A second wave of SD-WAN is required for realizing the 3 pillars of its promise
Software Defined WAN (SD-WAN) comes to solve business and technical challenges of enterprise networking that revolve around high cost MPLS lines and lack of flexibility and agility. Modern enterprises require the option to rapidly change their network architecture, bring-up new sites and cloud data centers as well as on-board new SaaS services. The need to wait days, weeks or even months for changes in the enterprise network is not an option.
The promise of SD-WAN is to solve these challenges through 3 pillars of agnostic characteristics of the service:
- Transport agnostic – No matter of the access type (Internet, LTE, EPL, MPLS), SD-WAN will use one or more connections for providing the best network quality
- Service provider agnostic – Enterprises can utilize network services from many different providers while still being able to manage end-to-end network performance and security
- Vendor agnostic – Being able to select your vendor of choice for various networking services and hardware
The first two pillars are offered by today’s SD-WAN solutions. As for the third pillar, vendor agnostic, not only that it is not covered by current SD-WAN products, we have went one step back as more networking services are bundled into closed and proprietary SD-WAN products and services. Unlike pure IPsec which had some cross vendor interoperability, today’s SD-WAN solutions with their proprietary headers provide no chance of interoperability
The vendor approach to SD-WAN
The vendors have positioned SD-WAN as the swiss army knife of networking by creating SD-WAN solutions as a vertical software stack starting with centrally managed routers and adding WAN optimization technology, DPI, traffic optimization, network monitoring, security and other adjacent networking related features.
SD-WAN was widely adopted by the large routing and networking vendors. These vendors have brought to SD-WAN their traditional business model of offering a monolithic software stack that dictates from A to Z the elements of the solution while locking-in their enterprise or service provider customers leaving them with little control over the solution they deploy and their future costs. The common practice of this approach is to add licensable components over time and require costly upgrades of the software and hardware.
The Achilles heel of large monolithic software products is twofold, higher licensing cost and inability to optimize hardware configuration for the specific needs of the enterprise or service provider, more CPU and memory resources are required for running the software.
The shift from product to service
In a desire to skim the cream of the SD-WAN revenue we see a growing trend of vendors moving from a product only strategy to offering complete services. This includes fully managed SD-WAN solutions that bundle the network backbone itself together with SD-WAN offered as the only option to acquire the solution of companies such as Cato Networks (by which security is bundled in as well) and Arayaka to vendors such as Versa Networks and Juniper that offer their products as on-premise self-managed or as a service by the vendor.
Joining this trend are systems integrators who also offer fully managed SD-WAN or simply integration services for SD-WAN products of the vendors.
The service provider SD-WAN dilemma
Witnessing this are the service providers who are left with a dilemma. On the one hand, they are experiencing a decline in their MPLS revenue and being able to lock a customer into a multi-year contract. On the other hand, the vendors which they resell are competing with them as they are offering their products as a service but leave them limited room for differentiation.
Being left with 2 bad options of ignoring SD-WAN altogether and losing this market or simply reselling closed products of the vendors as a service, they are forced to the second worst option yet they are not satisfied with the compromise and are hoping for the second wave of SD-WAN that will allow them to regain control over the services they offer.
Requirements for the second wave of SD-WAN
The second wave of SD-WAN pioneered by flexiWAN is all about flexibility and openness. It stems from the pain points and feedback we collected from enterprises and service providers in 1×1 interviews conducted with them.
Here are the key requirements collected from those interviews:
Resizing of the hardware – This requirement came mainly from large enterprises that have sites of different sizes including very small ones, retail is a great example and service providers targeting SMBs. They need hardware of different scale (and cost) based on the bandwidth required for each site. This is a requirement that some SD-WAN vendors already support. The second part of varying hardware size and cost is related to the features required at each site or customer of the service provider. A one size fits all is not an option for them due to the high cost of licensing and hardware when deploying SD-WAN at scale. Being able to mix and match different networking applications came as a requirement to serve their need to manage TCO and reduce it.
Simplicity – For enterprises and to a larger extent, for service providers, supporting the deployment of SD-WAN (OPEX) along the years is higher than the initial CAPEX cost. The goal is to reduce the complexity of the system and by that reduce the resources required to support it. Having a large software stack with many network services not always required by all customers or sites is adding complexity. The requirement is to be able to reduce complexity by tailoring the deployment of each customer or site based on the required capabilities and not simply deploy what is available.
Vendor agnostic – This requirement is the opposite direction of what most SD-WAN vendors push for today. Instead of being forced to a given set of networking applications that are included in the SD-WAN solution, it is required to be able to have the option to select the vendors and applications that comprise the SD-WAN solution. The goal is to adopt a best of breed approach that also avoid vendor lock-in.
Differentiation and special requirements – Service providers are lacking room for differentiation. In a panel I moderated at the MPLS+SDN+NFV Congress in April titled Service Providers’ Value-add to SD-WAN we asked service providers for their key differentiation factors in their SD-WAN service compared to competition and services offered by non-service providers (e.g. vendors or systems integrators). The answers revolved around service bundling, connectivity and SD-WAN bundling, better support, a single billing interface. None of the differentiating factors were related to the internals of the SD-WAN they offer or the relationship between the SD-WAN itself and their applications or network. The requirement is to change this and allow service providers to define their own DIY SD-WAN that best answers their needs for supporting their customer segments and by that allow them to optimize their pricing structure. Enterprises (mainly large or technology oriented ones) have also a requirement to not only self manage but inject their specific logic into the SD-WAN solution they deploy.
Realizing modular SD-WAN for better control and reduced TCO
Supporting the requirements detailed above requires rearchitecting SD-WAN. It is not enough to simply open source the SD-WAN product because most SD-WAN solutions have the various networking capabilities tightly glued to their edge and management software, it is a complete software stack that can’t be decoupled. Realizing a modular SD-WAN solution requires cutting the software stack to horizontal and vertical layers.
The baseline layer is the infrastructure of SD-WAN. This layer comprises the edge device and a central management that also includes configuration and automation for large scale deployment and management. This layer allows for building the network topology and managing it but it doesn’t include the advanced features of SD-WAN such as optimization of specific traffic or security. While this is considered as the base layer, it can also be customized through APIs that for example allow for replacement of the management or integration of the management with a service provider OSS/BSS system.
The second layer in the infrastructure is responsible for managing the networking applications that add the advanced capabilities of SD-WAN. This layer comprises the various elements for easily developing, integrating, loading and managing such networking applications.
The third layer are the applications themselves that can run both in the edge device as well as in the management in order to allow for holistic life cycle management of the system. These applications that run in the edge are not VNFs but rather applications tightly integrated with the SD-WAN edge software.
Closing notes
A modular SD-WAN is a counter approach to how large vendors designed their SD-WAN products as monolithic systems that stimulate vendor lock-in. With a modular SD-WAN that is offered as open source, users can select the capabilities they need for their SD-WAN solution. Using a software stack that covers only what you actually need with the ability to add more capabilities as requirements change means a smaller software foot-print hence, more cost-effective hardware and licensing thus, lower Total Cost of Ownership (TCO). Moreover, as proprietary applications can be built and loaded, service providers can create differentiation by having better communication and synergy with their business applications/services and their network. Enterprises as well can benefit from the modular architecture and support their proprietary requirements instead of hoping to get such support from the vendor. Being open source only strengthens the openness of the system and reduces the single vendor risk that existed so far in the SD-WAN market.
Image credit: Raúl Hernández González