Who are the top/best SD WAN providers?
The top 20 SD WAN vendors we recommend are Cisco Meraki, Cisco Viptela, Silver Peak, Aryaka, Velocloud, Citrix, Oracle, Peplink, Riverbed, Bigleaf, CATO, Ecessa, Fortinet, Multapplied Networks, Speedify, Open Systems, BT Business, Cloud Genix, Globalgig, Expereo.
We created this article using extensive research across SD WAN providers and vendors which we believe to offer a good fit across the majority of UK and US business requirements. If you would benefit from instant comparison of Software WAN solutions vs your own high level needs, you can quickly build a unique shortlist using our compare-the-market tool.
While the tool is currently in beta, we take into account the majority of leading procurement points which include next generation security, WAN optimisation, path selection, co-managed services (MSP), support for hybrid connectivity, DIY capability, comprehensive reporting statistics, Global services and more.
Below. Results screen from the SD WAN comparison tool.
Table of Contents
- A comparison table of the top/best SD WAN providers and vendors
- Cisco Meraki
- Silver Peak
- Multapplied Networks
- Open Systems
- BT Business Partner Sales
- Cloud Genix
- Which solutions offer support for UK SD WAN?
- Why Hybrid networks are often the outcome?
- Is MPLS dead?
- What is driving the interest in SD WAN service providers?
- Public IP Internet vs Private IP MPLS / VPLS
- Which SD-WAN providers & vendors are suitable?
- MPLS vs. SD-WAN networking
Although SD WAN is now firmly accepted as the next generation of WAN capability, IT teams and consultants are facing the challenge of aligning their requirements to the right SD WAN solution. The WAN cannot be procured in isolation, today IT Managers need to consider Cloud, Security and UCAAS as key pillars of the buying process.
In a recent Internet Quality Report detailing the performance of application traffic across public Internet connections, the results determined that 25% of the time (during business hours) the Internet could not be relied upon to deliver the same uptime as private MPLS connections. With this said, by combining multiple links with per packet, sub second, WAN optimisation and path selection, this could be increased to almost 100% but not all vendors are equal. Netify can compare each provider to show your business which solutions are best suited to maximise your application uptime.
A comparison table of the top/best SD WAN providers and vendors.
Vendors 1-5. Click the vendor name to learn more.
|WAN architecture||Edge based||Edge based||Edge based||25 Global PoP backbone||100+ Global PoP gateways|
|Form factor||Physical, cloud (AWS, Azure)||Physical (vEdge, ISR, ASR), virtual, Hyper-V, KVM), Cloud AWS, Azure, Google)||Physical, virtual (VMware, KVM, Cloud (AWS, Azure)||Physical||Physical, virtual (VMware, KVM, Xen), cloud (AWS, Azure)|
|Firewall||Advanced||Basic on Viptela hardware, advanced on Cisco hardware||Basic, advanced via partners||Basic, advanced via partners||Basic, advanced via partners|
|WAN optimisation||Limited||Yes (add-on to Cisco hardware, not available on vEdge)||Yes, add-on||Yes||No|
|Application path selection||None||Yes (add-on to Cisco hardware, not available on vEdge)||SaaS optimisation chooses optimal egress point (via data centre or hub site)||Partnered with AWS & Azure, can manually configure for other cloud/SaaS apps||Yes, VeloCloud has 100+ shared gateways for path optimisation. Providers can build out their own gateways as well|
|Elevator pitch||Rich history of networking, value adds such as CCTV||Customisable solution for the larger Enterprise||Good traffic path selection and Broadband treatment||MPLS alternative with VPN access to private PoP locations||Cloud-based service delivery, orchestration, and analytics to create a flexible architecture|
Vendors 6-10. Click the vendor name to learn more.
|WAN architecture||Edge based||Edge based||Edge based||Edge based||US centric, UK and Europe|
|Gartner status||Challengers||Niche player||Not listed||Leader||Not listed|
|Form factor||Physical, virtual (VMware, XS, Hyper-V and KVM), Cloud (AWS, Azure)||Physical, virtual (VMware, Hyper-V), Cloud (AWS, Azure)||Physical, FusionHub offers cloud based virtualisation, Hyper-V||Physical||Physical|
|Firewall||Advanced||Basic, advanced via partners||Basic, advanced via partners||Basic, advanced via partners||Basic, advanced via partners|
|WAN optimisation||Yes on the 5100, 2100 and 1100 devices||Yes, add-on||Limited||Limited||Limited|
|Application path selection||Yes via 14 global gateways||None||No||Applications defined by path||Closest Pop selected per application|
|Elevator pitch||Experience for SaaS, cloud, and virtual applications||Forwarding is unique for real time application delivery with good failsafe technology||Good support for 4G and 5G services||Good history of WAN optimisation||US Pop locations, one UK PoP and 2 European|
Vendors 11-15. Click the vendor name to learn more.
|WAN architecture||40+ global PoPs for site-to-site and optionally for BT||Edge based||Edge based||Edge based||Software based|
|Gartner status||Not ranked||Not ranked||Challengers||Vendor of note CA||Not ranked|
|Form factor||Physical, virtual (VMware), cloud (AWS, Azure)||Physical||Physical||Physical||Physical|
|WAN optimisation||Limited (TCP optimisation)||No||Yes, 60E and above||No||No|
|Application path selection||Cloud apps||Selective routing of apps||None||Leverage must-carrier paths to deliver diverse capability||No|
|Elevator pitch||Global core network, WAN optimisation built in||Global core network, next generation Firewall built-in||Strong history of security||Service provider solution||VPN with channel bonding|
Vendors 16-20. Click the vendor name to learn more.
|Vendor||Open Systems||British Telecom||Cloudgenix||Globalgig||Expereo|
|WAN architecture||Edge based||Edge based||Edge based||Resale of Cisco Meraki, Cisco Viptela, Fortinet and Peplink||Resale of Cisco Viptela, Silver Peak|
|Gartner status||Named in Gartner 2019 Market Guide||Not ranked||Visionaries||Not ranked||Not ranked|
|Form factor||Physical||Physical||Physical, virtual (VMware, KVM), Cloud (AWS)||Not applicable||Not applicable|
|Firewall||Advanced||Not applicable||Basic, advanced via partners||Not applicable||Not applicable|
|WAN optimisation||No||Yes||No||Not applicable||Not applicable|
|Application path selection||Policy based path selection||Not applicable||Measures app performance to select the best path||Not applicable||Not applicable|
|Elevator pitch||Over 20 years of Security experience||Not applicable||Layer 7 measurements track application performance||Wireless specialisation on a global basis||Expereo provide Internet aggregation across 3000+ providers|
Netify 10 2020: An exclusive walkthrough of the top 10 SD WAN vendors.
Book your free 30 minute Zoom call, explore the top 10 SD WAN vendors with our exclusive feature walkthrough.
Above: Netify creating data for an SD WAN assessment, estimating latency between locations.
With the huge amount of marketing hype from SD WAN providers, aligning and comparing your requirements is a critical component of the presales process. In this article, we'll outline 15 Software WAN solutions we know to be market leaders. (This does not mean each vendor will align to your business)
The following vendors are listed 1 through to 20, the number does not correspond to their capability.
1. Cisco Meraki
Meraki is without a doubt the most popular vendor when discussing initial requirements with prospective buyers. The products are cost effective and feature-rich offering functions such as endpoint management which is positioning IT teams to share intelligence and enforce policies across the network based on the device status and where the services are located or installed, software and/or users.
One of the newer features is device enrolment which means policy is enforced without even having to handle the actual hardware. WiFi access can be delivered based on device type, users and security compliance. In short, Cisco Meraki is feature rich with the ability to support/deliver a full stack of connectivity from Security, Switching, WAN and Wireless via a single interface.
It is important to note, and perhaps obvious, but to take advantage of the Meraki capability, your network ‘needs’ to be Meraki end to end. (Not necessary but advised)
2. Cisco Viptela
Cisco also owns Viptela, how should you decide on Meraki vs Viptela? The major differentiators revolve around the ability to handle three or more uplinks, WAN multicast and TCP optimisation. The value proposition of Viptela is based on customisation allowing customers to control layers 4-7 of the OSI model.
Without going into too much detail, Viptela is extremely competent at WAN segmentation across both on-premise equipment and also cloud architectures. In other words, if your business is of a more complex, global nature, Meraki could be viewed as too simplistic to meet the demands of your network architecture requirements.
With the above said, Meraki and Viptela do intersect as both are able to adjust traffic routing based on the policies your business decides, they are scalable and offer cellular failover.
3. Silver Peak
Note: Silver Peak only sell via Resellers, see this page for more information. The Silver Peak proposition looks to be based on cost savings by removing ‘expensive private MPLS’ with their SD WAN solution and Internet. While there is the capability to save money, the question at the core of their approach surrounds the service level agreements from low cost Internet providers.
The overall Silver Peak proposition is feature rich and very capable of supporting applications, user security and intelligent data flow. However, their marketing appears to push SD WAN as an Internet based service rather than a connectivity agnostic vendor. And while their tests show significant benefits when using Silver Peak across Broadband, this is only one part of the story.
If your low cost Broadband provider suffers an outage, the general SLA is generally nowhere near as robust vs private based networks. We take the stance that connectivity should be based on specific requirements when everything else is equal. If your sites are not mission critical, Internet Broadband is a great way to save money and deploy cost effective services.
Where a circuit with an end to end SLA is required, technologies such as MPLS are not going away. Silver Peak offer some interesting features such as forward error correction which is designed to essentially reconstruct packets with faulty data. A further key area of interest is their ability to from an overlay making the transition from MPLS to Internet a less complicated process. As we mentioned earlier, be aware that replacing MPLS with Internet may save money but there is more to consider.
Leading on from Silver Peak, the value from Aryaka is actually based on the best of both worlds. The underlying network is a well engineered private MPLS core resulting in end to end traffic prioritisation and better SLAs when compared to general Internet connectivity.
The SD WAN functions are broadly inline with other vendors resulting in the best of both worlds - software flexibility/management with MPLS privacy. The cost and proportion from Aryaka places their business in alignment with large global Enterprise business sending traffic over long distances.
The connectivity offering is based on a tail circuit into their closest point of presence. Aryaka offers accelerated delivery for CDN which again plays into the global WAN customer.
The Aryaka SmartCONNECT product is suited to organisations with a desire to outsource more complex elements of the WAN. Where more detailed configuration changes are required, Aryaka previously required involvement from their support team. However, as of writing this article, a self service portal achieves end to end management.
5. VMWare VeloCloud
The VMWare proposition offers some similarities with Silver Peak, they also offer FEC (Forward Error Correction) and TCP optimisation.
VeloCloud offers both hardware and software clients with full Firewall functionality. While researching the VeloCloud proposition, their cloud resident gateways are of benefit to companies requiring a secure overlay that is transport independent, operating across any combination (public or private circuits), with secure connectivity to enterprise data centers, cloud compute and SaaS applications.
Some further key benefits are their application improvement performance over degraded links which also includes delay sensitive apps such as voice and video. The VeloCloud strategy looks very strong over the next 12 months with marketing suggesting intent based WAN features are on the horizon.
After the main Citrix brand application, the Netscaler SD WAN appliance is perhaps one of the best known products when discussing software WAN services with IT Management and their teams. NetScaler offers physical, virtual and cloud products with their management and analytics system - MAS. The Citrix offering includes both WAN optimisation and stateful packet inspection Firewall.
With such a large market share from their core Citrix product, the market for SD WAN across existing customers is significant. The actual SD WAN product is managed by the same UI platform.
There’s a large focus on the ability for Oracle to control WAN path access via on premises or cloud management. The capability to aggregate links offering seamless failover even for Voice and UCaas has always been a strong proposition even in the early days of SD WAN.
With this said, Oracle does not have the experience of dealing with large WAN deployments - as of writing this article, their global telco provider relationships are limited.
An International company based out of Hong Kong with a reputation for supporting bandwidth constrained/variable performance circuits.
The Peplink strategy offers flexible WAN edge connectivity via products such as SpeedFusion with their Max cellular tower and InControl management system. In short, for companies with a large number of sites requiring connectivity outside of fixed Ethernet services, the Peplink offering has a good level of features. With their current operations small in comparison to other SD WAN providers, large Global should consider other options.
The SteelHead SD WAN platform supports WAN optimisation in a single appliance. With SteelConnect SD WAN gateways and their Ethernet switch devices, they are well position to offer services for both the WAN and LAN.
There are no cloud gateway offerings but the service can be virtualised via AWS or Azure. The competition for SD WAN is becoming stronger month on month, other vendors are looking more capable when compared to resilience and firewall security functions.
10. BigLeaf Networks
Founded in 2012, BigLeaf Networks provide cloud-based SD-WAN for enterprises. With its service design meant to speed up applications that depend on the cloud, BigLeaf is able to detect any performance in real-time.
What's really great about BigLeaf is that this company is able to automatically adjust patterns for traffic as new apps are brought onto the network. With their Cloud Access Network relying entirely of dynamic load-balancing technology, BigLeaf Network reacts in real-time to any new disposals of the cloud.
This means that whenever there are any changes made to the cloud, there's an adjustment n the Internet performance to make sure your programs that depend on the network are always running as quickly as they possibly can.
11. Cato Networks
Cato Networks was founded in 2015 and provides customers with cloud-based SD WAN services. Cato Cloud, which is Cato Network's SD WAN solution, attaches all network elements of a business. From mobile workforces, to cloud data center, to branch locations, the Cato Cloud secures all of your company's information into an encrypted cloud.
Made up of two layers, the Cato Cloud Network, and Cato Security Services, this SD WAN solution is interconnected by several tier one carriers.
This network also provides a secure web gateway, mobile access protection, secure web gateway, network forensics, and cloud access protection. If you're looking to protect the traffic of your company, you should look further into Cato Networks.
While many companies may recognize Ecessa for it's WAN solutions. However, Ecessa now provides companies with an SD Wan model that compliments companies that have as little as ten sites. However, this SD WAN provider will cater to companies that have more than 200 locations.
Founded in 1968, Ecessa is experienced in providing customers with plans to complement their company's individual needs. Some of the key points that the SD WAN plans that Ecessa offers are traffic routing, automatic failover, flawless connectivity, and loading balance.
Ecessa aids customers in the process of bringing all of the applicancies and applications online. Plus, this SD WAN provider helps customer to stand up site-to-site tunnels in full mesh, partial mesh, or hub-and-spoke topology after figuring out what the perfect fit is for the customer.
13. Fortinet Secure SD WAN
Previously only functioning as a security vendor, Fortinet has now added SD WAN functions to their list of appliances. Founded in 2000, this SD WAN provider caters to customers who are interested in consolidating their physical appliances and branch operations into one vendor flag.
Fortinet monitors their SD WAN links ofr packet loss, hitter, and latency by using several different techniques, such as HTTP, TWAP, and ping. They support hub and spoke, full mesh, on-demand VPN, and partial mesh. Plus, there are up for 4,000 administrative domains and virtual domains that can be supported.
14. Multapplied Networks
Multapplied Networks provides SD WAN solutions to both services produced and managed service providers. Founded in 2012, the technology that Multapplied Networks uses works by delivering IP over a variety of physical layers, enabling carriers, and diversity the circuit design to make sure that your applications are available.
In addition, the SD WAN services that Multapplied offer include a layer of several tiers of encryption that vary on an application-by-application basis. Plus, they use a single flow distribution across several physical circuits at once, while at the same time, the flow of real-time transfer decreases from circuits that aren't properly performing.
Plus, the licenses that Multapplied Networks uses are on a month-by-month basis. This means that if your company is looking for low up-front costs, Multapplied Networks allows small businesses tons of flexibility.
Founded in 2014, Speedify (we like the name) provides SD WAN services that connects Ethernet, cellular, and WIFI connects into one link, which helps to increase the bandwidth of the list applications.
By using channel bonding techniques to help integrate several Internet connections into a secure pipe, all at once, Speedity offers its customers a software app for both their mobile devices and their computers.
Due to the streamlining of several Internet connections at once, the provided connection has an increased redundancy, efficiency, and automatic failover protection.
16. Open Systems
Open Systems are leading with SASE (Secure Access Service Edge) as their predominant focus technology. SASE is essentially a group of technologies which include:
- SD WAN
- SWG (Secure Web Gateway)
- CASB (Cloud Access Security Broker)
- ZTNA (Zero Trust Network Access)
- FWaaS (Firewall as a Service)
Open Systems is a mature company with a complete technology stack designed for the Enterprise WAN. Their pitch is based on maturity and their offering which is designed to provide the complete unified SD WAN experience.
In business for over 20 years, their platform has integrated dozens of security, routing and performance features into a simple to deploy and administer service, backed by 24x7 Monitoring and Support.
Open Systems is available as DIY, co-managed or fully managed service including networking, security, 24*7 support with monitoring portal.
Due to the Open Systems history of Security across every layer of the network, the SD WAN capability secures at the edge and in the cloud. By delivering next generation security architecture, Open Systems reduce the need for orchestration and management of third-party solutions that stretch IT resources and increase enterprise risk.
17. BT Business
BT Business offer access to over 198 countries via their Global Services IP backbone with Internet and MPLS access. BT are leveraging their buying power with Cisco to offer both Meraki and Viptela based solutions with professional services, co-managed and fully managed services.
There are multiple points of entry into the BT sales team, via Partners (see Netify page), Corporate or Global Services. The overall BT connectivity portfolio and extensive backbone offers quite a powerful combination. As an example, the current BT Broadband service is offered with 4G Assure failover to further increase the diversity of SD WAN capability. In addition, the acquisition of EE (Everything Everywhere) means their mobile services are strong, think 5G in the future.
CloudGenix was founded in San Jose back in 2013 with backing by Charles River Ventures, Mayfield, Intel Capital and Bain Capital Ventures. CloudGenix offers a true Software-based WAN solution via their ION (Instant-On Network) centralised control platform. The SD WAN solution offers the capability support both Internet and MPLS which meets the demands of both network migration (from MPLS) and hybrid networking where private MPLS is retained at certain sites.
CloudGenix app fabric is designed to operate across all connectivity types (we've mentioned MPLS but also 4G, 5G and Broadband). Regardless of the circuit type, intelligent traffic steering, high availability and direct access to Cloud-based services all come together to create a rich Software-based WAN capability.
A worldwide aggregator of Internet connectivity with the capability to offer Meraki, Cisco Viptela, Fortinet and Peplink. With their network application intelligence process, the Globalgig team leverage network, application and operating data to solve for optimal path performance.
Offices are located in the US, EMEA and APAC offering both DIY, co-managed and fully managed SD WAN services with billing across all currencies. Shipping of hardware and services is available across 195 countries worldwide. Globalgig also specialises in Wireless services as part of their telecoms history.
Expereo are a known entity with a significant history across the provision of Global Internet connectivity with solutions from Cisco Viptela, Silver Peak, Aryaka, Open Systems and VeloCloud. As an aggregator, Internet is available in 200+ countries across 3000+ suppliers with support for Ethernet, 4G, 5G and Broadband services.
Expereo customers span 200 countries with five NOC (Network Operation Centre) locations speaking 45 different languages.
Which solutions offer support for UK SD WAN?
With leading vendors prominently originating within the US, readers and clients are asking us to confirm which vendors and providers support UK connectivity. The following solutions offer UK SD WAN:
- Open Systems
Why Hybrid networks are often the outcome?
When considering SD WAN providers and vendors, we would recommend a hybrid approach to architecture. You've no doubt read about the 'death of MPLS' but this kind of content is misleading. While the use of private WAN technologies will almost certainly reduce as companies turn to the Internet as a WAN transport mechanism, layer 3 and layer 2 MPLS VPN's are very much a component of software WAN services.
Readers should also note that using the Internet between key HQ and branch offices is recommended over a single public IP backbone where possible. This is especially true for global organisations.
Of course, your underlying transport mechanism is only one component. The considerations to security are huge in 2019 meaning the challenge for your IT team is bigger than ever.
Looking back at recent years, the market has moved toward a software WAN environment which is typically delivered as a hybrid of private circuits (MPLS, Ethernet) and Internet VPN. At the core of solutions is some capability to deliver SD WAN features. The complexity for IT teams revolves around the need to consider Cloud and Security along side their WAN projects. And to compound your challenge, deciding which provider is a good fit for your requirements.
Whats more, SD WAN providers are creating huge sweeping marketing statements around cost savings. While there is definitely truth behind using SD WAN and Internet connectivity to save expenditure, the detail behind such a move is often not discussed to any level of detail.
Is MPLS dead?
No, the technology is evolving. Our group is witnessing a transformation of MPLS where edge devices are now software enabled. Cisco is one such example where Meraki technology is deployed across MPLS networks to bolster security, improve upon reporting and application performance.
IT are proactively researching WAN technology to avoid making buying decisions based on marketing hype. We have listed the main SD WAN providers/vendors, most of which are partners to help your IT team look at some example capabilities.
Does SD WAN over the Internet replace MPLS or compliment private based services? Is the Internet mature enough to support SD WAN? With the huge expansion of cloud services and the need to drive down costs, we believe the technology is an essential component of your WAN strategy.
There are a number of challenges when IT teams look to procure SD WAN services. The first surrounds gaining clarity on which IP network providers are suited to your specific branch office locations. The second is understanding the vendor / SD WAN service providers that have the capability to layer on managed services or supply hardware for wires only deployment. A data network architecture should be flexible and include ALL WAN connectivity offerings as options without increasing the complexity of the overall design. We meet this initial issue head on with our capability to bring together BT Business with the leading providers of SD WAN services.
IT teams are now positioned to control the flow of user data, self manage their own WAN where required, leverage low-cost Internet, monitor user and application flow, WIFI and even CCTV. What's more, SD WAN services are meeting the demands of multiple connectivity requirements from 3G, 4G and Broadband through to Global Ethernet.
With this said, the basic requirement remains the same. When selecting a WAN vendor/provider, customers needs must be translated into clear products and services that meet specific requirements. If your sales team is not listening, there is the potential for misunderstanding your demands. The sales process should demonstrate capability (not just another solution) in order for businesses and organisations to make an informed decision.
The SD WAN proposition represents the here and now but at the same time, the future of networking regardless of whether you prefer Internet, MPLS, VPLS or metro Ethernet. In the majority of hybrid network designs we put together, based on Cisco involvement, the output is largely based around Meraki or Viptela with BT Internet/MPLS. Just a year or so previous. we would be positioning standard Cisco routers. The main challenge for IT teams working on their WAN procurement project is to understand the detail behind marketing. We’ve written a comparison article for readers considering SD WAN vendors.
In addition to the usual telco suspects, I have also included a list of the top SD WAN vendors to align with connectivity service providers. If your business is embarking on a WAN procurement project, your IT team will need to consider hardware and software, the physical and virtual across CPE, gateways and controllers. In addition, delivery and support remain at the top of the buying criteria points list. While software solutions do offer significant capability, the challenge is in deciphering marketing material. There is also the challenge of understanding how underlying connectivity will support your applications. We’re reading about the demise of MPLS and while not every site will require end to end privacy and QoS, we cannot see every Global Enterprise selecting low-cost Internet.
As businesses create RFP content, the basics remain important. How prospective vendors fit across their financial health, how they invest in their own products but equally the strength of relationships with telcos when a vendor does not operate or own network connectivity.
The list below details the considerations your team should note when buying SD, MPLS or VPLS WAN provider services.
How does the provider interface with 3G, 4G and 5G connectivity from the perspective of degraded services but also into their respective connectivity whether Internet, MPLS or VPLS?
- What options are available for branch form factors, i.e. hardware or virtual?
- How does the provider integrate with IaaS providers, Azure or Amazon Web Services (as an example)?
- In the event connectivity is degraded, how will your network route data during periods of high latency and jitter or even complete outage?
- Does your provider offer integrated WAN optimisation, caching, compression?
- Security has to be the most hotly contested topic at workshops, IT must consider end to end policies and vendor capability.
- Be mindful of marketing hype, MPLS is not doomed. In fact, certain SD WAN providers such as Aryaka offer a private backbone. (based on MPLS, shock)
- The majority of vendors now offer some kind of edge hardware between £1000 to £1500 to support multiple interfaces.
- What reporting is available?
- How are adds, moves and changes made?
- A popular feature of software WAN services is application profiles which enables extremely fast zero-touch deployment.
What is driving the interest in SD WAN service providers?
Without wanting to make sweeping statements based on inconclusive research, I would probably say that cost is a significant driver creating the buzz surrounding SDN services. However, in addition to pricing, some important business drivers cannot be ignored.
We see the cloud as representing the biggest force behind software-based networking. If you consider the majority of leading cloud providers, their services are accessed by public based networks (i.e.The Internet). There are of course exceptions, cloud services are also made available via private data center interconnects but the majority of growth surrounds public based access.
The reasons are fairly obvious with huge growth in remote access, BYOD (bring your device) and collaboration with outside entities. In the majority of cases, smartphones are becoming a natural way of communicating across 3G and 4G networks on an almost permanent basis. In this sense, the business case for using the Internet as a platform for your WAN combined with software-driven functionality which allows greater flexibility to control user access, branch and remote user security, performance and more makes perfect sense.
Public IP Internet vs Private IP MPLS / VPLS
The Internet of today is maturing and developing faster than ever before. If we think back to connectivity just a decade ago, the difference in performance is startling.
With the past in mind, MPLS Layer 3 routed networks grew out of the need to provide predictable performance without the complexity and overhead of security with encryption. The internet of the 2000’s simply was not up to the task of providing a consistent experience. Also, the technology of today (tablets, phones etc) did not exist, therefore the reliance on a 'permanently on' internet connection was not a requirement. If you’re phone looses connectivity for an hour in 2016, you soon realise the productivity decline. In 2006, you would be lucky to have connectivity. A huge step change.
The Internet is now a viable platform to deliver mission critical data applications including voice and video. As a home or business user, the Internet is regularly leveraged, and for the most part, the experience is positive. In many cases, access to a private data network is a restrictive experience unless setup correctly.
An SD WAN Internet deployment represents a lower cost vs. MPLS private networks; availability is everywhere, in the main, and the platform just gets better and better. At this stage, you would be forgiven for not reading any further with the belief that SD WAN is leading the way. However, your organisation must carefully consider your locations and requirements vs. using a private or public based network. There are still use cases for both scenarios.
Which SD-WAN providers & vendors are suitable?
SD-WAN is currently offered by some vendors providing some choice with regards to cost and capability.
However, connectivity procurement is clearly a large part of the decision regardless of whether you have selected a vendor. There are certain WAN providers who are offering SD-WAN as part of their overall offering, but the capability is often only a tiny subset of SDN capability. The potential issue is one of change control. As an example, the promise of SDN revolves around flexibility and agility.
However, if a cumbersome and bureaucratic service provider offers a five-day turn around on charge requests, it doesn't matter how flexible your new software driven WAN is if you’re still at the mercy of your provider. It makes sense to ensure your prospective WAN services are well aligned.
MPLS vs. SD-WAN networking
As we alluded to earlier, Internet connectivity is growing exponentially. It is a common misconception that an MPLS network is somehow different in technology to public IP. In fact, core network engineers working on both private and public networks use MPLS as a traffic management technology. The difference covers three distinct areas:
- A private VPRn (Virtual Private Routed Network) does not require encryption.
- MPLS technology across private networks offers traffic prioritisation via QoS (Quality of Service).
- Core data network engineers are often able to better predict growth on private networks vs. public networks.
To conclude, the Internet is a much more robust and well-scaled platform today vs the past. Software Defined Networking has developed some different use mechanisms to meet with the lack of application data QoS which in many ways is much more flexible than QoS. We’ll be covering these features in more depth over the next few months. The encryption created by devices such as Cisco iWAN is also highly secure which, is always a concern with Internet-based services and when coupled with deep packet inspection, the risks of a network intrusion are minimal. It would, in fact, be easier for a hacker to gain physical entrance to your premises.
Further reading on Software Defined Networking
An further article on SDN networking
Wiki article on SDN services