When considering different SD-WAN offerings, there are a number of different features to choose among. While some of these features are “nice to have”, others are essential to deploying a high-performance, reliable WAN. When shopping for an SD-WAN solution, it is important to look for a product that offers integrated security, service level agreement (SLA)-backed performance, support for mobile devices, and cloud-native options.

Integrated Security

SD-WAN, by itself, is designed to solve networking challenges. By optimizing the routing of traffic over multiple different transport media, it can provide high-performance, reliable network connectivity on the corporate WAN. However, beyond being functional, these networks also must be secure. In many cases, different network and security functions are provided by standalone appliances that are linked together to provide a coherent security infrastructure. Yet this approach to security is expensive, complex, and inefficient since each point product must be individually deployed, configured, monitored, and maintained.

With SD-WAN, which tries to route traffic optimally to its destination, an organization’s full security deployment is required at each corporate LAN, dramatically increasing the cost and complexity of security based upon standalone point products. Selecting an SD-WAN solution with security built-in provides the security that an organization needs at a fraction of the cost.

SLA-Backed Performance

One of the major drivers behind the adoption of SD-WAN was an attempt to move away from expensive multiprotocol label switching (MPLS) circuits. MPLS network links are extremely effective at providing reliable, high-performance network connectivity; however, they come with a high price tag. By abstracting away the network layer and optimally routing traffic over a number of different transport links, SD-WAN can provide reliability and performance competitive to MPLS. The catch here though is that the performance of SD-WAN is dependent upon the transport media that it uses.

SD-WAN solutions that operate over the public Internet suffer traffic latency and packet loss caused by inefficient and unreliable routing on public networks. When selecting an SD-WAN solution, it is important to choose one that has SLA-backed performance guarantees that allow it to offer a competitive alternative to MPLS.

Mobile Device Support

SD-WAN enables an organization to improve the performance of their corporate WAN while decreasing the price tag of networking infrastructure. However, an enterprise only receives these benefits for traffic that actually flows over the SD-WAN infrastructure. SD-WAN requires an SD-WAN appliance to be located at both ends of a connection to perform traffic identification and routing. When connecting two sites under an organization’s control, this is not a major problem.

However, the use of mobile devices for business purposes, whether company-owned or bring your own device (BYOD), is growing. These devices will often use mobile networks rather than company-owned wireless networks. Since SD-WAN appliances do not exist for mobile devices, these devices will have to connect through an SD-WAN point of presence (PoP) in order to gain the benefits of the optimized corporate WAN and enable the organization to achieve full visibility into its business traffic.

The additional latency incurred due to the need to connect via this PoP (and possibly have traffic routed through the headquarters network for security scanning) can be significant, even outweighing the benefits of an optimized WAN network.

An SD-WAN solution should be able to minimize this impact by ensuring that latency incurred by 

connecting via a PoP is minimal and/or optimizing the network links so that it is still faster to access resources via the corporate WAN. Otherwise, the organization may lose visibility into business traffic due to mobile users choosing not to access external resources via the corporate WAN.

Cloud-Native Options

Like the growing use of mobile devices for business purposes, cloud computing is transforming companies’ network infrastructure and how it is used. Over 96% of organizations are currently moving core business activities to cloud deployments.

An SD-WAN solution that does not properly address the growth of cloud in business will have significant impacts on the performance of the corporate WAN. If the organization forces all cloud-bound traffic to pass through the headquarters network for security scanning, then users may experience extremely high network latencies when attempting to access relatively local cloud assets.

An SD-WAN solution should have support for cloud environments. This includes deployment of SD-WAN appliances and security infrastructure in the cloud so that traffic can be routed directly to its destination instead of being bounced first through one of an organization’s on-premises networks.

Choosing The Right SD-WAN Option

SD-WAN offerings come in a variety of different shapes and sizes. The basic technology, optimized traffic routing over multiple different transport media, is offered by a variety of different vendors. However, this alone is insufficient for building a high-performance, reliable, and secure WAN that meets the needs of the modern enterprise.

When comparing different SD-WAN solutions, it is important to consider both the needs of the solution and its deployment environment. Traffic must be reliably routed over a secure network, meaning that an organization needs an SD-WAN appliance with integrated security and SLA-based performance guarantees.

SD-WAN is also intended to provide a networking solution that meets the needs of the organization now and in the future. As the use of cloud computing and mobile devices for business purposes becomes more common, it is important to choose an SD-WAN solution capable of supporting them. As SD-WAN adoption grows, the space of SD-WAN vendors will only become more crowded. Understanding what is necessary and what is “nice to have” in an SD-WAN solution is vital to making an informed decision when making the change to SD-WAN.