the deployment of devices such as Meraki (with an SD-WAN feature set) to terminate the edge of both public and private connections.

Overall, private WAN services clearly offer an edge when discussing security as the network is ‘virtually private’ but today there is almost no secure network. Our advice is to budget for both security advice and the best possible feature set to protect your enterprise against threats.

The major pro for SD-WAN is in the sophistication of the single deployment security platform which offers up variable protection vs. connection type and location. As an example, a user working abroad from a coffee shop via their BYoD (Bring Your own Device) will adhere to policies which are more stringent vs. the user based in the office location.

SD-WAN in a Virtualised world?

Direct access to cloud connectivity isn’t quite supported by every vendor.. just yet.

However, we are approaching a world where software feature sets are available as virtualised instances. It is almost the default option to move services to cloud infrastructure but today we are still in the mode of providing hardware-based devices for HQ and large branch office infrastructure. Perhaps in 10 or 20 years, we’ll see a global wireless network where companies no longer wait for physical 100Mbps or 1Gbps Ethernet but simply consume as required.

One of the pros for SD-WAN is the ‘software based’ element which is very much in line with both current and future thinking. There are vendors offering cloud based virtualised networking services accessible via an application - there’s not only a clear cost benefit but the approach is right in line with the original SDN (Software Defined Networking)

I cannot underestimate the pros of SD-WAN virtual instances. Of course, cost and management are up there in terms of benefits but so is provider migration. The majority of customer frustration and dissatisfaction with their service provider surrounds managed services.

How does SD-WAN help?

If your connectivity is based on public Internet there is no need to change your service provider, you simply move your virtualised SD-WAN instance to the new software WAN provider of choice. No longer do you need to migrate your MPLS circuit away with your managed service, your business is positioned to only remove the element which isn’t working.

One of the reasons why companies choose not to move service provider is directly attributed to the issue of moving physical circuits and hardware. SD-WAN removes the majority of these provider migration issues.

The ability to achieve ease of migration is dependent on using public Internet connectivity. 

Pros and Cons of SD-WAN

The SD-WAN Pros and Cons Mindmap.

To conclude.. Evolution of the WAN

The Pros of SD-WAN are very much in the arena of single device or cloud instance to support whatever connectivity your business requires. Whether users are location at the HQ or staff are working from home / wireless coffee shop, SD-WAN will support from a security perspective and has the capability to identify your connectivity performance. The result, where possible, provides an operating environment for even the lowliest service.

Further Pros include granular local QoS together with networking feature sets that are growing in sophistication driven by software based production and design methodologies.

The cost savings are driven by largely by leveraging low cost ISP connectivity on a UK or Global basis. The recommendation (at least our thought process demands this) is to use a single ISP backbone for key HQ and branch office connectivity to ensure the best possible latency and jitter resulting in acceptable data performance.

Where single ISP reach isn’t possible, multiple backbones are clearly the second choice but careful examination of SLA performance is critical.

As with every networking technology, SD-WAN does have Pros and Cons. The service should form a component of your WAN depending on specific requirements. In most instances, networking is rarely one single solution. With this said, SD-WAN looks to be attempting a take-over to become the key component of hybrid networking.

There is no doubt, Cloud, Unified Comms (think SIP and VoIP), Security, Remote Access, BYoD all demand careful consideration. To further compound the challenge, IT teams are being asked to save money at the same time as delivering automated, on-demand application delivery.

One thing is for sure, SD-WAN accomplishes business objectives by bundling capability into a single device or virtualised instance. The technology is fundamentally designed to offer a complete end to end solution for the WAN.

As new applications are deployed, the centralised policies which exist are designed to provide not only the appropriate traffic treatment (QoS) but also security and user profile restrictions. The overall benefit is to reduce network complexity in a world where applications are actually becoming ever more sophisticated.

The Internet is perhaps the main 'discussed topic' when considering SD-WAN services as we’re all conditioned to expect variable performance.

However, to re-iterate again, using a single ISP backbone is a vastly different proposition compared to multiple ISP connectivity. With this in mind, readers are advised to consider providers offering single backbone infrastructure.

Although public Cloud is a driver behind SD-WAN, private technologies such as layer 3 MPLS and layer 2 VPLS are meeting the challenge by creating on-net connectivity interconnects with companies such as AWS (Amazon Web Services), Microsoft Azure and Salesforce cloud.

The WAN is evolving fast, SD-WAN should be technology (circuit) agnostic. In other words, an Enterprise should not be forced to choose between public Internet and private infrastructure. The net gain of any technology is to solve business requirements which requires aligning your own company specific requirements with the product set of any given provider.

We’ve created an SD-WAN Mindmap to help readers achieve their goals. If you’ve made it this far through our article, scroll back up and click the WAN services pack -  we’ll send you the very latest version.

Looking for technical data on MPLS VPN?

Think we can help?
Let’s chat.

Contact Us Request Proposal