How to make the business case for SD-WAN
- 07 November, 2018 22:00
Entegra Bank, a fast-growing financial institution based in the Blue Ridge Mountains of North Carolina, switched from MPLS links for its 22 branches to SD-WAN-based broadband and slashed its WAN connectivity bill by 50%, while increasing bandwidth an average of fivefold.
Loren Long, senior vice-president and CTO at the bank, says he had been eyeing both SD-WAN and broadband for some time, waiting for SD-WAN technology to mature and for rural broadband to improve in availability, dependability and security. After a positive experience with Silver Peak’s WAN optimization gear, “We felt confident to make that change,” he says.
In a typical SD-WAN scenario, branch office broadband would connect directly to the public internet. But since this a bank with heightened security and compliance responsibilities, traffic from the branches is backhauled over an encrypted VPN to internal gateways, where a third-party security services provider monitors all traffic and enforces security policies.
In addition to the direct cost savings, Entegra has seen a number of other benefits. With SD-WAN technology, based on Silver Peak’s EdgeConnect appliances, Entegra is able to set bandwidth prioritization at the application level and manage traffic based on individual connections. Between the increase in raw bandwidth and optimized bandwidth utilization, applications perform better and employees are more productive.
SD-WAN provides flexibility and scalability to the business, which has recently expanded into nearby northern sections of Georgia and South Carolina. If Entegra opens a new branch, Long is able to provide connectivity within weeks, rather than the months it would have taken to set up MPLS links. And he has “eyes into the network,” allowing him to troubleshoot problems much more quickly.
The switch from MPLS to SD-WAN was a slam dunk for Entegra, which enjoys a perfect storm of circumstances, such as identical application requirements at each branch location and a relatively small and well-defined service area. For most companies, however, the business case for SD-WAN can get pretty complicated when all the variables are factored in.
Calculating the savings
According to IDC senior research analyst Brandon Butler, potential SD-WAN savings can be broken down into hard and soft savings. Hard savings come from new connectivity contracts, including reduction in the use of MPLS in favor of less expensive options, such as broadband or cellular.
Soft savings come from ensuring quality of service connections to cloud platforms or other hosted applications; centrally managing and ensuring comprehensive security across the WAN; ensuring high availability connections to WAN sites and ease of management related to use of a cloud-managed SD-WAN.
IDC just completed a comprehensive survey and found that nearly one quarter of respondents anticipate SD-WAN cost savings of 20-39%, but two-thirds of respondents expect to see more modest savings in the 5-19% range, says Butler.
Offsetting costs and other variables
There are new costs associated with SD-WAN that need to be figured into the equation, specifically those around procurement, implementation, deployment and professional services.
For example, Long says his Silver Peak appliances cost around US$2,000 each, or around $44,000 for 22 branch offices. And the software licenses, which start at $199 a month per site, add up to around $50,000 a year. But those capex and opex expenses, spread over five years, are a great investment when compared against the WAN connectivity savings.
Forrester analyst Andre Kindness says he has seen companies run into some unanticipated expenses associated with SD-WAN, as well as some unexpected benefits. Anyone planning an SD-WAN rollout needs to factor all of these plusses and minuses into the equation.
For example, if a company is backhauling MPLS branch office traffic to a central data center, then security requirements at the branch might be pretty low. If the company then begins sending unencrypted traffic from that branch across the public Internet, does that create a security hole which requires deployment of new security gear in the branch office?
And switching from a single MPLS provider to multiple broadband and cellular providers can create a new level of management complexity that might require the hiring of additional staff just to keep up with the administrative work, Kindness adds.
On the plus side, Kindness says he has seen SD-WAN reduce the number of help desk tickets by one-third because applications are performing better. Other positives: SD-WAN provides visibility into carrier networks which translates into better response times; and multiple WAN links provide protection against outages.
While MPLS is expensive, it’s also more secure and better suited to real-time traffic, so many companies are adopting a hybrid model with a mix of MPLS, broadband and cellular links, all managed by an SD-WAN controller.
Kindness points out that there are some companies, for example a global hotel chain or a national retailer with stores scattered across urban and rural areas, for which SD-WAN might not be practical just because of the lack of availability of dependable broadband services. But there are specific use cases where SD-WAN can be a significant money-saver.
Montgomery County 911
The emergency response network for Montgomery County, which sits north of Houston, was spending $20,000 a month for copper T-1 lines before flipping the switch on a fiber-based broadband network that uses SD-WAN gear from Talari Networks.
Systems manager Roberto Gutierrez said his broadband connectivity bill today is under $2,000 total for three remote public safety sites and two host sites. The T-1s delivered 1.5Mbps, and he’s now paying $371 a month for 20Mbps of broadband. Gutierrez has been able to take those savings and build his own microwave network on the 4.9Ghz. band dedicated to public safety.
Obviously, any delays, dropped calls or other performance issues can be a matter of life or death when it comes to a 911 network. If the Talari SD-WAN software detects latency or congestion issues with the broadband links, it seamlessly switches traffic to the microwave network. The software also runs detailed performance reports that keep the broadband provider on its toes.
The Montgomery Country Emergency Communication District is currently swapping out its installed base of Talari gear for the newest models. The total cost for the new Talari system is $50,000 over three years, says Gutierrez, which is well worth it for both the overall cost savings as well as improved performance and reliability for this mission critical application.
SD-WAN deployment models
There are a variety of models for deploying SD-WAN beyond the do-it-yourself option of shopping for an SD-WAN provider, buying their gear, signing a long-term contract for software and services, then going out and shopping for broadband.
One popular method is for enterprises to work with their existing network infrastructure provider, where in some cases customers can reuse their existing branch office infrastructure, said Butler. Another option is to work with a communications service provider (CSP) or a managed service provider (MSP) and use SD-WAN as a service.
Sealing the deal
No matter how strong the numbers are, inertia is a powerful force. It’s only natural that the people writing the checks might be apprehensive about moving away from a technology with a long track record of reliability and security, like MPLS.
But the case for SD-WAN is ultimately not about networking; it’s about the performance of business-critical applications. According to a recent Gartner report, the key driver for SD-WAN adoption is the deployment of software-as-a-service (SaaS) applications in remote offices.
“Enterprises must support the move to the cloud by adopting a site-level internet breakout approach and move away from the legacy of a centralized WAN architecture," Gartner reports. "The urgency to complete this migration is directly correlated to the speed of enterprise applications being migrated to the cloud."