The underlying technologies that support a cutting-edge enterprise telecom solution like SD-WAN are indeed complex. But that doesn’t mean your deployment of the networking solution in itself has to be labyrinthine and unmanageable.
By working alongside a versatile managed services provider (MSP) and with proven third-party vendors, you can ensure that your organization enjoys all of the advantages of SD-WAN’s major network performance enhancements. Simultaneously, observing industry-recommended best practices will keep you from getting bogged down in any of the potential quagmires that can emerge when SD-WAN implementation isn’t properly managed.
Common Complications in SD-WAN Deployments
Although SD-WAN is rightly viewed as a way of eliminating the sprawl and inefficiency of traditional WAN solutions, there are several issues that can lead to the technology generating sprawl of its own.
First among these is a lack of clear vision regarding the technology’s use. In the flurry of SD-WAN adoption that occurred in the last several years during which the technology was the “next big thing,” some organizations didn’t have a distinct business intent for their deployments. Any number of factors could’ve caused this: customers not knowing what to ask of their providers, vendors not informing customers as much as they needed to be in eagerness to make a sale and so on — there is no one person or thing to blame.
Security can be another complicating issue: Although all SD-WAN solutions come with some native security features (and some have genuinely advanced cybersecurity tools, like next-generation firewalls [NGFWs]), these protections are not all created equal. Thus, they don’t necessarily address every threat a system faces, such as those originating from SD-WAN’s use of the public internet as one of the network circuits it leverages. Companies will thus add extra tools to compensate for the increased exposure, which complicates IT infrastructure and may create its own risks, such as vulnerability at the network edge.
Additionally, maintaining connectivity between an enterprise’s various branches may be more complex to manage with SD-WAN than with an MPLS setup or another traditional WAN: The connections between dozens, hundreds or even thousands of branch locations are much simpler to oversee with SD-WAN, but the overlay required to make those connections in the first place can be extremely complicated. It requires more labor and effort to design and manage than the hub-and-spoke connectivity principle of a traditional WAN. As with the security issue, this stems in part from SD-WAN’s common reliance on the public internet.
Last but not least, it’s critical to consider how SD-WAN is expected to improve performance across multiple domains — external clouds and software-as-a-service (SaaS) tools like Microsoft 365, data centers, campuses and branches. The technology is capable of handling this burden, but your engineers must account for that responsibility during the initial deployment and then design and implement the SD-WAN accordingly. If this doesn’t happen, you’ll likely be setting yourself up for trouble.
Aruba SD-WAN expert Nav Chander explained that underestimating the complexity of SD-WAN was hardly an uncommon problem: “We have seen numerous enterprises overlook the complexity of re-architecting their WAN to enable applications to seamlessly migrate to SD-WAN or maximize their existing MPLS solution, without considering the importance of their SD-WAN platform’s ability to map MPLS quality of service to SD-WAN QoS to deliver the highest quality of experience for application users.”
Best Practices for SD-WAN Simplification
Centralized management has emerged as an effective solution for controlling an SD-WAN deployment in a manner that’s more straightforward. A central management tool with an intuitive dashboard that covers all segments of the network will help to reduce sprawl resulting from the circumstances noted above. As a part of this process, leveraging SD-WAN business intent overlays will simplify the creation of policies and templates for classes of applications based on the business priority of every app. Centralized management also optimizes traffic distribution across applications, workflows and sites even more so than SD-WAN would on its own, while also automating numerous processes to increase application performance and network efficiency.
Security concerns can be simplified by integrating essential cybersecurity tools into the SD-WAN itself, rather than using them parallel to the solution. The SD-WAN deployment should allow for service chaining with best-of-breed network security solutions, both hardware-based and cloud-delivered to ease the complexity of integration. Creating policies ahead of time based on specific threats — namely, those to which your organization is most vulnerable — is wise, so there can be an automated counterattack whenever such hazards emerge.
Finally, ensure your SD-WAN is compatible with the sort of security tools that can only operate externally, such as security information and events management (SIEM) suites. If your SD-WAN solution has monitoring and analytics capabilities to closely (and in real-time) oversee application traffic and performance, link availability, security and compliance, its potential pitfalls are greatly mitigated. This means it needs to be collecting data from anywhere from dozens to hundreds of apps running on a daily basis. Doing so accumulates a wealth of data you can rely upon to identify patterns in the metrics noted above.
Additionally, using an SD-WAN solution, like the Aruba EdgeConnect SD-WAN platform gives you the opportunity to leverage machine learning capabilities that adapt and optimize the network according to changing patterns, thus optimizing the user experience. By developing this knowledge base, the proper responses to various issues can be configured as policies and automated.
The Vital Support of a Managed Services Provider
Some SD-WAN users opt to go the do-it-yourself route with their management of the solution. This allows the most control but may also cause a variety of complications (and possible cost increases). By contrast, an MSP like GTT Communications, working in conjunction with Aruba, can give you the expertise and oversight that a large SD-WAN deployment requires.
GTT reduces the complexity of your project by asking you the right questions about your business intent (and desired ROI for the SD-WAN solution) upfront, before the deployment project begins. Our team treats each deployment not as a templated process to be rigidly followed, but rather a unique proof of concept tailored to meet clients’ needs. We also offer an assurance guarantee to vow that the implementation will be fine-tuned as needed going forward.
Aruba EdgeConnect’s real-time application steering offers unparalleled control of application traffic in use cases like real-time voice over IP (VoIP) or cloud suites like Microsoft 365. (In fact, Aruba was one of the first vendors to earn Microsoft’s “Works with Office 365” designation.) The Tier 1 backbone that GTT provides on a global scale, as well as additional solutions for direct cloud connection and managed security, help ensure your organization can always use SD-WAN to its fullest potential without getting lost in the technology’s nuts and bolts.
About GTT
GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.
Silver Peak was acquired by Aruba, a Hewlett Packard Enterprise Company.
