The software-defined wide area network (SD-WAN) has moved from being the new kid on the block to a relatively mature networking technology in a matter of a few short years. And telcos have swiftly embraced the technology to offer it as a managed service to their enterprise customers. The topic will be discussed Monday, June 15 during a free FierceTelecom virtual event "Strategies for SD-WAN 2.0."
According to Vertical Systems Group, the top three carrier managed SD-WAN providers are AT&T, Hughes and Verizon, respectively.
But not all enterprises want fully managed SD-WAN. Some of them do SD-WAN in-house with the direct help of a vendor.
Mirko Voltolini, head of Network on Demand at Colt, said that even though Colt offers managed SD-WAN, there are reasons why it isn’t a fit for some large enterprises.
Voltolini said, “If you look at the history of most of our customers buying VPN, and now SD-WAN, there has always been a do-it-yourself element, especially for large enterprises that have IT in-house.”
He said sometimes enterprises don’t want to outsource technology related to Layer 3 of their networks. “In addition, SD-WAN is seen, maybe mistakenly, as an easier technology to manage,” said Voltolini.
Working directly with vendors
But some large enterprises prefer to manage their own SD-WAN. For instance, Fiserv is a financial services technology company that uses SD-WAN. Fiserv has technology that processes financial transactions for its customers, which include banks, credit unions and retailers, among many others. The company uses a hybrid approach to management of its SD-WAN.
“For us, personally, at Fiserv, we have more than enough technical expertise to not use a managed SD-WAN service,” said Michael Wynston, director of global network architecture with the company. “However, we don’t have enough feet on the ground to cover where we might want to drop SD-WAN.”
The company partners with regional service providers who can help supply delivery of SD-WAN to do configuration and instantiation. “But we always manage it in-house,” said Wynston.
Fiserv uses Versa’s SD-WAN technology, and it is also evaluating other SD-WAN technologies via partnerships with some of the large tech companies it works with.
The financial-transaction technology company uses SD-WAN to connect all of its approximately 200 corporate office locations. “But the big chunk of the pie is our client infrastructure,” said Wynston. “Every point-of-sale device at some point connects into Fiserv. Also, customers have their own private data centers and end points in public clouds.”
Fiserv uses its SD-WAN to connect all these various end points.
Wynston said Versa’s technology works well for Fiserve because Versa’s software can run on customer devices. “It has to be software only so we can put it in when we’re building platforms and partnering with others,” he said. “A number of our partners/customers don’t want anything of ours on their site. Other SD-WAN solutions couldn’t scale large enough or had strict hardware requirement that made them impossible for us to select.”
Inseego does SD-WAN in-house
Inseego is involved in the SD-WAN ecosystem as a provider of wireless gateways, which let customers use LTE/5G wireless as part of their connectivity array. Inseego works with carriers such as Verizon and AT&T to provide the wireless connection to the enterprise. It competes against vendors such as Sierra Wireless and Cradlepoint in providing the wireless gateways.
But in addition to its business working with carriers to provide managed SD-WAN services, Inseego is also in the process of setting up an SD-WAN system for its own corporate use. It works with a lot of SD-WAN vendors, but for its own company use, it chose Palo Alto Networks.
Rocky Pelfrey, Inseego’s VP of IoT systems engineering, said, “Our company does work with all SD-WANs from a commercial perspective.” But it chose Palo Alto for a variety of reasons, and it’s working directly with the vendor because it saves money on Opex. “We decided to go direct,” said Pelfrey. “We’re not doing a managed SD-WAN solution.”
Obviously, Inseego will use its own gear to implement LTE/5G technology as a failover for all of its corporate locations. “We might be uniquely positioned to manage network tech gear in comparison to other organizations that might have to bring on a full team of people,” he said. “We have a team of people, of course.”
Colt’s Voltolini agrees that in-house tech expertise is important along with having enough people. “Managing in-house has an element of complexity, you have to have the people,” said Voltolini. “The bigger the company, the better chance for them to do it themselves.”
Benefits of managed SD-WAN
But for enterprises that are less technologically adept, a managed SD-WAN service may be the way to go. “One thing that customers have to deal with is location,” said Pelfrey. “Where are they deployed, and what carriers are available in that area? The location is really an important piece to these customers, making sure a site survey is done to make sure they do have LTE coverage.”
Colt has arrangements with about 300 service providers to ensure that it can provide connectivity, globally. Colt also manages the logistics to deliver the components for SD-WAN. “We have worldwide logistics provider agreements,” said Voltolini. “We provide a turn-key solution. If you do it in-house it becomes quite complicated.”
Another consideration is the expertise to secure appropriate wireless data plans that suit the customer’s usage profile so that the customer doesn’t end up paying for overages. A managed SD-WAN provider would handle those contracts.
Aside from managed versus in-house SD-WAN, another hot topic in the SD-WAN ecosystem is Secure Access at the Service Edge (SASE). The acronym SASE was coined by Gartner. It refers to the trend for service providers to move more of their services, applications and data away from their centralized corporate network to edge locations. SASE takes a decentralized approach to delivering these services, apps and data.
MEF has been doing standards work on SD-WAN, and it’s created SD-WAN certification programs.
Pascal Menezes, CTO at MEF, said SASE brings an intersection of SD-WAN with security at the network edge. He said service providers have many locations that are suited for edge computing, such as PoPs, headends and central offices. “They own thousands of buildings,” said Menezes. “They’re offering various services, and one of them is to enable SD-WAN from that building, or PoP, or edge.”
With SASE, “you don’t put a thick box” at the edge, said Menezes. “You shovel everything to the cloud,” This edge cloud will be built by service providers, and it will encompass all those PoPs, headends and central offices, all connected together via SD-WAN. “It’s a cloud that could deliver CDN, other cloud services, other software-as-a-service,” said Menezes. “Everyone’s trying to play the same game.”
He pointed out that service providers have a jump on SASE because they’ve already invested in SD-WAN and edge compute. And they already have big network transports in addition to the aforementioned central offices, headends and PoPs.
Voltolini said he sees SASE as a transition from a “heavy branch” with security and other applications in separate boxes to a model where those functions are in the cloud.