Featured FutureWAN18 Tech Talks Viptela

The Complex Simplicity of SD-WAN

  1. SD-WAN as a Service: Meeting Businesses at the Business Level
  2. As SD-WAN Enters Mainstream, Security Features Transform the WAN
  3. SD-WAN: When the Solution Is Greater Than The Sum Of Its Parts
  4. Moving To The Cloud – Network Nightmare or Dream?
  5. SD-WAN: Steering Apps In The Right Direction
  6. Rolling Out SD-WAN at REI
  7. Taking SD-WAN Even Wider at Acadia
  8. Treating Your Cloud Like an SD-WAN Branch
  9. Succeeding With SaaS and Viptela Cloud On-Ramp
  10. The Complex Simplicity of SD-WAN
  11. SD-WAN Changes the Internet Security Model
  12. Approaches to SD-WAN Managed Services
  13. SD-WAN Fabrics Aren’t Interoperable. Should Organizations Care?
  14. The Current State of SD-WAN in Service Provider Networks

Growing up in the 80’s, I remember that power windows in vehicles were often optional–not standard. When shopping for a car, my Dad once pondered, “If I get the power windows, they are more likely to break, and more expensive to fix. Hmm. Maybe I should stick with the old hand-cranked windows.”

Exactly. There’s a devil hidden in the details of complexity. That devil is risk. The more complex a product is, the greater the risk that something goes wrong.

The temptation with many technology solutions is to buy the most complex one possible. The longer the data sheet, the better the product must be, right? And hey, even if you don’t use all of those features today, you might use some of them eventually. Better to be safe than sorry.

Well…maybe.

The SD-WAN Complexity Devil

SD-WAN is an inherently complex technology. Traffic is broken down into application flows, each flow routed dynamically across a path that can deliver on an SLA. That SLA was defined using a centralized policy manager and distributed to all the SD-WAN forwarding devices in the SD-WAN fabric.

SD-WAN paths are measured constantly for loss, jitter, and latency. Flows are shifted from one link to another as path characteristics change.

The complexity is enormous, even in that basic description. Application identification. Real-time path quality measurements. Centralized control plane. Customizable routing policy. We haven’t even mentioned the security aspects of SD-WAN, or how the reporting and regulatory compliance engines work. Or integration with public cloud services.

Oh, my.

Do You Need All the Nerd Knobs?

I don’t mean to scare you into thinking that SD-WAN isn’t worth adopting due to its inherent complexity. SD-WAN has many fantastic use cases that happen to be addressed precisely because of that complexity.

However, the SD-WAN product landscape has a variety of entrants, and they range in capability. Some of them are quite simple in what they offer. Others have a lot more capability, but also more complexity.

Go as simple as you can, but no simpler. Evaluate several SD-WAN solutions. Understand their capabilities and limitations. Apply those to your specific business requirements. Buy the solution that gets the job done in ways that are simple to acquire, operate, and scale over time. You might need a few nerd knobs, but you probably don’t need them all.

Simple to Acquire

How easy is it for you to get a hold of the SD-WAN solution? Here are some questions to ask as you investigate what it’s like to buy from an SD-WAN vendor.

  • Can the SD-WAN software be installed on hardware you already have? Some vendors, like Riverbed and Cisco, offer this. That might simplify acquisition.
  • Is the SD-WAN solution available in all the places you have a physical presence? Not all SD-WAN vendors can support global organizations.
  • Is the SD-WAN licensing scheme palatable? Some licensing schemes are notoriously painful to live with. Get into the details.

Simple to Operate

How easy is it to operate your SD-WAN fabric once it’s been installed? These are some points worth considering.

  • Some SD-WAN solutions are merely simple application routing functionality added to a device originally designed to do something else. For example, Fortinet’s Fortigate and Meraki’s MX appliances are primarily firewalls. And yet, both of these have SD-WAN capabilities. Is that good enough? It might be.
  • Some SD-WAN platforms are a network engineer’s fantasy come to life, with a plethora of options, checkboxes, and pull down menus. Do you have the expertise on staff to manage an SD-WAN fabric loaded with options?
  • SD-WAN creates significant path complexity, especially when service chaining is enabled. What tooling does the SD-WAN platform offer to help troubleshoot forwarding issues? That’s a lot of complexity that needs to be simplified to keep the network operations team sane.

Simple to Scale

As your business grows organically or acquires other companies, is it easy for the SD-WAN fabric to grow along with it? Here are a few questions with considering.

  • How many SD-WAN routers can participate in the fabric? Some platforms scale to dozens or perhaps hundreds of devices. Others scale to thousands of devices. Size appropriately. Re-architecting the fabric design from scratch because you’ve hit the limits of the product is never fun.
  • How much bandwidth can your SD-WAN appliance fill? As your WAN bandwidth scales, you want your SD-WAN forwarding devices to be able to fill the bigger pipes. Pay attention to the encrypted IPSEC throughput rating when buying physical SD-WAN appliances. Early appliances struggled to fill 1Gbps.

But What About Future-Proofing?

I have advocated that you buy as simple as you need, but no simpler. Keep the complexity of your SD-WAN solution to a minimum, with the realization that some complexity will be necessary to meet your business requirements. That philosophy should reduce your risk of the SD-WAN fabric breaking and increases the chances that your SD-WAN will just work without constant fussing.

If you’re the sort of person who wants to buy the fanciest technology “just in case,” I understand that feeling. There is some wisdom in overbuying, especially if you only get budget once in a while.

On the other hand, realize that with SD-WAN, there are solutions designed for very large installs, and solutions designed for smaller installs. Vendors who design for smaller installs tend to realize the needs of those smaller shops and make the solutions simpler to operate as a result.

You probably don’t need a Ferrari when a Nissan will get the job done. Just make sure the Nissan has the options you’re looking for.

About the author

Ethan Banks

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 1M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction.

Leave a Comment