Building your Cybersecurity or SD WAN vendor shortlist? Try our online quick assessments for recommendations.

What are the top 5 SD WAN challenges?

What are the top 5 SD WAN challenges?

Compare the SD WAN & SASE / SSE Cybersecurity market across 150 providers and vendors now

  • Compare DIY or fully managed solutions for your business
  • Learn why each solution is a match for your business
  • Used by companies including CDC, Permira, Square Enix, British Legion and more

Get Started

The pace of digital transformation within the IT sector is putting significant strain on enterprise IT teams. There is a widespread drive to adopt next-generation technologies to meet the demands of remote workers and their public cloud consumption. SD WAN is one of the leading digital technologies to help enterprises transform how users work but IT teams are challenged to bring together vendor solutions. IT teams must also align their user workflows, their use of cloud services, their policies across device usage and their security to understand how SD WAN vendors can add value.

“Netify offer free tools to help IT teams understand which vendors offer the right use case to solve SD WAN buying challenges.”

The Netify SD WAN quick assessment quiz which helps IT teams build their vendor shortlist in minutes. And the more comprehensive vendor comparison tool which requires a free login to behind filtering features in realtime.

There is a need to pause the business and map out the application and user flow to consider how transformation might occur. For example, users may access business resources in a certain way today which may not be efficient or secure. While IT technology is growing in capability, the complexity of deploying services is reducing. To understand which SD WAN vendor fits your needs, clear documentation is needed which describes your individual business use case for Software WAN.

Challenge 1 - How to select the right SD WAN vendor?

The selection of SD WAN services may not appear to be the most insurmountable of challenges facing IT teams, it requires time and resource coupled with significant associated risk. Conducting SD WAN vendor research is often difficult which is, in part, due to product vendor marketing which often results in feature overload. Therefore, the initial challenge is to align SD WAN features to your specific needs and business outcome requirements.

How do you align features? The typical feature-set revolves around the current capability of SD WAN solutions and future features based on your own Enterprise digital transformation journey using Software WAN technology. SASE security and access Cloud services are now the leading considerations when organizations select their next WAN solution over and above the actual WAN product feature-set.

Gartner is discussing AI (Artificial Intelligence) as the next frontier of networking revolving around setup, orchestration and ongoing changes managed by cloud intelligence. Cloud services adoption is growing significantly, with certain vendors opting to use the Azure, AWS and Google Cloud backbones to deliver connectivity. While vendors remain committed to providing WAN edge devices, the trend is moving toward a virtualised world based on software. In this respect, SD WAN is becoming SDP (Software Defined Perimeter) as users connect to cloud resources directly from their device browser.

These changes are putting a strain on IT teams as they plan and develop use cases for WAN technology. Therefore, the challenge is to clearly understand the needs of your business today and in the near future. The office is no longer where business is done but where people meet for face to face when required. Covid-19 accelerated an already changing world which has forced SD WAN deployment to meet the needs of remote users. We note the use of 'Shared Services Centre' rather than branch-office, which firmly recognizes home/remote working adoption.

The value of SD WAN is sold based on benefits which include agility and automation. However, each vendor varies across complexity and ease of use. For example, specific vendor solutions offer out of the box DIY capability with others requiring the involvement of integrators and professional services to deliver.

The final vendor selection challenge is based on how SD WAN vendors go to market. The majority of SD WAN solutions are only available via channel distributors, integrators, partners and VARs (Value Added Resellers). With this in mind, IT teams are required to select the right partner of said vendor required to deliver the solution. The task is made difficult because there is often limited research data available to differentiate the capability of each vendor partner.

Any prospective SD WAN delivery partner (distributor, integrator, reseller) should also understand the complete digital transformation landscape. The vendors, service providers and partners you engage with must understand the challenge and provide a consultative approach to the solution.

Challenge 2 - How do you trust the Internet to deliver SD WAN performance?

The Internet is the primary platform for delivering application access, representing a major shift away from technologies such as MPLS. The demise of MPLS has been discussed in numerous articles, but the main problem with MPLS (aside from expense) is the very reason for the technologies huge growth over the last 20 years - privacy. Although MPLS is offered with back-to-back access to selected Cloud vendors, SD WAN using the Internet encompasses access to ALL public cloud vendors, which allows users to connect into their resources from wherever they're able to use Internet connectivity. As users, we are constantly connected to devices that use the Internet to access our work and personal applications.

SD WAN solutions using the Internet are not capable of providing end-to-end QoS (Quality of Service), which means you cannot end-to-end prioritize applications. To ensure network performance is adequate, IT teams need to consider the right architecture vs business needs. The challenge for Global Enterprise business is more significant vs. their national counterparts due to the nature of Internet latency between countries. SD WAN vendors have evolved their global capability to include access to private backbones that enable fast traffic transit between countries and public gateways, which are in turn connected to multiple high performing ISPs (Internet Service Providers). The adoption of global backbone deployments, or global public gateways by certain vendors, sometimes narrows their customer base as performance is governed by how close branch-offices are located vs the local PoP.

One solution to mitigate against application performance issues is to deploy ISP underlay from a single carrier positioned to deliver network services connectivity across one backbone. The single carrier approach can be augmented with failover connectivity from 4G/5G service providers or local ISP connectivity. SD WAN will also detect circuit degradation or allow the use of multiple circuits whereby one could be used for Voice and the failover could be used for mission-critical apps (as an example).

There is a new move from QoS to QoE (Quality of Experience), which measures user experience across network performance and application delivery. Network connectivity selection requires careful analysis of SLA (Service Level Agreement) across backbone performance, uptime and support. The average Internet backbone is broadly the same performance as MPLS, meaning the advantages of using a private backbone are further diminished.

Challenge 3 - How do you secure SD WAN?

Gartner is responsible for creating the SASE (Secure Access Service Edge) framework to define the security features and platforms required to secure users connecting to public networks. SASE consists of FWaaS (Firewall as a Service), SWG (Secure Web Gateway) and ZTNA (Zero Trust Network Access). Almost all users require access to cloud applications which puts them at risk of ever-expanding attack vectors. SASE is designed to meet the challenge of network and user security while offering IT teams the flexibility to deploy security with clarity and reduced complexity.

The challenge from an IT buyers perspective is understanding which SASE solution makes the most sense vs complexity. There is a subset of vendors offering out of the box SASE solutions which are easy to configure with simple policy control but perhaps not as powerful in respect of management interface options. Simultaneously, the adoption of traditional security vendor solutions is very configurable but requires more knowledge and expertise or the involvement of a specialist partner or integrator.

Securing SD WAN in the data center or cloud services infrastructure is also one of the most discussed SD WAN design topics. Some vendors offer their solutions built into Azure and AWS and others deploy virtualised instances into central global locations. Lastly, there are numerous vendors who add their appliances on an ad-hoc basis depending on location. Securing the resources from Azure (Office 365 included), AWS and Google Cloud is one of the significant deployment risk factors.

Monitoring and reporting of network traffic are key elements of any security solution. With this said, there needs to be some form of automation and reduction in false positives to ensure your IT team is not all consumed with threats on an hour by hour basis. Another challenge faced by IT teams is understanding which network threats are false positives and which alarms represent a current and real threat. Careful analysis of the vendors SASE security management interface will fully inform your business on whether or not the particular solution is fit for your requirements and users. There are trade-offs to be made based on the complexity of your network and internal IT skills.

Challenge 4 - How to deliver cost reduction with SD WAN?

One of the most prevalent SD WAN marketing messages is 'saving money' by moving from expensive MPLS to an Internet-based VPN. There is truth to this statement but the cost-saving outcome is not always achieved and results largely depend on how your ROI (Return on Investment) business case is constructed.

MPLS is more expensive in the US when compared to the equivalent Internet connections, but here in the UK, there is more parity between MPLS and Internet costs. Savings are often difficult to quantify since SD WAN could increase network resiliency, which means the business is less susceptible to downtime resulting in revenue loss. It is also the case that SD WAN enables IT teams to do more, to react quicker and generally optimize bandwidth traffic based on comprehensive network statistics and reporting. Again, sometimes challenging to quantify but could result in the requirement for fewer network engineers.

With any network change, there is typically some form of Capex and resource required to help project manage the solution, which in turn increases short term cost to the business. In general terms, SD WAN is capable of generating cost savings if cost reduction is the intent of your IT team. As an example, SD WAN offers the flexibility to procure the lowest cost Internet services within each of your locations. Security and networking functions can be consolidated into a single device that will save money vs standalone Firewall appliances.

Challenge 5 - How to choose between DIY, Co-Managed or fully managed SD WAN?

Traditionally, IT teams were forced to decide how they wanted their WAN managed. With SD WAN, the lines blur with some vendors offering a service wrap that does not move the company down one of these distinct paths. When the vendor owns the complete technology stack, they can get involved in the end solution in whatever aspect is required.

CNaC (Cloud Native Architecture) discusses how complete technology stack vendors are better position to deliver WAN services vs traditional service providers or partners and integrators. In short, the reason is that their support staff are in control of every technology stack component. If a customer needs help with a particular aspect (co-managed), the vendor assists because they have the required knowledge and control. On a day-to-day basis, if the customer wants to make a simple in-house change, they can go ahead and make it happen (DIY). And even at the fully managed end of SD WAN services, CNaC vendors can still offer the capability to provide DIY or co-managed solutions.

One take away here is that IT teams are no longer forced to endure the typical service provider route of buying WAN services. In the past, even making simple changes took days (if not weeks), causing extreme frustration and potential network issues. More than ongoing changes, IoT (Internet of Things) and BYoD (Bring your own Device) mean SD WAN needs to be agile; companies are required to deliver services quickly and in-line with how business is done today.

Thanks for reading. What should you do next?

If you're an IT decision maker, take a look at the Netify marketplace to view our extensive research across multiple SD WAN, SASE & Cloud solutions. And, try our SD WAN assessment to find your perfect SD WAN, SASE or Cloud match.

Click to view our solution research →
Click to find your SD WAN match →

Visit the Netify SASE Cybersecurity and SD WAN marketplace.

Get the data points you need to help with your SASE Cybersecurity and SD WAN decision making process.

Learn More

Suggested Posts

SD WAN Buyers Mindmap

Download the SD WAN Buyers Mind Map Feature Comparison Guide

Download the at-a-glance A3 PDF SD WAN Buyers Mindmap. Everything an IT decision making team need to consider when comparing vendors and managed service providers.

SD WAN Buyers Mind Map 2023

Your Mindmap is sent immediately. Complete the following information - check your junk folder if you do not receive the content within 2 minutes.

Download now

Compare solutions over MS Teams

Schedule your FREE SD WAN & SASE Cybersecurity IT buyers strategy session

If your business is looking to compare and evaluate SD WAN & SASE/SSE Cybersecurity, one of our experts will discuss your goals and review Gartner leaders, niche players and startups. (Includes DIY & Fully Managed services)

Please provide the following information and one of our North American or UK consultants will reach out to you soon.

Request session

Compare the SD WAN & SASE/SSE Market

The most successful Enterprises use free Netify comparison tools

Our free comparison tools have helped CDC, Permira, Square Enix, and British Legion —plus many smaller companies across North America and the UK (including Global locations).

Learn More

SD WAN & SASE/SSE Marketplace

Discover the provider and vendor research you need

Discover over 150  SD WAN & SASE/SSE service providers and vendors using the Netify Marketplace. Request sales PDF documents, get your local contact or book a demo.

Visit Marketplace

Medivet, CDC Global, British Legion, Permira & Tilney used the Playbook.

Download the SD WAN & SASE Cybersecurity Playbook

A comparison of SD WAN vendors & providers distilled into one page. WIth the key features you should consider.

Download our latest guides to SD WAN and SASE (Secure Access Service Edge) Cybersecurity with our IT Managers Mind Map checklist.

Download now

Subscribe to Notifications

Explore Topics

Popular Article Topics

Find articles and helpful resources about any of the following:

The Netify Learning Center

Learn more about comparison of SD WAN and SASE Cybersecurity with the Netify Learning Center.

See All Articles

Close popup
Close popup

Download our at-a-glance Mind Map which details the features, vendors and managed providers YOU MUST consider when comparing SD WAN & SASE Cyberscurity solutions.

Download

Download the SD WAN Buyers Mind Map. If you are comparing SD WAN vendors or managed providers, use this stunning at-a-glance guide with solution comparison and feature cheat sheet checklist.

Back
Download the SD WAN Buyers Mind Map. If you are comparing SD WAN vendors or managed providers, use this stunning at-a-glance guide with solution comparison and feature cheat sheet checklist.
Preview
If you enjoyed this preview, please enter your business email address and we'll email you a link.