Professional Documents
Culture Documents
How To Migrate Sites To SD-WAN: Network Transformation Strategy - Part 1
How To Migrate Sites To SD-WAN: Network Transformation Strategy - Part 1
7 8 9 ×
4 5 6 -
1 2 3 +
0 . =
Data Traffic
MPLS
This migration plan should help. It identifies the issues and options you’ll need to consider when evolving your
network. Gathered are insights from SD-WAN adopters, industry best practices, and our own experiences
helping hundreds of enterprises transform their networks.
While replacing MPLS is certainly the first step in most network transformations, it’s not the full story.
Enterprises face networking-related challenges beyond MPLS, such as:
yyReducing the time to detect and remediate threats without increasing costs
A final note before we jump into the details. This guide is meant
to lay out the issues and principles of any SD-WAN migration. It’s
not meant to serve as a guide for moving to Cato Cloud. If that’s of
interest, check out this step-by-step Cato adoption plan.
MPLS
Keep it Simple
Try to keep your categorizations actionable. Make them simple enough to be usable but not so simple
as to be inaccurate. A basic categorization map is provided below. Performance, in particular, may
need to be broken out further as application requirements can differ in terms of capacity and packet
loss. Latency is less of an issue given the last mile’s comparatively short distance. Depending on your
industry, regulatory requirements may also need to be considered.
Contention for bandwidth and the lack of redundancy can leave the Internet last mile prone to downtime
and packet loss. SD-WAN addresses availability challenges with multipathing. Balancing traffic across
multiple last-mile circuits not only increases the capacity available to SD-WAN solutions but also allows
them to steer traffic around blackouts or brownouts. In fact, coupling last-mile services from different
providers can provide availability on par or even better than MPLS (see “How SD-WAN Provides High
Uptime Without SLAs”).
Broadband Services
such as cable and DSL, can serve as primary connections for small sites or secondary connections for all sites.
As broadband services share capacity with other customers, actual capacity will vary based on the contention
ratio — the number of customers accessing the service. A contention ratio of 20:1, for example, indicates that
20 customers share 1 Mbits/s of bandwidth. Consumer broadband will have higher contention ratios; business
broadband will have lower contention ratios. With consumer broadband, repairs will generally be done on a
best-effort basis; there are no SLAs. Business broadband services will have a limited availability SLA. While
broadband services do not come with guaranteed packet loss, research from the FCC indicates that the
average loss for US broadband services runs about .8%. As for price, broadband is the least expensive Internet
service.
Dedicated 99.9% ~.5% 1:1 Loss and Next business $$$$ 30 -180
Internet Availability day Days
Access
(Fiber)
Mix and match Internet technologies to reduce site-deployment windows. Rather than mandating 90-day notice
for new sites, SD-WAN allows you to open offices in a matter of days (with broadband) or even immediately (with
4G). Connections can be upgraded to DIA when available.
It’s often assumed that the Internet cannot match MPLS performance, but that’s not exactly true. Through a
combination of SD-WAN features, multipathing, and the right Internet service you can meet application service
requirements while reducing costs and improving agility.
Check that the backbone has sufficient resilience and geographic coverage. To minimize blackouts and brownouts, the PoPs
constituting the backbone should be fully redundant, and sites should be able to automatically connect to alternate PoPs in
the event of an outage. As for coverage, PoPs should be located within 25 milliseconds of your locations. Global, managed
backbones will be more expensive than the public Internet but should be far less expensive than MPLS.
Middle-Mile Attributes:
MPLS Very good; Excellent Very good; Core Very good; MPLS Poor; As fully-
performance with the availability is excellent, network providers managed services,
least latency and packet but high costs often partner with one another MPLS come at
loss when connecting make last-mile to expand their footprint. a high premium.
locations. However, redundancy impractical. Support teams will still Even unmanaged
often adds latency when Still, support teams manage the network services will be more
accessing the cloud and address outages within end-to-end. However, expensive than
the Internet, and lacks specified windows. costs often increase and competing middle-mile
mobile support. control might be more architectures.
limited.
Internet Average; Unpredictable Good; The Internet core Excellent; The Internet Excellent; The
Internet routing and might be unpredictable core is everywhere, Internet is the most
congestion at peering but rarely fails available from anywhere. affordable service
points may mean completely. Last-mile with a range of pricing
latency/loss will be great availability will depend options depending on
one day and terrible the on implementation. the configuration.
next.
Global Very good; As Very good; Core and Good; Global Very good; Global
backbone managed networks, last-mile should be fully backbones will have backbones will be
global backbones redundant. Should a PoP global coverage of some more expensive than
offer latency/loss very fail, backbones should sort but how much will the Internet core but
close to MPLS and automatically switch be implementation far less expensive than
far better than the locations to next nearest dependent. PoPs need MPLS.
Internet. Will also use PoP. not share the same
optimum routing for city as your locations
improving cloud delivery. provided last mile
Mobility support will access is within 25
be implementation milliseconds.
dependent.
What is Procurement?
To be clear, by procurement we mean the
process of evaluating and selecting ISPs,
and managing those relationships, which
includes the full lifecycle of the last-mile
service — contract negotiations, site
deployment, invoicing and payment, working
the provider to resolve any network problems
and more.
Inhouse or Outsource?
At first, consolidating procurement with an
aggregator sounds like the smart choice. It gives IT
“one throat to choke” in the event of a last-mile problem and
simplifies acquisition. But outsourcing acquisition also comes with a
significant uptick in cost.
SD-WAN solutions should provide centralized monitoring of and detailed insight into all last-mile connections.
Accounting Issues
Billing, invoicing, currency conversion — the accounting issues of managing many ISPs may already be
addressed by your accounting team. If not, see what’s required to put them into place. Aggregators will
also supply those services.
Site Surveys
On-site evaluations can be important for new installations, particularly when deploying LTE or
other wireless infrastructure whose performance is impacted by environmental factors. If you’re not
positioned to conduct local site surveys, be prepared to find a local partner or provider who can meet
that need.
Often organizations find that reevaluating other dimensions of the network when
assessing their WAN helpful in improving overall IT agility and efficiency. This is
particularly true as WAN transformation, and more broadly changes in the way
we work, raise considerations that many MPLS network designs never needed to
accommodate.
Security is a case point. Many companies with MPLS implementations will find local
Internet breakout, recommended for branch offices in an SD-WAN, difficult, if not
impossible to implement with their centralized, security architectures.
The complexities associated with the new tenants of the modern WAN — cloud
resources and mobile users — are another set of examples to consider when
rethinking the WAN. Cloud resources are accessed by SD-WAN users, and SD-
WAN users frequently become mobile users outside of the office.
And finally, while we’ve spent a great deal of time discussing SD-WAN-related
deployment issues, we haven’t discussed how to administer and run the new
network. SD-WAN introduces a range of new management possibilities that will
allow you to operate leaner and be more responsive than was possible with carrier-
managed MPLS services. Which is right for you? We’ll explore those management
choices, as well as the branch security, cloud, and mobility issues in part 2 of our
network transformation strategy.
www.CatoNetworks.com
@CatoNetworks
GlobalBackbone.
Global Backbone. Cloud-Based
Cloud-Based SD-WAN.
SD-WAN. Firewall
Firewallas
asaaService.
Service.All
AllininOne
One
To deliver uptime in your SD-WAN, start with the access services. They should share no physical components
— what’s called diverse routing. Since even competing terrestrial services often share fiber, ducting etc. many
organizations rely on LTE for a secondary or tertiary connection.
Configure SD-WAN appliances in high availability (HA) mode. Cato’s affordable HA provides appliance
redundancy without additional ongoing costs. In the event of an appliance failure, traffic is sent to the secondary
appliance.
The appliances will monitor and load balance the last-mile connections. They’ll use loss correction features,
such as packet duplication, to overcome line problems. Should there be a slow-down(brownout) elsewhere
in the network or a line failure (blackout), appliances automatically steer traffic around the outage, failing over
completely to the secondary connection, if necessary (and failing back based on defined policies). Taken
together with proper middle-mile redundancy, SD-WAN services can deliver better than MPLS uptime even
when using the Internet.