Starting May 2, 2024, find new blogs on HPE Community. Questions? Contact us

Go to new blog site

HPE Aruba Networking Blogs

Why Your SD-WAN Deployment is Failing

By Adam Fuoss, Vice President, Pre-Sales Consulting, Aruba

I’m going to say something you may not want to hear, or you may already know—implementing SD-WAN is hard. Among the promise and hype of automation, dynamic path selection, zero-touch provisioning and a cloud-ready WAN, lies a trail of failed SD-WAN projects, with many others struggling on life support. For many, the WAN of the future has failed to manifest into anything more than another hard-to-manage, costly IT project that has failed to deliver on its promises (or, has failed to live up to your expectations), but why?

The problems SD-WAN solutions address are not incremental change or gradual evolution. They are the result of industry megatrends that have upended the way we consume applications and connect our users, all in a very short period of time. These megatrends, such as digital transformation and the move to SaaS, IaaS and cloud have placed new demands on network infrastructure, IT staff and application owners, which requires a complete rethink of how they are connecting locations, delivering applications and services and securing their networks. The sheer gravity of these changes, and scope of what needs to be done to support them, cannot be undertaken in an additive approach. Rather, they must be tackled as transformative projects that require a complete rethink of enterprise WAN design and strategy.

Thankfully there is hope for those who have tried and failed, and for those who have not yet embarked on their journey. It is possible to have a successful implementation that delivers on the promise of SD-WAN – you just need the right partner, product and process to do it.

People, Partner and Focus are Everything

This is something that is hard to evaluate on paper, but it should be immediately apparent from the moment you engage. Expertise is everything in SD-WAN projects, and you don’t want someone who is learning alongside you. You need a partner who can guide you through the tough design and architecture decisions, demonstrate a repeatable process to follow that’s worked with countless other customers and takes into account the pitfalls to look out for as you move forward. Picking the right partner could mean the difference between life and death for your SD-WAN project early on.

Partners involved in this process could involve a variety of people. The technology vendor, its SD-WAN products and resources to support you through the design, deployment and post sales processes. The channel partner working alongside you, and service providers, systems integrators or managed service providers—all play critical roles in the success of your project. When engaging with partners there are some things you need to look for.

Are chosen partners laser focused on the success of your SD-WAN project, or is it just another SKU for them on a long list of products? Have they done it before? Do they have a track record of successful customer deployments using their SD-WAN solution? Do the local systems engineering resources you engage with appear to be specialized in this space, or are they just generalized across a portfolio of products requiring specialists to be flown in from all over? When you open a TAC case is the engineer an SD-WAN product expert, or will it require multiple levels of escalation to get you to who you need?

There is also the question of how you make sure your own team has the right skills for the project to be successful. The great thing is that SD-WAN technologies are still networking products, so they leverage many of the same core concepts that your team should already know; however, they still come with a learning curve. It’s important to make sure that the partner you are engaging with offers comprehensive training and certifications to help quickly tool your team to become experts in the technology they will be deploying and supporting. It’s not uncommon, and is often advisable, to make sure that your team takes the necessary courses and certifications leading up to your deployment. It’s also a great idea to see if the vendor or partner you are engaging with offers deployment assistance to help supplement your team with additional knowledge, and expertise, to make for a truly world-class experience.

It all really matters. Make sure to put all your partners through the test to evaluate their expertise, access to training and overall engagement throughout the process, not just their product. If you find that the initial engagement is shaky, that they don’t really know what they are talking about, or don’t’ seem to have much experience doing it, imagine what it’s going to be like once you start trying to deploy.

The Right Product Really Matters

The WAN is mission-critical infrastructure; it allows users and devices to connect to the network and most importantly their applications. Without the WAN nothing and nobody works. There are unique challenges that SD-WAN products must deal with, such as making the WAN cloud-ready and consolidating multiple appliances in the branch and data center into a single unified platform, while doing all of this, it must still interoperate with legacy networks and protocols. It’s a lot.

It’s important to work with a partner that specializes in the WAN and has a clear understanding of the challenges and product needs to address them. Integration with legacy routing protocols such as BGP and OSPF are important, and the ability to still work across an SD-WAN fabric as well as MPLS networks to talk to legacy non-SD-WAN sites is critical. The ability to provide a smooth journey for non-SD-WAN sites to gracefully enter the new SD-WAN fabric is also paramount, because nobody turns on SD-WAN overnight at every location. The solution at the same time still needs to deliver an amazing SD-WAN experience providing you with a no-compromise WAN strategy that results in better performance, control and reliability of applications on your network and in the cloud, with better economics and agility for your infrastructure, processes and people that support them. It takes a well-thought out approach and powerful solution to get it right.

There is however an important balance. There is so much need for change and innovation on the WAN edge, but there is also an equally important need of working with the legacy network during this transition period. You may find some solutions provide an unbalanced approach in one direction or the other. Some have too much focus on SD-WAN that they don’t work well with legacy protocols and infrastructure, while others have too much focus on working with legacy infrastructure and not enough focus on SD-WAN innovation. Both scenarios can deal a lethal blow to your project and can fail to deliver tangible benefits.

Make sure to thoroughly evaluate leading solutions. Don’t just fall back to your legacy network or security vendor assuming they are providing the innovation or expertise you need. Much of this evaluation is something you should be able to easily do on the whiteboard, through product demonstrations and discussions. After the paper evaluation, shortlist your vendors and partners for more in-depth demonstrations, production pilots and evaluations of their technology and experience.

It All Comes Down to Planning and Execution

Now that you have the right people, partner and product it all comes down to execution. This is as equally important a pillar as any other. SD-WAN projects involve replacing critical infrastructure in the branch. Very often that means multiple routers, firewalls and WAN optimization devices must be consolidated down into a single unified SD-WAN platform. Removing this legacy equipment and software stack requires a well-coordinated plan to get it right with minimal disruption. Thankfully doing this work ahead of time can make your SD-WAN deployment go much more easily.

There are three key areas you need to focus on when starting this planning work.

First, you must understand how your SD-WAN solution connects into your data center, cloud and security stack. You need to have a standard template for the new branch architecture, identify how your applications will utilize this new WAN, and plan for how your legacy sites will interoperate until they become SD-WAN sites. Second, if there are other major changes taking place such as a move to cloud security services like Zscaler or Check Point, those should also be planned for at this time. And finally, once this architecture is well understood, you need to document your rollout process, test your rollout plan at a handful of sites to work out the kinks, document and refine your process and then start deploying.

SD-WAN sites should be deployed in a templatized, highly repeatable fashion. When deploying you should be following a script, IP addressing and port mapping should be well documented ahead of time, and the cutover and validation process should be well understood. If you find yourself struggling to do these things during your rollout, go back and start this process over again until it’s well refined. If you’re planning on deploying hundreds or thousands of sites, make sure your technology partners have the ability to automate much of this deployment process.

Second, depending on your resources, processes and procedures it may also be important to involve a partner to provide co-management, professional services or to offer SD-WAN to you as a turnkey managed service. Although these partners can offer a more hands-off approach, it’s important to make sure that they also have well understood processes, experience and a well-documented plan to help you roll out your solution smoothly. It’s also important to understand what SD-WAN products they provide, and to include that as part of your evaluation. The right product is one of the key pillars to SD-WAN success. Even if you are purchasing SD-WAN as a managed service, you should understand what is under the hood.

Lastly, there may be other external factors that you need to consider. If you’re planning on adding new circuits to a site such as MPLS, DIA, broadband, LTE or 5G, determine if they are available at your different locations. Can you deploy with your current infrastructure, and add them later if they aren’t available today? If there are things that may prolong your deployment, it’s better to identify and plan for them ahead of time whenever possible.

Through the planning process, you should be able to build a comprehensive plan of attack that once completed, and tested, makes this all a relatively easy process. We’ve seen as many as 50 sites per day cutover at a single customer once this process is refined and executed upon.

In Conclusion

As with anything, you get out what you put in. To be successful in SD-WAN, whether it’s as a vendor, partner or end-user, it requires the right set of people, the product that best fits your needs and the planning and execution that you should expect with any large project. The benefits of SD-WAN are tangible, and the market has moved far beyond the hype. Realizing a multiplier effect, delivering better performance, reliability, security and control across your SaaS, IaaS and other cloud investments is entirely possible. A successful SD-WAN deployment isn’t a matter of if, but who with.

This blog was originally published by Silver Peak, which was acquired by Aruba, a Hewlett Packard Enterprise Company.