How SD-WANs combine simplicity and performance

The “cloud” and the “edge” are two of the biggest IT buzzwords we’ve heard over the last decade, and for good reason, the concepts are truly game changers. We have experienced a fundamental shift in IT and the amount of data flowing through our networks has grown exponentially.

In this rapidly expanding and ever-changing environment, legacy WAN (Wide Area Network) solutions have struggled to keep up. MPLS (Multiprotocol Label Switching) was the preeminent WAN solution of years past, but it is difficult & time-consuming to deploy (if you don’t believe us, ask the nearest network engineer!) and, as Gartner reported in their 2018 Strategic Roadmap for Networking, “traditional MPLS WAN isn’t optimized for the cloud”. This leaves many enterprises looking for modern alternatives to MPLS that are more suitable for the demands of modern networks.

Internet based VPNs (virtual private networks) have gained some popularity as an MPLS alternative, but come with performance and scalability tradeoffs that often make it an impractical solution. Generally, these tradeoffs aren’t worth it, and organizations are better served choosing a simpler, more extensible approach. That’s where SD-WAN comes in.

In this piece, we’ll dive into the drawbacks of legacy WAN and contrast that with the ease of using cloud-based SD-WAN.

The drawbacks of legacy WAN:


MPLS still has some use cases in modern IT, but it’s becoming less popular because of a number of inefficiencies.

  • Not cloud optimized

MPLS is good at providing a secure and stable connection between two locations. However, the shift to cloud services has created a new paradigm that MPLS just wasn’t designed for. With so many applications residing outside of local networks (AWS, Office 365, G-Suite, etc.) many networks fall victim to the “trombone effect” – which occurs when egress and ingress traffic is inefficiently routed through corporate security appliances before making its way to the destination – and see precious MPLS bandwidth consumed quickly. Given the cost of MPLS bandwidth, this can be a real problem once congestion occurs. WAN optimizers are the traditional solution to this problem, but they only help so much – throwing additional components at a fundamental problem only increases complexity.

  • Expensive

In short, MPLS circuits aren’t cheap. In addition to the circuit, you’ll need dedicated routers at each site and may need to invest in WAN optimizers as well. Even if it delivers performance that is on-par with other WAN technologies, the dollar cost and time investment involved usually make MPLS unattractive from an ROI perspective. Additionally, once you’re locked into an MPLS agreement, you risk significant waste should the need go away before your term ends (e.g. in the event of a merger or location closing).

The takeaway here is that, since it doesn’t come with the associated MPLS costs, an SD-WAN solution can be a compelling solution from a business perspective. This holds true even before taking into account the costs of deployment and benefits to end users & IT teams.

  • Difficult to deploy & maintain

Getting a remote location up and running using MPLS is a non-trivial project that can take months to complete. After vetting service providers and deciding on a solution, your team of network engineers will need to provision and maintain hardware. Imagine repeating this process across a dozen sites and then consider the fact that an SD-WAN based solution could be up and running within an hour to get an idea of the difference.

VPN as an alternative

Internet-based VPNs are occasionally used in place of MPLS to provide secure access between two networks, however the use cases where VPNs are ideal are limited due to these drawbacks:

  • Latency

VPNs add overhead to network traffic by design, and in turn they increase the latency of your network traffic. This is particularly true if you are in an environment that uses VDI (virtual desktop infrastructure), relies on streaming services, or needs a VoIP connection over VPN.

  • Lack of control & access

From mobile support to failover to traffic shaping and QoS (Quality of Service), VPN-based WAN solutions can severely limit the amount of control your network engineers have over traffic and the amount of accessibility your users enjoy.

  • Complexity

Often when VPN solutions do “support” a given feature, they can be prohibitively costly to configure and maintain. To provide a specific example, Internet failover using VPN has been a significant challenge for a number of organizations.

The SD-WAN solution

Now that we’ve explained some of the main challenges of legacy WAN solutions, let’s discuss how a cloud-based SD-WAN solution addresses them.

  • High level of performance and cloud-optimized

Since SD-WAN can use a variety of underlying transport methods (high-speed fiber, 4G LTE, DSL, even MPLS etc) and leverages software to make routing decisions, it is uniquely equipped to handle the variety of traffic networks face. This high-level of performance is possible because enterprise grade cloud-based SD-WAN providers use SLA-backed, low-latency, global backbones built using lines leased from Tier 1 ISPs (Internet Service Providers).

  • Easy to deploy

Using SD-WAN, a new site can be deployed in less than an hour, and can even been automated. This is a stark contrast to legacy WAN solutions and one of the key drivers of SD-WAN ROI.

  • Granular controls

QoS, firewalls, and routing decisions can all be easily defined using cloud-based SD-WAN. Network engineers can drill down and tweak configurations as required while bypassing the complexity of legacy solutions. Additionally, since the entirety of the infrastructure is provided as a cloud service, changes take affect almost instantaneously.

What does all this mean for you?

Cloud-based SD-WAN is capable of delivering performance that surpasses traditional MPLS and minimizes complexity. This means it is possible to leverage SD-WAN to securely connect multiple locations to one another and the Internet without sacrificing performance or taking on the workload required to configure MPLS or VPN.

About Author