Most of the network engineers, by now, have heard about SD-WAN and how they can benefit from migrating to SD-WAN. The technology has received enough momentum & Service Providers/Enterprises are now zeroing in on its popularity in the market. Having worked on SD-WAN for a while now & after looking at the solutions offered from top vendors, it is intriguing to see what different SD-WAN vendors offer and how most of the vendors are staying on top of their game to make SD-WAN simpler and fancy in their own ways.

To start with, SD-WAN isn’t just about aggregating the bandwidth or steering an application or switching traffic from one link to another, it is in fact, about delivering secure & efficient end to end application performance. Whether the application is hosted out of your datacenter or any cloud, it is a great ROI on WAN investments.

There are many distinct flavors of SD-WAN in the market and sometimes it gets confusing as to which vendor to choose from. A quick search on SD-WAN shows close to 30 plus vendors with most of them supporting the basic load balancing, traffic steering, transport agnostic, some form of application visibility, analytics and a bit of zero touch deployment. Most of these vendors reckon that this technology is extremely flexible and simple to deploy. But again, isn’t simplicity and flexibility debatable? For example, a CLI expert could configure a few commands in CLI and call it child’s play however someone using it for the first time might not agree. Hence, in my opinion, to keep things relatively easier and simpler for everyone, clicking a check box should be a seemingly better option.

Moving forward, let’s look at the following features (other than the standard features) that in my humble opinion will not only enhance the Vendor’s credibility in the market but also give them an edge over others.

Cloud Readiness - Traffic from the branch to applications hosted in data centers is already well oiled and efficient. But what a lot of vendors miss is that with the wide adoption of SaaS applications and extensive use of Public clouds, the traffic going to Cloud needs to be efficient too. SD-WAN vendors must be truly ready for this if they want to make an impact in the market. They must ensure cloud presence. Cloud is the new Network.

Blackout/Brownout Protection - Most of the major SD-WAN vendors offer Blackout and Brownout Protection. The questions that come to my mind here are how fast this blackout/brownout protection kicks in? How fast the traffic is steered b/w the links if there is a blackout or brownout? Does the VOIP call drop, when a voice call is moved from one to another link? Is steering per-flow or per-packet? Keeping these questions in mind, it is imperative for any SD-WAN vendor to ensure that sub-second failover happens. Albeit, I have come across vendors that have failed or are failing tragically in providing sub-second failover.

Error correction & TCP flow Optimization - By simply switching the traffic from one link to another wouldn’t help, if you have packet loss on multiple links at the same time. A need arises for error correction mechanism that saves your critical application traffic. It will be great if this error mechanism can be used per application in event of packet loss, latency on multiple WAN links. But one must keep in mind that error correction should not kick in to remediate every flow or packet. For example, most of us, wouldn’t want error correction to kick in for Netflix traffic :) It is equally important to make sure that the solution addresses TCP slow start and general flow control.

Security – Most of the vendors provide IPSEC encapsulation and AES 128 or 256 encryption for the overlay tunnels. However, the catch here is who out of these vendors provides security to Cloud. In other words, how easily do they integrate with cloud security and how flexible is it to use the existing Security devices like a Firewall, IDS, IPS or instantiate a VNF on the branch device to take care of security?

Backward compatibility with Routing Protocols – Completely migrating to SD-WAN will take some time just like any other network migration. Having said that & knowing that networks rely on routing protocols, an SD-WAN branch edge must be capable to run routing protocols to communicate with existing MPLS core on underlay as well.

Therefore, I would like to conclude by saying, that the one thing that my experience has taught me so far is, that organizations at the end of the day will pick an SD-WAN vendor that meets their requirements best. However, the onus of making that journey smoother, cleaner and easier depends on the Vendor’s competency, credibility and versatility.

To decide what SD-WAN solution will work great for your network, you would need to consider what specific SD-WAN features are a deal maker or breaker for you.

Happy migrating to SD-WAN & Happy holidays!