What is Software-Defined Wide Area Networking (SD-WAN)? [Article]

What is SD-WAN - Multisite links

As businesses embark on digital transformation they often start to expand to multiple sites.

Not only do they require high-quality internet connectivity, but they also need to explore wide area network options to enable seamless and secure communication between sites.

For small businesses with a single off-site location, this is fairly simple. Put in place a standard virtual private network (VPN) or a point-to-point link between the two sites, and you’re done. When you have more than two sites, however, you need to be able to route traffic between all of them, and an ever-growing network of single destination VPNs quickly becomes unwieldy.

There are two ways that businesses have traditionally solved multi-site problems. The first is via a hub-and-spoke network architecture, where every secondary site effectively connects to the internet through the primary location. The alternative is through more recent managed solutions like multiprotocol label switching (MPLS), where a network is virtualised by a provider, with all traffic flowing through that virtual network.

These solutions are entirely valid, but often too costly for small businesses, either in direct cost or in the cost required to maintain the ever-increasing number of links. Recently, however, a new solution has emerged – software-defined wide area networking (SD-WAN).

What is SD-WAN?

Software-defined is the abstraction of the control – into the cloud – from the physical infrastructure; this results in a centralised management approach and a more agile distribution of instructions, with tangible economic and technical benefits. An SD-WAN solution can deliver secure multisite connectivity to any number of sites, including cloud and data centres, across any type of access circuit, over any transport, including standard internet connections.

Fundamentally, SD-WAN is a software overlay on top of existing infrastructure, which provides packaged security, routing, and traffic prioritisation features to any network it is applied to.

What does SD-WAN offer?

As a networking solution, SD-WAN offers seamless connectivity between any number of sites over an existing infrastructure. SD-WAN provides more than that, though, offering security, load balancing over multiple links, and incredible ease of deployment and management.

What is SD-WAN - SecurityWith data security being a major concern for businesses of all sizes, any network solution which utilises the open internet, as SD-WAN does, is at risk. SD-WAN, however, implements strong IPSec (Internet Protocol Security) encryption on all traffic passing through the encrypted overlay. Although your data will still be travelling over the public internet, no one who intercepts it will really be able to make sense of it.

SD-WAN devices are deployed at the network edge, with the ability to introduce additional network security options at a site, such as VPN access for remote working employees and next-generation firewall (NGFW) technology, with centralised policy control resulting in better efficiency and lower risk.

SD-WAN appliances take an innovative approach to load balancing and managing multiple connections, allowing your business use its resources as efficiently as possible. Traffic travelling through an SD-WAN device will take the selected path available, meaning business-critical traffic will utilise an MPLS or site-to-site link, if available, while non-critical traffic won’t clog up these more expensive, specialised, connections.

This also means that SD-WAN devices can offer an additional level of reliability to your network. If you have multiple connections, an SD-WAN appliance will automatically switch traffic to the other link in the event of a service cut, ensuring your business stays connected.

Another key feature of software-defined WAN is that it is a single packaged solution, meaning that there is one appliance to deploy with incredible ease of setup, and all management can take place through a single interface, even across multiple sites. Instead of needing to deploy a security solution, a security device, and a router, a single SD-WAN device can be deployed, ensuring cost savings on hardware costs, space, and maintenance.

Finally, SD-WAN offers all of this at an incredibly competitive cost and, unlike enterprise solutions like MPLS, the solution functions over any type of connection. This makes SD-WAN an incredibly affordable option for smaller businesses, as well as a robust tool for businesses with a large amount of existing infrastructure.

How does SD-WAN compare to other WAN solutions?

Other options that businesses could consider in place of SD-WAN would be a standard VPN, MPLS or point-to-point links, so we will briefly compare these technologies with regards to bandwidth, ease of management, security, and cost.

In terms of bandwidth, SD-WAN leverages a VPN to operate over existing connections, rather than being connection types. It creates the option of bundling and load-balancing multiple connections, giving it a clear edge over a standard VPN. Site-to-site links provide incredible levels of bandwidth between two sites, while MPLS provides enterprise-levels of bandwidth guarantee, but both come at a premium cost.

What is SD-WAN - EthernetAs for ease of deployment and management, SD-WAN uses a single appliance, with no-touch configuration, making it an incredibly simple network to deploy and manage. MPLS is inherently managed, meaning there is no concern for your IT staff, but deploying additional sites can take much longer due to specialised processes and design. Site-to-site links also take time to deploy, but there is no management to do once the connection exists. Standard VPNs can be tricky to deploy, and you need one for each site link. The technology only offers the virtual connection – any additional features require additional work. For the smallest businesses, VPNs are a good option, but they do not scale well for large businesses.

MPLS and point-to-point links both offer no encryption by default, leaving the risk of data integrity to rely on the theoretical privacy of the network, although vulnerable to individuals within your network.

As for cost, VPNs are the clear winner, with available open-source software. Point-to-point and MPLS links provide guaranteed bandwidth, but at a high cost which means they are often out of reach for most small businesses. Software-defined wide area networking is relatively inexpensive, providing more features than traditional technologies, at an affordable cost.

Who is SD-WAN for?

You might expect SD-WAN to be more geared toward small businesses, but this isn’t the case – it brings benefits to businesses of all sizes.

For small businesses, SD-WAN offers a way to bring enterprise-level connectivity across multiple sites, without the costs of enterprise solutions or specialist infrastructure requirements. For large and established businesses, SD-WAN delivers additional routing features, allowing more expensive infrastructure to be retained for essential traffic, while seamlessly routing routine traffic through more cost-effective links.

If you’re a business looking for the agility to cope with changes and simplify management of security and connectivity, regardless of the network it is applied to, then SD-WAN is worth considering.


Talk to one of our specialists.
Call us on
0344 863 3000