Saturday, November 23, 2024

SD-WANs in a Cloud-Centric Landscape

Software-defined wide area networks (SD-WANs) emerged to enable branch offices to access corporate applications and enterprise software over the public internet. However, they are proving less effective for today’s highly distributed IT landscape. Historically, organizations relied on a hub-and-spoke network architecture, where centralized systems connected to branch offices. Yet, the Covid-19 pandemic and the shift towards cloud-native architecture and SaaS applications have spurred the need for a more decentralized network infrastructure.

This shift impacts how corporate networks are configured, particularly concerning the capacity to accommodate future growth. A decade ago, Google outlined a global strategy for linking its data centers in its report on a worldwide deployed SD-WAN. Researchers highlighted that WAN links are typically provisioned at 30% to 40% average utilization, enabling network providers to obscure most link or router failures from users. However, this approach significantly escalates costs.

Despite this over-provisioning, many legacy SD-WANs fall short of meeting the demands of modern, cloud-native IT infrastructures, which support highly distributed applications and a remote workforce. These networks were primarily designed for a hub-and-spoke model, causing substantial administrative overheads when adapting configurations for today’s distributed environments.

In 2021, a whitepaper published by the Enterprise Strategy Group (ESG) emphasized the necessity of rethinking enterprise networking to keep pace with business transformation. The report noted that digital transformation efforts have heightened IT complexity, necessitating connectivity across diverse and distributed IT ecosystems, which include data centers, multiple public clouds, and remote workers.

ESG identified that conventional hub-and-spoke network setups and outdated security models cannot adequately support these transformation initiatives. The firm indicated that architectural constraints hinder innovation, degrade performance, and often lead to higher maintenance costs.

Challenges with Legacy SD-WANs

ESG reported that older SD-WAN solutions, focusing on packet-based Layer 3 traffic, typically lack visibility into application-layer performance. While they can meet network quality-of-service standards, ensuring application service-level agreements (SLAs) remains a challenge. As ESG analysts noted, additional enhancements are often necessary to achieve visibility for cloud and edge applications.

Amid increasing demands for improved user experiences in a complex distributed environment, ESG pointed out that operations teams often struggle with manual processes. “Progress has been made in initial provisioning activities, but day-to-day operational tasks often require manual handling. Across the board, organizations grapple with the inherent complexities of modern distributed applications and work environments,” the analysts stated.

Security management is another significant challenge for organizations relying on legacy SD-WANs. According to ESG, many early SD-WAN providers collaborated with IT security firms to add security features for branch offices, but this often complicates deployment and management, resulting in inconsistent security measures. This issue becomes more pronounced within distributed remote work settings.

While some industry experts argue that the era of SD-WAN is ending, Gartner’s latest research suggests otherwise. “SD-WAN continues to be relevant for many enterprises but is evolving to meet shifting market demands and is increasingly incorporated into broader security offerings like next-generation firewalls (NGFW) and secure access service edge (SASE),” states Jonathan Forest, vice-president analyst at Gartner.

Forest explains that the relevance of SD-WAN is being questioned due to the shift towards hybrid work and the emergence of “coffee shop networking,” where traditional office-centric models are being replaced by more flexible remote arrangements. “Employees are working from diverse locations, including homes and co-working spaces, which is driving the need for streamlined and cost-effective SD-WAN solutions that provide efficient branch connectivity.”

Business-Driven Networking

Given the challenges of managing network policies across potentially millions of devices, Forrester Research advocates for democratizing network operations beyond the IT department, allowing other business units to design and manage their own network resources. Forrester principal analyst Andre Kindness points out that the Wi-Fi industry has effectively demonstrated this capability.

“When Wi-Fi was initially deployed in offices, networking professionals managed user access individually,” Kindness explains. “Today, a simple graphical interface allows lobby administrators to grant guests access to office Wi-Fi independently.”

In retail, for instance, stores now offer splash pages for guests to log onto Wi-Fi services autonomously, and in application development, developers leverage cloud networking tools without requiring IT ticket assistance.

According to Forrester, organizations still often over-provision their network infrastructure while striving to cut costs. Kindness highlights that an excessive focus on cost reduction, at the expense of customer experience, can compromise business performance. “Much of the networking dialogue is centered on cutting costs through technologies like software-defined networking and SD-WAN. However, many of these solutions can increase total costs when considering necessary adjustments in security or new hardware investments.”

Integrating Security

To address previously mentioned security concerns, Gartner’s Forest notes the evolution of SD-WAN-systems toward integrated security features, simplifying operations, reducing equipment sprawl, and fostering cost efficiencies. “Traditional standalone SD-WANs are evolving to meet modern demands that require integrated security capabilities, such as those found in NGFW or SASE solutions,” he explains.

This integrative approach accommodates the dynamic needs of distributed work environments and complexity, ensuring high availability, optimal application performance, and seamless connectivity between enterprise branches and public clouds.

Ultimately, while the SD-WAN landscape is undergoing significant transformation, integrating security functionality has become nearly essential for effectively meeting contemporary networking and security requirements.