SD-WAN: five steps to a successful deployment

This is the last blog in a four-part series to help you design your network transformation strategy and turn it into reality – moving from proof of concept tests to real world deployment. Click here if you missed part three in the series.

Once you've piloted and selected your SD-WAN solution, the next step is to plan a full-scale deployment. There are many things to consider. First, you'll need to choose the type of deployment sites, which could include remote branch offices, regional hubs and manufacturing facilities, for example.

Next, you'll need to assess your global connectivity capabilities, paying particular attention to countries where the uptime and throughput of Internet Service Providers is problematic. Finally, you should decide on your preferred service model – do you want to manage your SD-WAN on a DIY, co-managed or Do-It-For-Me basis? It's critical to define robust service level agreements (SLAs) with your SD-WAN provider to maintain the highest possible levels of cloud application performance and keep your end users happy.

1. Assess your global connectivity needs

The average multinational corporation has 23 connectivity providers around the world. This means your procurement team needs to track many different service contracts and bills and step in to resolve disputes in the local language of each country's ISP. Meanwhile, the in-house IT teams have to deal with multiple technical support organizations when problems occur. An enterprise may very well find that some of their ISPs do not staff on weekends or schedule downtime for repairs at the most inconvenient time. The technical service definition can differ from one ISP to another, making your solution more heterogeneous and harder to manage.

When assessing your global connectivity needs, pay close attention to large land areas without established telecoms infrastructure where you have branch offices that need to be connected. SD-WAN is a very attractive proposition for countries like China and India and ASEAN nations like Vietnam, Thailand and Malaysia, but the right choice of ISP and deployment model is key.

Orange uses SD-WAN gateways inside China, where our overlay network is terminated, and a private network to reach the outside world. Some providers opt to run IPSec through the Great Chinese Firewall, but the service delivery tends to be intermittent, which drives users crazy.

2. Consider working with a managed service provider

One alternative is to work with a multisourcing service integration (MSI) partner who manages the ISPs and other service providers on your behalf. When there's an issue with an application, enterprises don't want to be left to figure out what is wrong. Having a single team in charge of managing both the SD-WAN infrastructure and the underlay, including global ISP peering relationships, takes this problem away.

For example, we review the performance of all the Internet carriers we partner with globally on a monthly basis. We assess the criticality, scale and recurrence of any service issues that arise. Global buying power gives us leverage to keep ISPs on track. We can even take over the management of any additional ISPs an enterprise currently uses.

3. Choose from a DIY, Do-It-for-Me or Co-managed SD-WAN service model

Enterprises can choose from a range of flexible Do-It-Yourself (DIY), Do-It-for-Me or Co-managed SD-WAN deployment models. In each case, access to a self-service portal to monitor service delivery and make network changes yourself is invaluable.

With the DIY approach, the enterprise chooses its SD-WAN routing equipment and installs and configures it themselves at each site and manages a panel of global ISPs. Around 20% of enterprises choose a DIY route, compared to 80% choosing the managed SD-WAN route, according to recent research by Frost & Sullivan.

A fully-managed SD-WAN service ensures there are clear SLAs, guaranteeing performance and connectivity – even in remote locations. You get a single point of contact and process for technical support, troubleshooting and service-related communications across all the ISPs. Simplicity of billing and increased commercial agility is assured with the ability to add new geographies, capacity and application performance and security services as required. Enterprises can opt for a range of additional security services, including cloud-based web traffic filtering, role-based access controls and internal network segmentation.

Co-management is a popular service deployment model with many enterprises. The managed service provider makes sure that the infrastructure works properly, while enabling the customer to perform some monitoring and application policy configuration tasks directly themselves.

4. Ensure you have a robust SD-WAN management portal

It's important to be able to pinpoint performance issues across the data center, SaaS application, network and device stack. A unified management dashboard provides visibility into application performance and the health of all the connectivity links. It eases the identification and reporting of issues, ensuring visibility of end-user performance. A portal should also enable you to easily make network changes and configure SD-WAN, universal CPE (uCPE) or virtualized CPE (vCPE) devices at any branch office location around the world.

5. Think about your SLAs

SLAs that extend to the SD-WAN customer premise equipment (CPE) are key. The repair or replacement time of CPE is critical to ensuring continued operations of SD-WAN locations. A large global CSP has forward stocking locations of equipment, which accelerates the opening of new branch offices and reduces downtime if issues occur. It means that equipment won't be stuck in customs, and enterprises won't face unexpected import duties and taxes.

In an SD-WAN environment, your SLAs will also be based both on the performance of the individual access links and on the dynamic routing and load-balancing features of the SD-WAN solution itself. Ensure that your provider makes the most of all links available at each site and can support different availability and performance levels.

6. Decide what capabilities you need at each site

SD-WAN requirements tend to vary across applications and locations – especially for the world's largest enterprises. Using service chaining and micro-segmentation, enterprises can add security and WAN optimization functions in a highly targeted way at specific regional locations where there is a need.

An enterprise may need to connect a site in Asia to a cloud-based application hosted in Europe, which would require WAN optimization, something that may not be necessary for more local sites. In the retail sector, a simple SD-WAN overlay could be sufficient to ensure high-speed access to and from stores to a cloud-based inventory system. But the CCTV surveillance monitoring systems may require additional security to ensure tamper-proof operation. The point-of-sale (POS) terminals will need optimized, and links will need secured for fast transaction processing times and to ensure compliance with PCI credit/debit card processing regulations.

Think about your longer-term SDN strategy

When deploying your SD-WAN solution, it's important to think about your longer-term SDN strategy. Connectivity is the lifeblood of any digital business and needs to evolve continuously. Over time, SDN tools will incorporate machine learning and AI and be able to predict network behavior in real-time and identify potential problems before employees or customers have noticed them.

This is the last blog in a four-part series designed to help you define your SD-WAN strategy, run proof of concept tests and deploy your chosen solution. Click here if you missed part one in the series.

For more tips on defining your SD-WAN migration path, watch our on-demand webinar or get in touch using the contact us form.