Optimizing the Enterprise WAN with SD-WAN


Digital transformation initiatives drive organizations to deploy new solutions to enable them to operate more competitively and better serve their customers. However, while implementing these initiatives, it is important to understand and consider software-defined wide area network (SD-WAN) benefits so that an organization can choose a network infrastructure capable of supporting their new solutions.

Network Evolution Creates Challenges 

Organizations’ networks are growing and evolving, and this puts a strain on traditional enterprise-wide area networks (WANs). Organizations require more bandwidth, must support a geographically distributed workforce, and need to secure an array of different endpoints on the network.

  • A Growing Need for Bandwidth 

An organization’s Internet connection is an increasingly vital part of its ability to operate effectively and remain competitive in their field. An organization’s web presence is the primary point of contact between it and its customers, and the growing use of cloud computing to store data and host applications means that the amount of business traffic flowing from an organization’s internal network to the Internet is growing rapidly.

Many of these applications require high-speed, reliable Internet connectivity. Multiprotocol label switching (MPLS) links provide these guarantees, but MPLS bandwidth is extremely expensive. As organizations’ bandwidth needs exceed their MPLS investments, they must make the choice between deploying additional MPLS circuits and moving some of their traffic to a less expensive medium.

  • A Distributed Workforce

Almost every business grows more distributed over time. In some cases, this means that an organization deploys new branch locations to expand its geographic footprint and better serve its customers. In others, this includes allowing employees to work remotely to support remote offices, outsource functions to contractors, improve employee satisfaction, or as part of the organization’s business continuity/disaster recovery (BC/DR) plan.

As an organization’s geographic footprint expands, deploying MPLS circuits at all employee work locations is difficult or impossible. However, these employees will likely also require high-speed, reliable access to the organization’s WAN.

  • A Diverse Network Infrastructure

In the past, the majority of an organization’s IT infrastructure was composed of desktop machines deployed within the organization’s internal network. This enabled a business to take a perimeter-focused approach to cybersecurity. By deploying a robust set of cybersecurity protections at the network perimeter, the organization could detect and block the majority of attempts by outside attackers to gain access to the enterprise network.

The modern business network looks very different. While the organization likely still has desktops and laptop machines connected directly to the corporate network, this represents a shrinking percentage of the organization’s network infrastructure. Growing business use of cloud computing, mobile devices, and Internet of Things (IoT) devices creates a very different network infrastructure.

Many of these devices connect to networks and systems outside of the organization’s perimeter, and some traffic may not pass through the organization’s internal network at all. For example, a mobile or laptop user connecting to cloud resources from outside the organization has no reason to send their traffic through the enterprise WAN.

However, these direct connections degrade enterprise visibility of business traffic and deprive these systems of the benefits and protection of the organization’s cybersecurity deployment. In many cases, these devices cannot support the same cybersecurity solutions as other endpoints, making maintaining consistent security throughout the corporate WAN difficult or impossible.

SD-WAN Provides Solutions

Traditional WAN infrastructure struggles to keep up with the evolution of the corporate network. However, SD-WAN provides solutions to major WAN challenges. 

  • High-Performance, Reliable WAN Connectivity

The primary selling points for MPLS are that it provides high-performance, reliable network connectivity. This requirement is used to justify the high cost of MPLS bandwidth since it is crucial for many organizations. SD-WAN offers aggregation of multiple different transport media and intelligent routing of different types of network traffic. This enables it to augment or replace MPLS bandwidth by routing all traffic over the transport media that best meets its needs and those of the business. This use of multiple media also provides extremely high reliability through redundancy, which is infeasible and expensive when using MPLS links.

  • WAN Flexibility and Agility

Adding new MPLS bandwidth requires the deployment of new physical links at the desired location. As a result, organizations are largely “locked in” to the geographic locations where they have already deployed MPLS circuits. SD-WAN, on the other hand, operates over a broadband Internet connection and potentially other transport media. These connections are cheaper to use and much easier to expand or deploy to new locations, making it possible for an organization’s network connectivity to grow and evolve with it.

  • Support for a Diverse Network Ecosystem

One of the byproducts of the evolution of the Internet and computing devices is that business traffic is increasingly moving off of the corporate LAN. Cloud computing is accessed via the public Internet, mobile devices connect to mobile networks, and IoT devices may use either or both. As a result, the enterprise lacks visibility into these devices, and routing their traffic through the enterprise cybersecurity architecture increases latency and degrades performance.

While traditional SD-WAN has many of these same problems, cloud-based SD-WAN provides a solution. An array of cloud-based points of presence (PoPs) enable cloud, mobile, or IoT devices to connect to the SD-WAN and undergo security scanning with minimal performance impacts. By routing SD-WAN traffic through dedicated, Tier-1 Internet links, it is possible to provide network performance that may even exceed a direct connection despite the detour made to use the SD-WAN links.

SD-WAN Provides Next-Generation WAN Performance

As organizations deploy new endpoint solutions as part of digital transformation efforts, the growth of the corporate network puts a strain on the enterprise WAN. SD-WAN represents the next logical evolution of the WAN, solving the major problems that organizations face today.