This article is part of a series (links below). I would recommend reading the articles in order, starting with “Greenfield Opportunity”, which provides the required framing.
Alongside many other critical decisions (e.g. ERP, HRP), we have prioritised the infrastructure foundations, covering the Network, Hosting and Identity Access Management (IAM). This article aims to provide a high-level overview of our proposed Wide Area Network (WAN) architecture, which we believe presents an interesting opportunity to innovate.
Over the past decade, Multi-Protocol Label Switching (MPLS) has been the standard for enterprise businesses, providing scalable, protocol-independent, any-to-any connectivity. The “magic” behind MPLS is that packets are assigned labels, which are used to make packet-forwarding decisions, without needing to interrogate the packet itself. This approach is very versatile, allowing businesses to implement end-to-end connectivity, across multiple protocols.
MPLS is a service that must be purchased from a carrier (e.g. AT&T, CenturyLink, Verizon, etc.) Depending on the specific network requirements, MPLS services can be very expensive, especially when compared against public Internet connections.
Within our business, we have 60+ physical locations across the globe, including 10+ locations that support highly sensitive business processes (e.g. R&D, Manufacturing, etc.) Our future-state architecture will put a heavy emphasis on cloud services, covering SaaS (e.g. Workday) and Public Cloud (e.g. Microsoft Azure, etc.)
Although MPLS remains a viable option for our WAN, a new technology known as Software-Defined WAN (SD-WAN) has been gaining market momentum.
SD-WAN is not directly comparable to MPLS, as it is an overlay technology. However, it has the potential to indirectly impact MPLS adoption, as it can aggregate several WAN connections into one software-defined network (SDN).
For example, SD-WAN enables companies to select inexpensive public Internet connections, whilst still maintaining (and even improving) enterprise-grade performance, service delivery, and availability. This approach can dramatically lower the total cost of ownership.
SD-WAN achieves this outcome, by measuring network traffic metrics (application-aware), such as latency, packet loss, jitter, and availability, proactively selecting the optimal path (dynamic link assessment) for each data packet in real-time.
This approach, alongside centralised management for enterprise-wide policy creation/maintenance, makes SD-WAN a natural fit for businesses looking to embrace a multi-cloud strategy. For example, it removes the need for Internet-based traffic to be back-hauled via a central location and/or data centre.
To enable us to make the right technology decision, we partnered with World Wide Technology (WWT), taking advantage of their Advanced Technology Center (ATC). Through a multi-week assessment, we decided to position Viptela as our SD-WAN provider, who had the most mature and reliable service, as well as the added benefit of being recently (AUG-2017) acquired by Cisco.
I fully expect the SD-WAN market to evolve quickly over the coming years, therefore the Cisco acquisition will help bring some stability, as well as complement our proposed Cisco-based LAN/WLAN architecture.
Alongside the benefits previously outlined, our decision to select SD-WAN can be summarised across five areas:
Flexibility: SD-WAN is incredibly flexible, for example, it is easy to increase, reduce and even combine bandwidth across multiple connection types, including fixed-line and cellular. Therefore, it is now perfectly viable to have cellular (4G/5G) as a core part of the WAN architecture, providing an additional level of on-demand resilience for critical sites. Thanks to the centralised management, SD-WAN is also very quick to deploy, without the need for local (on the ground) engagement. This improved flexibility is especially important for modern businesses, who will likely need to grow (M&A activities) and contract based on market conditions.
Performance: SD-WAN can remove the need to backhaul traffic via a central location and/or data centre, ensuring that traffic routing is optimised across all scenarios, including cloud services (SaaS, etc.)
Reliability: Thanks to the application-aware routing and dynamic link assessment, it is possible to deliver a highly reliable architecture at low cost, through the use of multiple internet connections (including cellular), from different providers. This approach can dramatically improve service availability, through automated “failover” in the event of a network outage.
Security: SD-WAN inherently includes advanced security capabilities, covering end-to-end traffic encryption and network segmentation. Supported by centralised management, any potential breach and/or vulnerability can be quickly identified and contained.
Cost: A traditional MPLS architecture can be expensive, driven by a need to procure from a carrier, often resulting in fixed (multi-year) contracts and long provisioning time. It is also common for MPLS networks to have backup circuits, which are only utilised in the event of a failure. SD-WAN supports multiple connection types (including MPLS), allowing businesses to prioritise inexpensive public Internet connections. SD-WAN also aims to optimise traffic across all connections simultaneously, ensuring a higher return on investment.
In conclusion, through the use of SD-WAN, we anticipate a wide range of operational and financial benefits. However, it is the potential for SD-WAN to act as an enabler for innovation, which is most exciting!