Unlocking the benefits of SD-WAN through effective overlay self-management

By Jonathan Wright, Director of Products and Operations, Global Cloud Xchange.

  • Friday, 14th April 2023 Posted 1 year ago in by Phil Alsop

There has been an explosion in the number of companies turning to SD-WAN. The centralised software coupled with intuitive management suites at its heart opens up a new world of opportunities for IT teams that would previously never have dreamed of managing their own networks. So it’s perhaps unsurprising that, according to a recent study, 95 percent of enterprises have either deployed SD-WAN or plan to do so within the next 24 months.  

As part of their deployment, many organisations are choosing to self-manage the overlay – the logical network component of SD-WAN which uses network virtualisation to build connectivity on top of physical infrastructure. It's important, however, that enterprise IT teams are fully aware of what’s involved in taking this on. Serious thought should be given to the staffing resources and technical capabilities required for self-management, for example, to understanding the potential risks they might face, and to whether they’ll need a partner to support with the typically complex network underlay.  

 

Time and resources 

 

Deploying and managing an SD-WAN network can be time-intensive. IT teams should therefore consider whether they have sufficient resource capacity, as well as the impact any time spent attending to SD-WAN will have on their other day-to-day duties.  

For instance, an SD-WAN deployment comprises three different phases. The length of the first of these – the design phase – is entirely dependent on the requirements and complexity of the SD-WAN solution itself. A few test sites are usually deployed in the second phase – the pilot – to ensure the SD-WAN solution, policies, and templates are all functioning as per the design. And the final rollout – the implementation phase – will typically involve no more than two hours per site, assuming the network underlay is ready for service and the appropriate SD-WAN templates have been created and tested.  

This is only the beginning, of course. As with any other technology, managing SD-WAN is unlikely to be plain-sailing. Once implemented, a minimum of four to five members of staff will be required to manage a 24/7 helpdesk, to troubleshoot any issues that might arise. In addition to ongoing maintenance and patching, these will commonly include routing and connectivity issues across the overlay, network underlay failure and performance degradation, bandwidth sizing and limitation, SD-WAN policy optimisation- all of which affect user experience when accessing applications and services. 

 

Technical awareness  

 

While an IT team must have the time and resources to deploy and manage SD-WAN, perhaps a more fundamental consideration is whether it has the necessary technical capability  deployed 24x7 and maintained over the lifecycle of the solution to do so.  

Implementing SD-WAN is not always a simple case of plug-and-play. It’s important to understand, for example, the differences between the three most common SD-WAN topologies – hub and spoke, partial mesh, and full mesh – to appreciate which is most suitable for a particular deployment, and then plan that topology accordingly for optimal network performance and user experience. SD-WAN policies must be created based on initial and post-application traffic analysis, and appropriate security policies applied.  

Companies in regulated industries, or those which have internal policies based on their compliance requirements must be confident that their in-house team is capable of delivering SD-WAN which performs against those requirements. Teams must therefore know how to apply robust device and user identification controls, and how to secure devices and data when accessed from outside of the SD-WAN domain, such as when users are working from home. They must know, too, how to assess, detect, and remediate any security risks, breaches, and vulnerabilities that arise, and understand the implications of a third party breaching their network defences.  

Perhaps the biggest technical challenge, though, is in managing the underlay. 

 

Underlay complexities 

 

The underlay component of SD-WAN – the physical network connection, usually the internet – can be especially complex. And right from the start, assessing and procuring the necessary circuits and equipment from global carriers and OEM vendors can be a time-intensive process. So too can the subsequent project management involved in delivering those components to where they’re needed – particularly if it’s a multi-site deployment spanning different geographies.  

As mentioned above, team members are required to manage a 24/7 helpdesk to deal with any hardware failures or configuration issues that might occur. With regards to the underlay, it’s important to understand just what is failing, and from which provider support is required to address this, what their fault process is, what their escalation process is and what their SLA will be.  

Further, managing each suppliers underlay circuits introduces further challenges -  term end dates, roll over terms, move, add & change processes, currencies, invoice formats, payment profiles and late payment processes – this complexity rapidly multiples when looking at circuits in multiple regions/geographies.  

The impact all of this can have on an organisation’s time and resources has seen many companies move toward a co-managed service in which they take on the software aspect of the overlay, and engage partners to support with the complex – and often messy – underlay provisioning and management. Not only can this reduce the resource level needed for overall SD-WAN management, but it also allows the team to focus on the software overlay – the aspect that’s typically of greater interest.  

 

Sharing the load 

 

There is an additional benefit to the managed approach. If an organisation has identified SD-WAN as being key to its digital transformation, it’s important to think about the speed at which it needs to be deployed. Their experience means managed service companies have the muscle memory that allows them scale to deliver SD-WAN faster than in-house teams. 

Organisations are increasingly turning to SD-WAN to reduce costs, strengthen connectivity, and for greater control and visibility of their networks. Many of them are self-managing at least the overlay component. But it’s not a move that should be undertaken lightly. Successful network management through SD-WAN takes time, resources, and technical capabilities. And in many cases, it also takes support from a third party for an organisation to truly enjoy its benefits.