Which best serves enterprise communications needs?
On this blog I mainly write about WebRTC and generally about real-time communications. But these services are worth nothing without the underlying network on which they run.
The shift VC vendors are making from vendors to UC service providers in the cloud followed by enterprises moving to these cloud services and the change WebRTC has brought to many services, allowing them to add communications as a feature to existing SaaS applications have all contributed to the change in the requirements enterprises have for the WAN.
Since in some of my work I deal with SD-WAN and specifically VoIP over SD-WAN, I decided to write a series of 2 posts where the first one will look at different network options including SD-WAN and the following one will talk about the disruption caused by the combination of WebRTC and SD-WAN.
If your company is dealing with SD-WAN and VoIP, drop me a note. It might lead to an interview on this blog if you have interesting things to share with the readers.
Let’s get going…
Networks are constantly improving and enterprise WAN is not left behind. Along with the improvements in enterprise WAN, requirements have changed as well, they have become more demanding. With all the improvements in networks, when looking at network health reports we still see high packet loss peaks that even exceed the 10% (remember, numbers are presented as average, peaks are higher than the 1 hour average).
Usage model changes are in a few fundamental areas:
- Enterprise critical applications are moving to the cloud. This includes delay sensitive applications such as real-time communications
- Communications in the enterprise are shifting to VoIP adding also bandwidth hungry low latency real-time video and collaboration applications
- Applications are operations critical hence resiliency is required
- Agility in onboarding new SaaS applications and opening new branch offices
These usage model changes translate to a need to:
- Improve connectivity between the enterprise branches at a lower cost per Mbps as traffic increases
- Have high quality, low latency access to main SaaS providers and public clouds
- Be able to use several service providers for connectivity for resilience and best of breed choices
- Use low cost connections
With all the changes in usage models and requirements, many enterprises still use technologies such as MPLS that were designed 20 years ago.
Let’s take a closer look at a few of the existing technologies and see where enterprise WAN is heading. The below doesn’t claim to cover all network technologies and these technologies can make use of various access technologies such as E1/T1, DSL…
Multiprotocol Label Switching (MPLS)
MPLS is a dedicated private network provided to enterprises by operators. It allows prioritizing one type of application over the other by entering different QoS information in the packet label. Since MPLS is a private network it doesn’t go through the public internet and therefore it is more secured.
An enterprise can build a private network between its branches ensuring QoS. In many cases, hosed UC providers require the enterprise to connect to their cloud with MPLS in order to ensure QoS.
Advantages of MPLS
- Dedicated private network
- Guarantied QoS, application prioritization and bandwidth allocation
The downside of MPLS
- Expensive (300-600 USD per 1 Mbps/Month)
- Static and closed network (branch to branch), no value when I onboard a new SaaS service
- Long time provisioning (can take up to 3 months to get MPLS to a branch)
Bottom line. MPLS was great for the requirements of the past and for those who had the budget to pay for it.
Dedicated Internet Access (DAI)
DIA is exactly what it reads. It gives the enterprise a dedicated link to the internet.
Dedicated meaning, you don’t share that connection and bandwidth with others.
Internet meaning, it connects the enterprise to the ISP. Not to the other branches of the enterprise as MPLS does and therefore it is not secured and doesn’t really guaranty QoS between branches, and things get more complex when talking about global branches.
To cover over the security issue, VPN can be added on top but for critical traffic DIA might not be enough.
The bright side of DIA is that it is cheaper than MPLS.
Software Defined WAN (SD-WAN)
SD-WAN stems from WAN optimization and Hybrid WAN.
SD-WAN solution typically create a secured (encrypted) overlay network on top of the actual network (broadband/MPLS..) and performs various optimization technologies in the data layer. While SD-WAN is typically application aware, it doesn’t work in the application layer. Instead, SD-WAN performs application prioritization (giving one type of traffic priority over another), assures delivery of data, packet reordering, FEQ and data optimization.
On the hybrid WAN side of things, SD-WAN routers typically connect to several links (for example MPLS and broadband or 2 broadband connections). This allows them to manipulate traffic in several ways such as:
- Send high priority traffic over the more reliable/quality connection
- Duplicate high priority traffic such as real-time voice/video communication and remove duplications on the receiving side
- Offer resiliency in case one link fails
SD-WAN providers differ in the solution they offer but they can be generally grouped into those who actually provide SD-WAN as a service and offer a network and those that sell boxes (routers) that connect between the different enterprise branches and in some cases also between the enterprise and a service provider. Viptela is one example out of many such vendors.
The SD-WAN providers that offer a network such as Aryaka and VeloCloud each have their own secret sauce but the general concept is that they place aggregation GWs in network POPs close to main SaaS providers such as Amazon AWS and Office 365 and with that ensure better connectivity with these SaaS providers. Some take it to the next level and build their own global network ensuring low latency over that network and due to a wide distribution in major countries, low latency from the enterprise to their network.
This is a brief and simplified representation of the SD-WAN solutions. At the end of the day, an enterprise needs to take a close look at what the requirements are and based on that select the right solution as while they use the same terminology, SD-WAN vendors differ significantly one from the other.
SD-WAN is the WAN of the future
If we review again the enterprise WAN requirements detailed at the beginning of this post it is clear that the only option built for current and foreseeable requirements is SD-WAN. MPLS and DIA are built for the past and don’t support cost and technical requirements of the modern enterprise.
Soon after the beginning of the internet CheckPoint invented the Firewall and the rest is history. Show me an enterprise without a Firewall today.
In a few years, SD-WAN will be like the Firewall is today for enterprises. It will become common among enterprises. It doesn’t mean MPLS will go away, but with the capability of Hybrid WAN as part of SD-WAN, MPLS will become less critical, less traffic will go over it and more and more enterprises will move away from it, gradually but surely.