It’s Time for SD-WANs to Evolve

Dec 07, 2020
6 minutes
... views

The best part about being a technology analyst is being able to constantly witness the evolution of a market and/or technology. One example of this has been the enterprise wide area network (WAN) that largely stood stagnant for the better part of three decades. Routers may have gotten faster but the hub-and-spoke architecture that uses MPLS as its backbone was the same design used when I was a network professional in the early ’90s. However, that doesn’t indicate that there wasn’t a need for a WAN evolution. Network engineers have been frustrated with the inefficiency and high cost of legacy WANs for decades but couldn’t find another option.

But then along came software-defined WANs, or SD-WANs, as they are more commonly known. A handful of years ago, a few startups, such as CloudGenix, recognized the problem with WANs and saw that the shift to the cloud was going to exacerbate the issues. Businesses were rapidly embracing digital transformation, and that requires agile IT infrastructure. The cloud brings an unprecedented level of agility to infrastructure and applications but requires an equally agile network to ensure services and applications are delivered with a best-in-class user experience. 

It’s this shift to a cloud-first business that has driven the rapid uptake of SD-WAN. The COVID-19 pandemic has further accelerated the notion of the cloud, which has caused an increase in usage with SD-WAN. Recently, ZK Research conducted a “Work From Anywhere Study” that revealed some interesting data points that support this thesis. Specifically: 

  • 58% of respondents state SD-WAN makes the transition to work from home easier 
  • 48% state the pandemic has accelerated their SD-WAN timeline 
  • 58% state the business value of the WAN has increased 

The last bullet is a particularly interesting statistic as the network has never been something that organizational leaders have paid much attention to. Though today, for most companies, the network has become the business. No network means no access to most applications, which, in turn, means lost productivity, lower revenue, and unhappy customers, all of which are obviously horrific. 

SD-WAN is certainly transformative, but most of today’s solutions have been around for about a decade and haven’t changed much in that time. As is typical with new technology, the first wave is designed to provide incremental improvements by doing what was done before but a bit more efficiently. The second wave is where there’s innovation that enables the new technology to do things the old could not.

Consider the cloud: the first phase of cloud was simply doing a lift and shift of existing apps into the cloud. This improved resiliency and made apps more scalable, but it wasn’t until app developers embraced cloud native design that how apps are built and consumed fundamentally changed. Similarly, for SD-WAN, the first wave is coming to an end, and the industry needs to focus on solving some of the challenges that traditional solutions cannot address. Legacy SD-WANs reduce the cost of networking and improve reliability but still have the following challenges: 

  • Outdated architecture: Most SD-WANs have maintained packet-based architectures built on Layer 3 policies, which limits app-based networking capabilities. Also, while SD-WAN has improved network visibility, packet-based networks have no application visibility, making it a struggle to create app-based service-level agreements (SLAs). 
  • Manual operations: Legacy SD-WAN vendors have focused on network cost savings, which can be significant. However, the hefty cost of running a network—more than 50% in some cases—comes from operational expenses. Some SD-WAN vendors have improved day-zero and day-one operations through zero-touch provisioning. However, day two remains a struggle because staff still need to conduct ongoing configuration changes manually. The heavy emphasis on manual operations hurts network reliability. In fact, a recent study from ZK Research found that with legacy operations, human errors are the largest cause of unplanned network downtime.  
  • Security as an overlay: Traditional SD-WAN are network centric, but security remains a series of point products that are effectively “bolted on” to the network. This creates  inconsistent policies, increases operational complexity, adds costs, and isn’t all that effective. 

What’s needed now is a next-generation SD-WAN that not only lets companies operate the network more efficiently but also opens up the door to doing things that weren’t possible with legacy WANs. Below are the attributes of a next-generation SD-WAN: 

  • Application-defined networking: The rapid transition to work from home brought on by the pandemic led to a corresponding increase in the use of cloud apps, including a reliance on collaboration tools and video. Each one places unique demands on the network. Consequently, the network needs to automatically prioritize the different types of applications and ensure they run without incident. A next-generation SD-WAN should adapt as the needs of people change, rather than having workers and customers adapt to how the network wants them to work. 
  • Autonomous network operations: Next-generation SD-WAN must use artificial intelligence (AI), machine learning (ML), network data, and business policies to enable a fully autonomous network. This is a network where tasks are automated and human intervention is minimized. This enables companies to accelerate their digital transformation plans because changing the network won’t be the labor-intensive challenge it is today that can often hold companies back. 
  • Cloud-delivered branch services: The next-generation SD-WAN should provide a service edge to the cloud that ensures simplified management and operations. This needs to be a comprehensive security-as-a-service layer that applies best-in-class security to everything that traverses the network, including cloud services, public cloud assets, internet resources and data center intelligence back at headquarters. Security services that are a must-have at the cloud edge include SSL decryption, CASB, Zero Trust, secure web gateways, sandboxing, DLP, SDNS firewalls, and firewall as a service. 

The network-centric nature of digital businesses has shifted the network from being the “pipes” of a company to its most important strategic asset. As a result, the network needs to evolve, but SD-WAN alone doesn't solve all problems. Palo Alto Networks next-generation SD-WAN, enabled by the acquisition of CloudGenix, shifts the focus of SD-WAN from being transport centric to being security and application centric. This provides the company’s customers with a solid foundation to meet today’s needs but also those into the foreseeable future. 

To learn more about choosing the right SD-WAN solution for your organization, watch this on-demand webinar with ZK Research.


Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.