May 14, 2018

SD-WAN mythbusting: Part I

Jim Fulton

While sitting above the ocean in a quiet, remote town in Portugal, fully connected into all of the resources I needed to get work done, I started thinking about how rapidly the networking landscape is changing. Now, more than ever before, it’s feasible for enterprises to use software and commodity internet connections to simultaneously improve their teams’ productivity while also saving money. As with many technologies, what started off as hype at the bleeding edge is maturing into something real that can make a big difference for even large organizations.

The term “SD-WAN” is one of those mouthfuls that is quickly becoming a concept of its own rather than just an initialism for “software-defined wide area networking.” Originally the subject of many ephemeral start-ups, SD-WAN represents a way of thinking about how locations get connected and the resulting security and operations implications. But, as we talk with customers around the world about their experiences with SD-WAN, we’ve noticed several recurring themes, themes that often start out as myths but that provide useful insights once untangled. 

We’re going to take a look at several of these myths over the next few weeks. To kick things off, let’s look at what SD-WAN is perhaps best known for: saving money by replacing private MPLS network links with direct-to-internet connectivity over commodity broadband.

Myth #1: Replacing MPLS with SD-WAN is mostly about saving money

MPLS technically stands for “Multiprotocol Label Switching” but is now used by itself to describe dedicated lines from telecom carriers. MPLS links provide guaranteed quality of service but are often perceived to be expensive and slow. For many years, distributed organizations would contract for such lines to connect each of their remote offices back to their regional headquarters. This worked fine when most of the network traffic traveled between centralized databases and proprietary applications running in stores or branches.

As organizations became more distributed—opening new offices, finding a new balance between “everybody works in a single building” and “everybody works in a coffee shop”—their needs changed. Data started being transmitted between remote locations, not just back to the home office. People began using applications running outside the corporate network, often in the cloud. These applications became more interactive, enabling users to manipulate greater volumes of data and run their operations more efficiently. But, to make this all work, organizations found themselves facing a dilemma: either spend even more on larger MPLS lines or change the way their wide-area networks are structured.

SD-WAN gained its initial reputation as an alternative to employing a maze of MPLS lines. With SD-WAN, locations could connect directly to the internet using much less expensive, higher-volume technologies, distributing connectivity and allowing for more effective communications.

Saving money is just one feature of SD-WAN.

Replacing MPLS links with equally fast broadband connections absolutely saves money; many organizations fund their whole shift to SD-WAN from these savings. But that’s only part of the picture. In many cases, MPLS lines aren’t immediately removed. Often, they’re part of multi-year subscription contracts or carry sensitive traffic that would require additional business processes if sent over external links. But SD-WAN gives organizations the flexibility to augment their MPLS lines with other types of connections as new sites are deployed or as the capacity of existing sites is increased.

One customer of ours described it as a “10x choice”. They could replace MPLS lines with broadband at a tenth of the cost, or they could go the other direction and increase capacity tenfold (or more!) with the same budget. 

  • Business Continuity. With SD-WAN, multiple links can be used together seamlessly. In the event a networking cable gets torn up outside the building, it won’t take down the site with it.
  • Fast Cloud Applications. Newer, highly interactive cloud applications like Office 365 depend upon users being connected directly to the internet to provide the most productive experience.
  • Data Isolation. As compliance mandates (and the audits that check up on them) become more complex, organizations often find they can substantially reduce their risk (and make their auditors happier) by segmenting their networks. This separates sensitive data such as PCI-controlled financial information from other, more “general” network traffic.
  • Link Optimization. MPLS and other types of links provide reliable quality of service for applications that need predictable delivery, such as voice-over-IP (VoIP). Offloading less-sensitive traffic to other links enables existing infrastructure to be used more effectively.
  • Inter-site Connectivity. As organizations become more distributed, network traffic between internal parts of the network is increasing and becoming more dynamic, going beyond what is feasibly managed through traditional, static approaches.

The bottom line is this: adopting SD-WAN can produce phenomenal savings, but it also provides unprecedented agility and flexibility. With SD-WAN, organizations can more readily choose the best balance of saving money, boosting productivity, improving resilience, and accelerating growth.

Watch our recently recorded webcast, “Enterprise SD-WAN in the Real World,” to learn how our MSSP partner uses Forcepoint’s secure enterprise SD-WAN capabilities to optimize connectivity and security for 400 sites around the world, or check out the eBook "5 Myths About Enterprise SD-WAN."

Next week on the Insights Blog we’ll investigate the 2nd and 3rd myths of SD-WAN: “SD-WAN takes the place of the internet” and “SD-WAN eliminates the need for on-premises hardware.” Stay tuned!

SD-WAN Mythbusting: Part II

SD-WAN Mythbusting: Part III


Jim Fulton

Jim Fulton serves as VP Product Marketing & Analyst Relations, focused on SASE, SSE and Zero Trust data security. He has been delivering enterprise access and security products for more than 20 years and holds a degree in Computer Science from MIT.

Read more articles by Jim Fulton

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.