How to select your next WAN provider?
Selecting your next WAN provider can be a very involved process, but by carefully examining your business requirements and desires for future connectivity, you can successfully manage the process from start to finish and migrate to the new provider that will best serve your needs.
The challenges of adding Cloud and Security
Many companies are now incorporating cloud offerings into their IT infrastructure. This includes Infrastructure as a Service (IaaS) where the cloud provider gives you access to abstracted hardware and you provide your own software such as operating systems. Another cloud model is Platform as a Service (PaaS) where an entire operational ecosystem is offered, such as a full Linux or a containerised environment, and you provide the applications running on top. Both IaaS and PaaS are positioned toward organisations that have specialised needs such as custom-developed internal applications. One of the most popular cloud offerings is Software as a Service (SaaS), with Microsoft’s Office 365 being one of the most recognised. With the SaaS model, the cloud provider becomes the application provider as well.
When choosing your next WAN provider, you should evaluate how important cloud connectivity currently is or will be in the near future to your business. Some WAN providers have private connectivity into major public cloud platforms. When you subscribe to the carrier’s WAN infrastructure, you can take advantage of the carrier’s private cloud connection for both improved performance and improved security. For certain environments, security, industry regulations and compliance go hand in hand and having your network traffic go to the cloud provider environment through a private connection instead of over the general Internet may be a more secure or performant option.
The new world of SD WAN edge devices for Internet and MPLS – using Meraki and Viptela as a base
SD WAN continues to mature and increase in popularity due to both the features and WAN carrier portability it potentially offers. While WAN carriers may have SD WAN offerings themselves to which you can subscribe, having carrier transport independence is a major factor in dramatically increasing your overall network reliability. For example, you could subscribe to a particular carrier’s SD WAN service where they provide the hardware and potentially manage the service as well, but still, add your own third-party connections to the service that are independent of the providing carrier. Likewise, you could purchase your own SD WAN service independent of any particular carrier which gives you true transport independence across all of your locations.
Two major platforms in the SD WAN market are both offered by Cisco. The Meraki platform uses a cloud-based controller and offers a simplified user interface that is easy to work with. The Viptela platform is considered more advanced and offers many more options and deployment scenarios than Meraki, such as the ability to use more than two SD WAN uplinks simultaneously at each location. Regardless of platform, SD WAN’s goal is to use both MPLS and commodity Internet connectivity to increase your network’s performance and reliability.
Project Management – both internally and from the service provider
When selecting your next WAN provider, project management is an absolutely critical part of the process and needs to be given heavy consideration, particularly if you have a large number of sites to migrate to your new WAN service. You should have your own internal or contracted third-party project manager, and likewise, you should be assigned a project manager from your new WAN provider. When deploying new WAN services, there are many issues that can arise such as discovering the connectivity you desire is not available at particular locations, or construction is necessary to deliver the service to your premises. Without having project managers involved on both sides, the deployment schedule of the new WAN service can fall behind which can lead to costly extensions with your existing provider contracts.
Network documentation and reporting
It is always a good idea to have some form of recent documentation for your network. This is particularly important if your network is very large or if you have many variations in devices or topology between each of your locations. Likewise, you need to have as a bare minimum some baseline network performance reporting ability. Without this information, you will be unable to objectively determine whether your new WAN provider is meeting the needs promised to your organisation. Higher-level business managers will be interested in key performance indicators (KPIs) so they can justify the return on investment (ROI) in your WAN upgrade project.
Likewise, network documentation and reporting statistics are important from the carrier side as well. For instance, if you are purchasing redundant connectivity from a single WAN carrier, you want to ensure that the second link does not share any of the same physical paths as the first link. It is quite common for a single fibre cut to take down multiple links from the same carrier due to multiple fibres being in the same conduit. When selecting a new WAN provider, if you are purchasing redundant connectivity through them, ensure they prove their diversity to you through documentation.
Challenges of Global deployment
Some WAN providers have a global presence, but most have various peering arrangements through different carriers to provide a global reach. This can be challenging in certain situations as the various carriers must work together to ensure end-to-end connectivity for your virtual private network. In many cases, the provider you purchase your service from is actually the customer of the carrier who owns the last-mile connectivity to your particular location. If the last-mile provider is having issues, it is up to the carrier you purchased service through to work with them to rectify the issue. Depending on the scenario, you may end up needing to put pressure on your carrier to work with the last-mile provider to expedite recovery.
SD WAN helps to change this model slightly since it simplifies the process of using the general Internet for your underlying transport. While MPLS still plays an important role in today’s networks for both performance and security, when you use the Internet for your VPN transport you do not necessarily need to worry about inter-provider agreements and peering arrangements. As long as your SD WAN edge device can reach the Internet with acceptable performance levels, your traffic should get through which makes the issues of a global deployment less pronounced than they have been in the recent past.
Aligning your budget
One of the initial allures of SD WAN was the thought that you could reduce your overall spend on WAN links by using commodity Internet circuits exclusively. This may still be true depending on your situation and your company’s needs. However, in practice, your applications may still need the performance that can be offered by private MPLS links, and most likely, you will be purchasing multiple WAN circuits to improve overall reliability.
Just like with any major project, when you are selecting a new WAN provider, you must determine the importance of connectivity at each of your locations to budget appropriately for them. Can your sites withstand minor amounts of downtime? Can they survive temporarily on 4G/LTE backup links while the primary circuit is down? Are you able to get the level of speed and coverage you require for the site?
Sites that are deemed more important, such as very large locations or datacentres, require more expensive and redundant connectivity. These are all considerations you must anticipate and budget for when evaluating a new WAN provider. The WAN provider you are considering may not be able to provide the desired level of service for you at a particular location, or it may be too expensive. Likewise, if you establish connectivity at a site that has anticipated growth, you must budget for future WAN link upgrades which could potentially be very costly.
Does MPLS still have a place (yes, with SD WAN edge – MPLS still offers privacy)
As mentioned earlier, MPLS links are still very useful today even with SD WAN. While Internet connectivity can be provided through an MPLS service, the primary reason to use MPLS connections are for the privacy offered as well as features that are unavailable across the Internet such as multicast and quality of service (QoS).
It could be argued that privacy across an MPLS link versus using IPsec tunnels across the Internet is not that important, but consider that when you use MPLS, connectivity across your sites is inherently private without any performance penalties. When you use SD WAN with IPsec tunnels, your SD WAN edge appliance must perform all of the encryption and decryption which can degrade the performance of high-speed connections.
Likewise, SD WAN over the Internet can simulate more advanced features like multicast and basic QoS, but the Internet does not natively support these features so you will almost always have better performance by using private MPLS links that support these features natively. For example, when using the Internet for transport, you can use prioritised queuing with the SD WAN appliance, but you cannot enforce QoS markings in your packets across the Internet underlay in the same way you can with MPLS.
Creating an RFP
The process of selecting and evaluating new WAN providers usually entails putting together a request for proposal (RFP) document. Your RFP contains the specific hard requirements you are looking for in a prospective provider, along with items you can be more flexible on. If you are also evaluating SD WAN, you may have a specific platform you desire, and you will want to make sure it is mentioned in the RFP document. Decide if the WAN provider will be supplying your desired SD WAN platform, or that the carrier will work with your chosen SD WAN platform if you are purchasing it separately. Always ensure your RFP document has a deadline date present. Once your RFP is published, interested WAN providers will place bids for you to purchase services through them.
How to score your prospective providers
After your RFP process ends and all provider bids have been received, it is time to compare the prospective WAN providers against each other. Determine the different kinds of criteria you were looking for along with ways to establish a metric assigned to the criteria so that you can score the WAN providers. You can create simple metrics such as whether or not the RFP respondent is able to meet a specific requirement, or you can create more advanced metrics that involve different levels of weighted importance.
For example, a simple metric could be whether or not a proposed provider can offer a particular feature such as QoS-backed MPLS. A more advanced metric could be if the provider can deliver a particular speed to your locations and how important that is to you. You may also receive bids that do not meet the requirements of your RFP. However, the potential WAN provider may offer other items (such as an improved service level agreement) that may cause you to re-evaluate your requirements and score them differently.
How to migrate from one provider to another - does SD WAN help?
After the bids on your RFP have been evaluated and the relevant providers compared and scored, the next step is usually to sign a contract with the new WAN provider and begin the project to migrate from your old provider. In nearly every case, you will need to maintain connectivity through your existing provider during migration. Depending on the WAN technology used, this can require a hard cutover where the WAN circuit is changed at each location from the old to the new. This is typical when upgrading from older serial technologies like E1/E3 to Ethernet.
It could also be a very smooth transition where the old service and new coexist for a period of time. SD WAN can be very beneficial with migrating from one provider to another, particularly if both the old and new circuits use an Ethernet handoff. Without SD WAN, you may have to temporarily maintain multiple individual WAN environments during the migration, such as when moving from one MPLS provider to another. You can connect the individual environments together in centralised locations such as a datacentre using routing protocols like BGP.
The migration phase ties all of the previous elements together and this is where it is most important to have project managers on both sides along with relying on network documentation, reporting, and maintaining your budget. With everyone on both sides working together, a successful migration project with your new WAN provider is achievable with minimum hassle.
About Jedadiah Casey
Senior Network Engineer for 5 years General IT/sysadmin experience 10 years prior Bachelor of Science degree in Information Systems Certifications: Cisco CCNP Routing & Switching, CCDP Network Design, CCNA Routing & Switching, CCNA Wireless, CCNA Industrial, CCNA Service Provider Certified Wireless Network Professional CWNA VMware VCP-DCV Juniper JNCIA Working toward Cisco CCIE R&S, first lab attempt was June 2018.