As service providers look to monetize their SDN investments – particularly as part of the services they offer to their business customers – Software-Defined WAN (SD-WAN) services are allowing them to use virtual networking to offer more efficiencies for multi-site businesses.
Being a relatively nascent concept, SD-WAN is an approach to designing and deploying an enterprise WAN that uses SDN to determine the most effective way to route traffic to remote locations such as a company branch office.
Leveraging a hybrid WAN architecture, SD-WAN includes a number of new functions:
- A centralized, application-based policy controller
- Analytics for application and network visibility
- A software overlay that abstracts underlying networks
- An optional SD-WAN forwarder (routing capability) that together provides intelligent path selection across WAN links
Service providers are taking two approaches to SD-WAN: A managed SD-WAN service, or leveraging SD-WAN to offer services. With a managed SD-WAN service, service providers work with vendors like Cisco to deploy their products into the end user enterprise network. Similar to managed CPE, a managed SD-WAN allows service providers to manage the SD-WAN devices for the end customers. However, this approach requires a service provider to install SD-WAN devices at the customer branch office and head end locations.
By using the SD-WAN as a technology approach, a service provider builds SD-WAN overlay to the edge of their network, either at the network-to-network interface (NNI) or in an internet point of presence (PoP). With this approach, service providers terminate SD-WAN overlay tunnels at the SD-WAN head end that reside at the edge of their network and original traffic is handed off to the MPLS backbone. One of the benefits of the SD-WAN as a technology approach is that service providers can migrate customer sites to SD-WAN without having to always deploy a head end.
Just how big is the SD-WAN opportunity?
IDC estimated that worldwide, SD-WAN revenues will surpass $6 billion in 2020 with a compound annual growth rate (CAGR) of more than 90 percent over the 2015-2020 forecast period.
Still, concerns remain for businesses that are considering an SD-WAN migration.
Mike Fratto, research director of enterprise network systems for Current Analysis, told FierceTelecom that while SD-WAN has great promise, businesses will want to conduct detailed trials on how it will work and impact their organization.
“It's new and unproven, so trials are important so that customers can validate the incredible claims SD-WAN vendors are making, which, I think, are generally accurate but there may be cases where SD-WAN doesn't work well,” Fratto said. “Companies already have invested in branch gear such as routers, firewalls and often those capabilities are consolidated into a single appliance and managed through a central manager, so there is some education that needs to take place with customers.”
Managed vs. Do it Yourself
Handing off functions to a service provider is a scary proposition for most large enterprises. This is because businesses have a large, embedded base of network equipment that they don’t want to disturb, and transitioning to SD-WAN is no different.
So it becomes a question of whether an enterprise wants to opt for an all managed solution or a do-it-yourself (DIY) approach.
In many cases, an enterprise will use a hybrid WAN and hybrid cloud that allows the organization to manage some critical functions in-house while outsourcing others to a third party. With a managed solution, an enterprise can hand off all of the solutions management to the service provider.
Fratto said that decision to go for a totally managed or do-it-yourself solution depends on a business’s specific needs. Some enterprises will opt for a total managed service while others might want to keep these functions in house, with overall cost and control being key factors.
“For enterprises that already manage their branches, I think the deciding factor is whether a managed service is cost competitive compared to DIY,” Fratto said. “There are advantages to handing the keys to someone else and I'd also carefully evaluate the co-management capabilities as well. If the MSP is doing the logistics and the customer is simply maintaining the system, that might be a worthwhile exchange.”
In order to make the SD-WAN service more palatable, CenturyLink will let customers conduct a free trial before they buy their service. CenturyLink currently has multiple customers conducting proof of concept. SD-WAN services are typically ideal for large- and medium-sized companies that have multiple offices. A business can equip a small regional sales office that has only a few employees with an SD-WAN service so they can communicate with the larger headquarter office, for example.
Eric Barrett, network product management director at CenturyLink, said in an interview with FierceTelecom that it will allow customers to test the SD-WAN service for free, for example.
“We have a proof of concept program underway, which started out as a beta for us to understand the nuances,” Barrett said. “The proof of concept is as much for our customers as it is for us and we’re going to continue it past general availability because a lot of customers are interested in this but they are not ready to say I have 1,000 locations and it’s hard to understand it without a proof of concept.”
Barrett added that this “will be the predominant concept we’re going to see for the next 6-12 months where customers want to get a better understanding of the technology and we make sure we have an answer.”
Varying vendor approaches
Despite the promised benefits SD-WAN vendors have touted, a key concern for service providers like Masergy is that many systems aren’t standards-based.
“One of the not so great things about the technology is the proprietary nature of the current solutions and it’s not an open environment, meaning you can’t really mix and match these solutions,” said Tim Naramore, CTO of Masergy, in an interview with FierceTelecom. “Our customers told us that we needed to have a solution that can interoperate with their broader WAN platform.”
Naramore’s concerns aren’t unfounded. There’s an array of vendors, all of which have their own SD-WAN approaches.
Cisco’s Intelligent WAN (IWAN) offers a set of traffic control and security features for the WAN that have been integrated into its branch-office routers, for example. Viptela offers a two-pronged solution of a SD-WAN controller and a network management system. Besides Cisco, a number of new vendors including Viptela, Velocloud, Versa and others have continued to emerge as competitors in the SD-WAN space.
Interestingly, the service provider community’s growing focus on providing software-based services like SD-WAN is driving traditional hardware router companies like Cisco to rethink its strategy. To accommodate the shift from hardware to software taking place at AT&T, Verizon and others, Cisco announced it would cut 5,500 workers or 7 percent of its total workforce. The reduction is likely related to the fact that it wants to have a more specialized workforce.
Chuck Robbins, CEO of Cisco, noted during the company’s recent quarterly earnings call that “we see SD-WAN being another opportunity for us going forward in the routing space.”
Also in the mix are VPN/firewall gateway vendors, which will continue to sell their wares by touting their focus on network security and allaying fears that companies will be exposed to real or imagined vulnerabilities.
Other vendors, like emerging startup 128 Technology, said that SD-WAN is not necessary. By offering multi-path connections to the internet, data centers or to multiple cloud services, the company claims its Secure Vector Routing represents a more long-term approach.
To their credit, a number of these vendors have been making inroads with a number of key SD-WAN service providers.
Verizon, for one, includes Cisco and Viptela in its SD-WAN portfolio, while CenturyLink has adopted Versa. Meanwhile, EarthLink, which is in the process of rolling out its SD-WAN solution, is working with VeloCloud.
Evolving MPLS, multi-office needs
Service providers that target businesses with multiple sites are in an interesting position. Having made large investments in MPLS-based switching – one that’s enabled them to increase enterprise revenue with a service designed for multi-site networking – the advent of SD-WAN allows service providers to gain a new revenue source.
Unlike the traditional hub and spoke model, SD-WAN allows enterprises to deploy a partial or fully meshed architecture and transport traffic through the most efficient path. An enterprise could light up a new branch office by sending out a small piece of hardware that a local employee plugs in, and once connected, the hardware signals back to the headquarters to be configured based on established policies.
These policies can perform various functions: Manage network traffic, launch new branches or set security restrictions.
“SD-WAN offers compelling value for its ability to optimize MPLS costs, simplify and automate WAN operations, improve application traffic management, and dynamically deliver on the cost and efficiency benefits associated with intelligent path selection,” said Rohit Mehra, VP of network infrastructure at IDC. “SD-WAN will be particularly relevant for enterprises that have adopted or are adopting hybrid cloud and especially those that are availing themselves of SaaS application services.”
Mehra added that “enterprises also can use SD-WAN to balance loads across the WAN or to monitor application performance and send traffic over cost-optimal or the most reliable WAN links, depending on application requirements.”
One way to help multi-office customers gain the benefits of SD-WAN is having a multi-tenant solution. CenturyLink, for example, is using Versa’s gear to achieve this. Versa’s FlexVNF has built-in multi-tenancy that enables services for thousands of customers from a single head-end deployment, providing service agility and economy of scale. What this allows for is one interface over multiple sites.
“Other vendors have come at it from an enterprise approach with a hardware appliance that allows them to separate hardware from software, but it’s still a monolithic appliance approach and what the team here did was said we’re going to build it multi-tenant from scratch,” said Mark Weiner, CMO for Versa Networks. “Since all of the elements are multi-tenant, if I have a new client I can go click and activate a new tenant and I don’t have to put a new appliance in the rack in my PoP or CO to get a new customer up.”
Barrett said that having a multi-tenant approach allows CenturyLink to immediately scale its SD-WAN infrastructure to serve multiple customers or multiple locations of a large business from one node.
“A lot of the other vendors have done non multi-tenant, which means for every customer you have to build a director and controller infrastructure and sell them managed hosting somewhere in a data center environment,” Barrett said. “If you’re going regional and going redundant, meaning it adds additional dedicated infrastructure per customer, but our multi-tenant offering allows for that instantly with all of the advantages of a shared model.”
Barrett added that one of the things learned during customer trials is the solution plays into the multi-site architecture of its customer base. A restaurant chain would be able to get one single interface to manage all of its separate network locations, for example.
“Customers want multi-tenancy because by nature they are multi-tenant,” Barrett said. “If you think about it from our channel partner’s perspective, they are selling to multiple customers but want to use one single interface to manage multiple end environments and they can do that with this platform.”
While large businesses are key, MetTel sees applicability in large and medium-sized companies.
The managed service provider recently launched its SD-WAN service for enterprise and medium-sized businesses. Customers can immediately access the benefits of SD-WAN through MetTel's Layer 3 backbone network connections. Traditionally, businesses would have to wait until the end of a contract to benefit from this new technology.
MetTel’s solution can accommodate small retail branches or a larger business. In that situation, the service provider can deploy a small premises switch that combines multiple functions, including Wi-Fi and routing. Larger businesses get a similar platform, but those customers would have a larger power over Ethernet switch and larger Wi-Fi environment.
“It makes a lot of sense when the enterprise or medium business has multiple branches so this allows them to manage all those devices on an orchestrator through a portal that allows them to know what’s going on by troubleshooting and assign rules,” said Gary Gluzman, executive director of product marketing for MetTel. “At the end of the day we’re simplifying the deployment with a small box that consolidates a lot of devices a small office would have, including a 4 port switch, the ability to bond multiple circuits, a router, and a Wi-Fi access point.”
Smaller CLECs like TelePacific are also getting into the game. Leveraging its acquisition of Unified Communications provider DSCI, TelePacific’s pilot SD-WAN program carries over the top hosted PBX, MPLS and Continuity solutions often simultaneously. Today, the CLEC is offering this service for customers in New York, Colorado, Texas, Oklahoma, Florida and Washington as part of its national rollout of service.
Reducing access costs
One promise that advocates of SD-WAN often make to their business customers is that business customers can effectively choose various access methods. Depending on the availability in a particular market, a business could leverage lower cost broadband services, including everything from lower speed DSL, cable modem or even 4G LTE.
Verizon’s solution allows enterprises to “mix and match” private and public IP connections such as MPLS, wireless LTE, broadband and Ethernet to meet an organization’s unique application requirements based on geographic location, bandwidth and application service availability needs.
Initially, Verizon’s new managed SD-WAN service is being offered in the U.S., Europe and the Asia Pacific region.
“We wanted to ensure that we provided a software-defined solution that integrates our secure cloud interconnect to provide truly end-to-end services to our customers, but also integrate other cloud-based services we have and gain end-to-end visibility control from the mobile device to the cloud,” said Viraj Parekh, managing director of product innovation and new business for Verizon. “We also increase our technology options where in addition to our private IP services, we can integrate completely diverse solutions like LTE as part of the SD-WAN service as well.”
AT&T, which would not comment to FierceTelecom about its SD-WAN activities, has not revealed a specific product yet, but it has the capability to offer SD-WAN services when ready.
In July, AT&T launched its NFV on demand service in 76 countries and territories, allowing multinational businesses to reduce network costs and service activation time. AT&T Network Functions on Demand capabilities will include four main elements: Juniper Networks virtual routing, Cisco virtual router, Fortinet virtual security, and Riverbed virtual WAN optimization. The service provider plans to offer additional elements at a later date.
MetTel, a managed provider, is taking a similar approach by aggregating multiple broadband circuits from either cable or multiple DSL lines to create a hybrid environment as well as addressing MPLS customers.
“We could take two different types of access like cable and DSL and aggregate together,” Gluzman said. “We also have customers that have MPLS so we can provide that circuit and inject more bandwidth into it using a broadband circuit like cable.”
CenturyLink will provide necessary broadband or MPLS connections in its own territory, but the reality is that it may be serving customers that have locations outside of its wireline footprint. To combat this issue, CenturyLink can manage connectivity from a wide range of cable and telco providers as part of an aggregated solution.
"We're putting together partnerships with third-party broadband providers," Barrett said. "If we can't give you MPLS or broadband access from our own network, we'll go out and find a better deal with a broadband provider and take on the management of that."
Mehra said that having a set of broadband services to fulfill a particular contract gives the service provider more flexibility in addressing a multi-site customer’s needs regardless if they operate within or outside of their market boundaries.
“Bandwidth solutions (i.e. transport) will always be a key component of a SP’s portfolio of managed network services,” Mehra said. “With reference to a specific geography where a provider may not have footprint, it can leverage multiple technology options from competing or alternate provider to deliver a cost-effective pan-regional portfolio of managed services.”
Trust but verify
While reducing access costs by using lower cost broadband is a compelling proposition, the danger for large businesses is that these connections are largely best effort and lack the QoS and SLA elements of an MPLS connection.
Enterprises that adopt an SD-WAN solution will need to make sure that their service provider has mechanisms in place to ensure those connections won't be compromised. Since many businesses rely on their network connections to stay in touch and respond to their customers’ needs, these connections need to be designed with redundant links so if one fails, another is there ready to take over.
Fratto agreed that using lower-cost broadband circuits is a “red herring” and that enterprises should evaluate each connection on a case-by-case basis.
“The cost savings stems from replacing expensive MPLS circuits with less expensive broadband circuits, but the primary difference is that with a MPLS circuit or any private line, is that customers get SLAs, connections between sites, and someone to call in the event of disruption,” Fratto said. “With broadband, customers are using the internet as a backbone and it's always best effort, which is uncertain. By using multiple broadband circuits from different companies, customers can mitigate some of that uncertainty for less than a single private circuit.”
Masergy plans to start beta testing SD-WAN technology and decide what functions to productize in the fourth quarter. However, the service provider wants to release a solution that has features that its customers will find applicable to their business needs with plans to conduct beta testing.
“It’s a pretty broad set of stuff and some of the things are cool, but they’re not all that useful,” said Naramore. “We’re really impressed with the products that have forward error correction, especially for latency sensitive applications and there’s a lot of being able to route traffic at a customer premises based on application.”
Naramore said that while it can route customer traffic, it can’t “distinguish between Salesforce.com or YouTube.”
Likewise MetTel is using QoS methods from MPLS to get the best service. On top of the cheap bandwidth circuits, the service provider ensures QoS with multipath optimization and forward error correction (FEC) to monitor each circuit and switch and duplicate packets.
“One of the other benefits with our service is QoS, which leverages multipath optimization where we monitor each circuit and can shift traffic to alleviate any issues with a particular circuit the data is flowing through,” Gluzman said. “On top of that we also use forward error correction so if there are any issues with packet loss, jitter or latency we’re able to correct the issues.”
By offering solutions that can combine multiple functions like routing and firewalls in one solution, SD-WAN offers a potentially agile method to address a multi-site business customer whose smaller sites don't need big iron boxes. However, many businesses may already have long-term investments in existing equipment so SD-WAN might not make sense in some existing offices.
Being a new concept, the key challenge for service providers and their vendor partners will be in educating their customers that SD-WAN can offer a reliable connection at price points that are comparable to traditional multi-site service offerings.