architecture and design news

You should pay attention to this with SD-WAN projects

Dynamic and cost-effective: Software-defined wide area networks (SD-WANs) provide businesses with more flexibility than traditional WANs based on a common MPLS infrastructure. They allow all employees to provide all required data and services on a permanent and secure basis, regardless of where and where they live. But in the introduction, you need to pay special attention to certain aspects.

SD-WAN has many advantages, but to successfully integrate this network architecture into an enterprise, it is necessary to thoroughly explore the potential sources of problems that may occur before and during deployment.

Unlike MPLS closed-loop networks, SD-WAN routers are connected directly to the Internet, giving attackers a potential entry point. In addition, many SD-WAN technologies are very new and still have many bugs and vulnerabilities. In general, SD-WAN solutions rely on many software components. More software also means more potential vulnerabilities.

An incorrectly implemented SD-WAN can even pose an additional risk to business security. That's why it's so important to choose the right solution and implement it conscientiously.

For whom is the change worth?

The transition to an SD-WAN solution can be particularly interesting for large companies operating on a global scale. This overlay technology provides solutions to the problems of a traditional MPLS network: a variety of connectivity options to meet growing bandwidth requirements, constant connection, direct connection to the cloud, and optimal resource management to reduce errors. costs.

But it's not just global players that can benefit from moving to a more efficient network architecture. Meanwhile, the use of internal services and data no longer takes place only at the workplace. When traveling to work, at work or at home, applications must be flexible and secure, even when on the road.

Fast and secure connections for modern applications

Traditional WAN architectures, such as MPLS connections, which are currently the core of most enterprise networks, offer limited bandwidth and can not cope with ever-increasing demand. In addition, they are not easy to customize and, moreover, not designed for the cloud. However, with SD-WAN, companies have at their disposal a reasonable and, above all, sustainable alternative that addresses the mentioned problems.

Data flows are virtually grouped and dynamically delivered in the way that best suits them, based on multiple parallel connections such as broadband, DSL, cellular, and other network connections. To this end, various measures, such as round-trip cycle time, the use of certain bandwidth or packet loss are monitored. For example, configurable network policies send business-sensitive data and services through the fastest possible connection to their destination, while lower-priority applications are assigned to a different connection. It is important that an SD-WAN provider intensively processes the configuration of each client in order to be able to prioritize optimally. This allows administrators to make sure that connections are not only fast, but seamless as well. In case of failure of a connection, other channels can be used to maintain the connection without latency.

The dynamics of software-defined networks also allows non-critical traffic to be routed through low-cost transmission paths to increase the efficiency of data transmission.

Possible problems

To properly prepare for migration to SD-WAN, companies must first clearly know which of the many vendors is best for their project. Inevitably, at the same time, the question arises as to whether the chosen SD-WAN solution is compatible with existing networks. You need to make sure that a provider can handle various network protocols, such as RIP, OSPF or BGP. The change of SD-WAN often does not occur overnight, but requires that both forms of network be used in parallel until the most modern variant is fully established. It is therefore advisable to coordinate the technical and conceptual compatibility of the different networks.

In addition, it should be ensured in advance that the company itself has sufficient resources and staff with the necessary skills to monitor and operate the SD-WAN solution. For example, managers need to be familiar with the network architecture (WAN and SD-WAN), application-based networks, global network security, multi-vendor networks, and network orchestration. . These critical aspects should be given special attention, since only then can seamless use, including at the global level, be guaranteed.

If a business can not handle this challenge alone, managed services can be managed through a managed service provider. This can either fully assume these tasks, or offset, in a hybrid role assignment, the resources and skills that are lacking in the business.

Of course, when dealing with the processing and use of sensitive data and applications within a company, the security aspect should not be overlooked. Since the data exchange is subject to a required security standard, it is recommended to integrate an SD-WAN solution to the network structure offering various security features, such as firewalls. next generation, intrusion prevention, protection against malware and advanced. Again, it may be advantageous to choose the hybrid approach and outsource the security features to a managed service provider. By clearly dividing and adapting roles to different providers, a centralization of access opportunities is bypassed and an unwanted intrusion into the network is thereby neutralized.


Technological innovation and the development of the economy allow businesses to process more and more data. Globalization ensures an ever deeper network of the world. At the same time, business models based on data in more sectors are the basis for success. IT departments must meet these economic requirements by providing highly available connections that ensure access to data from any location. Clouds must be integrated with the company's infrastructure and mobile work must be possible without sacrificing security. All of this should of course take place without any cost explosion.

Laurent Zimmerli.
(Image: Open Systems)

SD-WAN is a technology that provides the bandwidth and flexibility needed to meet today's needs. The central orchestration of network environments ensures clarity and reduces complexity. By optimizing the distribution of resources, businesses can even save costs.

About the author

Laurent Zimmerli is Product Marketing Manager at Open Systems. Zimmerli has more than 10 years of experience in managed network and security services. He has worked in a variety of areas, from development and network operations and security, to technical account management and pre-sales, to product management and product marketing. Laurent Zimmerli works in Zurich and holds a Masters degree in Computer Science from ETH Zurich.