SAS Logo Flat White_whiteout_irradiation effect_nobackground-01

SD WAN Overview

SD WAN is the replacement for MPLS (and other myths)

There are almost as many views about SD WAN as there are people talking about it, so it is perhaps inevitable that there is a little bit of bunkum being spoken. We have seen a number of opinions that have dubious merit so we thought we would try to set the record straight. Here are six commonly heard myths about SD WAN, along with our view of the real situation.

1. SD WAN is the replacement for MPLS!

I think we’ve all seen this one! 

Let’s start by positioning the two terms. SD WAN is an overlay technology and MPLS is one of the options for the underlay that sits underneath to provide the connectivity for an SD WAN network (along with VPLS, the internet, and other networks). Since the two aren’t the same thing it’s not really a logical statement. SD WAN may be clever and full of eastern promise but it still needs an underlay!

So, if it’s not the replacement, will SD WAN lead to the demise of MPLS? We expect it will cause a decline, but not the demise - at least, not for a considerable time. Let’s examine the drivers that might cause SD WAN to kill MPLS.

WAN cost and performance

First, it’s not so much SD WAN that would kill it, but the fact that SD WAN makes it easier to use alternatives to MPLS for some or all of your traffic. Will we start moving our traffic from MPLS to the internet? That depends. For that to make sense, the internet would need to be better or cheaper, or perhaps good enough and cheaper ... or some other sensible combination of the two.

So, ... is it? That, of course, depends on your situation. 

If you’re running everything from the cloud you might care less about MPLS performance, whereas if you’re running a latency sensitive application over highly-utilised circuits, you might think twice about the internet being good enough. 

Likewise, if you’re an international business with hundreds of sites outside the UK then you would certainly find opportunities to save money by moving traffic from MPLS to locally sourced internet. However, if many of your sites are in the UK then that assumption breaks down: MPLS circuits are not far more expensive than the internet in the UK! In some cases we’ve seen them to be cheaper!

Hybrid networks

Actually, there is another way to save money compared to MPLS, and that is to use a hybrid network. People frequently define a hybrid network as the connection of a site to both MPLS and the internet (to save money), enabled by SD WAN. We don’t think that definition is great, on two counts. 

First, it excludes the many benefits (to cost, installation speed and performance) of blending multiple technologies from multiple carriers. We see a hybrid network as the fusion of multiple technologies (MPLS, VPLS, Internet and the many access technologies they employ) from multiple carriers. 

Second, it implies SD WAN is a required driver for a hybrid network. Most of our customers have run a hybrid network without SD WAN for many years.

So, if anything it’s Hybrid Networking that will cause the decline of MPLS.

An aside on internet performance 

Let’s go back to the point about internet performance for a minute. To be fair, you can get similar latency out of an dedicated internet access (DIA) circuit than you can out of MPLS. With one major UK carrier their DIA latency SLA is actually better than for their MPLS before Class of Service prioritisation is applied. However, to realise this performance you need to stay on-net. In other words, if you use one carrier to connect several of your sites over the internet then the site to site traffic that stays on the carrier’s network should enjoy sparkling performance. It’s just that if you want to go outside of the carrier’s DIA cloud then you’ll lose that benefit: once on the open internet you’re on a best-endeavours network that does not support end to end prioritisation. 

SaaS applications are encouraging a move to more internet-focussed networks

With cloud applications and platforms being accessed from the internet, customers are evaluating the best way of reaching these from remote sites. Traditionally, SaaS application traffic from branch office users has traversed the MPLS to the HQ and then broken out to the internet. This adds another couple of legs of latency, which limits performance and throughput. 

SD WAN devices are typically configured to recognise this traffic and break out to the internet directly from the remote site. This trend acts to reduce traffic over the MPLS, hastening its decline.

The MPLS providers are fighting back, though, by creating private connections with the associated Class of Service into the Cloud Provider’s networks, giving remote sites direct connectivity over the secure MPLS network. Private networks such as MPLS are always going to be slightly behind public networks such as Internet because it’s much easier for SaaS to be launched via the internet to all customers rather than to a subset with each carrier.

2. SD WAN will allow me to provision sites in an instant!

To consider this claim, we need to look at the connectivity. Once we see SD WAN as an overlay on top of underlying connectivity, it becomes clear that we cannot deploy an SD WAN site any faster than we can get connectivity to site. 

How long for a new site? 

For a brand new connection, Fibre Ethernet circuits take months to deliver, EFM circuits take several weeks and fixed broadband takes a couple of weeks. To get below that time you need to use 4G LTE circuits, which can have you connected within days if done well. So, for a new site, it’s clearly the provision of connectivity that defines the fastest you can connect.

SD WAN can play a role in configuring the new site quickly onto the network, of course. so it could help if you’re in a terrible hurry and you opt for 4G rapid site deployment of a new site. Incidentally, people new to 4G often don’t appreciate how fast it can deliver and how many users it can support. We have had new sites connected within two days, and we’ve had it supporting up to 650 users.

Like for like 

Some SD WAN CPE providers claim that with SD WAN, their customer could provision a new site in minutes whereas with MPLS it would be months. That’s an unfair comparison, of course. It seems to be comparing an existing internet connection with a new MPLS connection!

In reality, if there was an existing internet connection then a simple IP Sec tunnel to a carrier’s secure VPN service would provide the solution as well: it hardly needs to be SD WAN! 

However, this does highlight where SD WAN can bring great flexibility. If you do have an existing internet circuit then you certainly can connect it quickly with SD WAN, and you certainly can adjust the balance of traffic quickly between MPLS and internet.

3. SD WAN and hybrid networks are cheaper!

Sometimes! This is a common assertion whose accuracy depends upon what we’re comparing. Traditionally, IP VPN was more expensive than Internet connections but nowadays we see carriers pricing them fairly similarly in the UK. A 50Mbps port on a 100Mbps Ethernet bearer can be the same whether it points to the internet or to the MPLS network, in the UK at least. Where there is still a difference is internationally. International MPLS circuits can be a whole lot more expensive than buying a locally purchased internet circuit although you do lose the central procurement, billing and management that MPLS brings.

Sometimes the argument is put forward that with SD WAN you could use multiple consumer grade broadband so yes, that is likely to be cheaper but you may need a more expensive router to bond or load balance the multiple connections thus offsetting some of the cost saving. And also you now have consumer broadband with its lower availability and reliability and longer time to fix. There’s more chance that if one of your broadband connections suffers from a degradation then so will the others as they will share a lot of the same underlying infrastructure.

4. SD WAN will allow me to change my bandwidth and COS settings in an instant! 

Yes, quite possibly, but only if this is a carrier Complete SD WAN solution and not an SD WAN CPE solution and if that particular provider has linked their front end quoting engine, with their ordering process and then their billing system. 

This is one of the big pushes of SD WAN – agility. But in what circumstances would you want to do this and how much are you willing to pay for the premium? We have seen customers ask for this and then baulk at the price which some complete SD WAN providers are charging. We have also seen customers ask for this who rarely make changes on their network. We have seen some suppliers offer this but only where they are on-net. And this doesn’t apply to ADSL and SuperFast services where by default you already get the maximum speed that the circuit can deliver. 

In the UK Ethernet PoPs are ubiquitous the access circuits are either full 100Mbps or 1Gbps but internationally where the carriers have fewer PoPs, the access circuits tend to be long line and to save costs, are throttled. Look very carefully at the quotes you receive from your MPLS provider for international connections - they will often show the access circuit from the 3rd party as a 20/100Mbps with a 20Mbps MPLS port. To have the ability to flex up this circuit to 50Mbps, the MPLS provider would need their 3rd party to provide a 50/100Mbps access circuit from day 1, so the customer is paying for the privilege to invoke the SD-WAN capabilities.

Another theme of SD WAN is that the customer can provide their own local internet service to lower costs but the question there again is how will the central management platform change a 3rd party circuit? So here DIY Hybrid Networks and the complete SD WAN solution are at odds.

What we have seen is that customers aren’t happy with waiting 4 weeks to get a change of CoS or a bandwidth increase but what would be an acceptable amount of time? 2-5 days from quote to change? 

It may be some time before there is a choice of carriers that will offer an integrated solution but in the meantime there are providers that can do the individual steps, although manually, much more quickly than some traditional carriers. 

If complete agility in this area is what you desire then your choice of carrier may be limited and costs maybe be higher but if you’re looking for more agility, there are many more options in the market.

5. SD WANs are easier to manage!

True, but the extent of this depends on whether you have bought a managed network in the past or whether you have taken the DIY approach, bought wires only connectivity services from a Carrier and then bought, configured and managed the routers yourself.

If you want to go down the DIY route then indeed, the SD WAN overlay and functionality will be of great benefit although the cost savings will more likely be realised if you have international sites. But with the DIY approach a much higher level of management overhead is borne by the organisation’s internal IT team. When you buy a Managed WAN you are given access to consultants, profession installation services, a 24/7 global support service and a single bill. If there is a problem with one of the sites, your Managed Service Provider (MSP) will see it first and already be calling the site contact to resolve the issue.

 Zero (or more likely low) touch deployments and central management will be beneficial to the Service Provider rather than the customer, although the customer should receive a better service at a slightly reduced cost. Whereas Carriers have tended to want to supply everything within a managed service and in particular the connectivity, more dynamic Managed Service Providers will offer flexible management allowing customers to provide their own connectivity and therefore be their own resolver groups whilst the MSP still maintains the overall ownership of the fault tickets. 

Some MSP’s, such as SAS, have been providing application visibility way beyond that which is included in an SD WAN CPE solution for many years so the argument that SD WAN will be easier to manage really depends on what version of a WAN you currently have. If you have a pure international MPLS network where you manage the edge routers yourself then an SD WAN CPE solution, coupled with hybrid networking will certainly bring a great deal of benefits; operationally, technically and commercially.

6. SD WAN and hybrid networking allows my users to get to cloud apps (such as Office 365) more quickly and therefore have a better experience!

True, maybe! The rise in applications being located in the public cloud rather than in a customer’s data centre has shifted the emphasis on how to connect to the applications most effectively. Ideally, you would want to take the shortest path to that application as possible and traditional WANs tended to only have an internet breakout at the head office. Local internet breakout would seem the obvious choice (therefore Hybrid Networking) with SD WAN CPE providing the security, visibility and management.

However, many carriers are now linking to the major IaaS/PaaS/SaaS providers from their MPLS networks to provide the Quality of Service and security that customers require. We have also seen some SD WAN providers developing Optimised IP networks over the internet to these applications and platforms so if there is a variety of choices to suit all customers.