SD-WAN Scalability for Large Enterprise Networks
Many large networks continue to grow rapidly, often needing to add multiple global locations in a matter of days. Or perhaps the branches in established markets and countries are fairly stable, but there is rapid growth in new markets and countries where traditional MPLS service may not be cost effective, or not available at all.
An SD-WAN can operate as an overlay to the existing network, handing you tools to turn up new branches very rapidly without impacting the stability or configuration of the incumbent infrastructure. No reconfiguration of older routers and switches, no need for knowledge-staff to be on interminable plane rides around the globe, no rejiggering of a vast snarl of VPN tunnels, no waiting for MPLS service. Use whatever type of branch connectivity is available, deploy zero-touch SD-WAN branch configurations from a central orchestrator and steer the traffic over auto-established VPN tunnels to an SD-WAN gateway at your existing data center or cloud location.
Your existing VPN configuration from branch to data center or cloud location is likely complicated, but it is working and workable—good enough as long as no one dabbles with it. But branch-to-branch communications is an order of magnitude harder—branches change, new ones come, old ones go. Every time this happens every other branch’s configuration is impacted. It’s an nxn mesh—cause for a gigantic headache in a network of any substantial size. The only real traditional alternative is backhauling every branch connection via a hub site, or the central data center location. Untenable global delays, doubling traffic in the hub locations—a headache of a different color, but no less painful.
An SD-WAN overlay is also beneficial here. The basic branch-to-data-center or cloud location connectivity can remain unchanged. But branch-to-branch communication can be steered over the SD-WAN overlay where VPN tunnels are built as and when needed. It is as simple as indicating on the central orchestrator that security is required on these traffic patterns.
Large, mature networks have such a significant investment in existing infrastructure that upgrading, or configuring branch locations for access to a new cloud or SaaS application, is often a stupefying undertaking. Rip-and-replace is technically the easiest solution, but almost never a viable financial choice. An SD-WAN overlay can also ease this challenge: by deploying (zero-touch) SD-WAN technology to the branch, access to the new application or traffic pattern can be steered via the SD-WAN overlay while existing applications and access remain undisturbed—using either the site’s existing transport link or a new link. Over time, additional applications or traffic types can be migrated to the SD-WAN network until the older equipment can be decommissioned when it reaches its logical end of life.
Large mature networks also have to deal with branch turnover: some branches must be brought down due to shifting business patterns; mergers and acquisitions demand that another whole network—perhaps a fairly large, and equally established, one—must be promptly bridged and integrated with yours; divestiture requires the opposite, segmenting and carving out, but not dismantling, and handing over cleanly and securely a network that is now independent from yours.
Overlay networks are enormously helpful with these challenges. During an acquisition, the old and new networks can be bridged via the SD-WAN overlay. Conversely, select branches on an SD-WAN can easily be moved to a new, separate SD-WAN, automatically segmenting “yours” from “mine”. This can be done from the central multi-tenant orchestrator and requires no physical change to any location.
Large networks achieve economies of scale by negotiating favorable provider connectivity contracts and pricing, resulting in many branch locations governed by multi-year agreements for a specific type of transport (e.g. MPLS), and a set amount of bandwidth. Shifts in business climate or technology may necessitate changes to branch connectivity or bandwidth during the contract timeframe. While these negotiated agreements provide significant financial advantage, they also limit agility to adapt to new business conditions—a new must-have SaaS application, a new cloud-provider location, new applications causing unforeseen bandwidth increases, or BYOD shifts in employee technology.
With an SD-WAN overlay you can provide additional bandwidth or cloud access to new SaaS locations while existing contracts stay in place until expiry. SD-WAN link detection, link steering, transport independence and remediation technology offer business-class quality application performance over broadband and LTE technology. At the renewal of the contract, this extra bandwidth can be renegotiated into the traditional link access (MPLS) and the other connections dropped, or all traffic can be migrated to the new transport, or a combination of both can remain in place. SD-WAN transport independence offers great flexibility in link types and optimally steering traffic over multiple links. SD-WAN technology adapts to your needs, rather than your adapting to it.