SD WAN continues to appeal to enterprises for its technical and financial benefits. On the condition that the needs are well targeted and that the operators do not monopolize the market. A look at a technology of the future with Xavier Martin, SD WAN Manager at Lucernys.
Two years ago, when Lucernys produced its first white paper on SD WAN, we were already talking about the rapid growth of this technology. Is this still the trend? What evolution do you observe at Lucernys?
Today, almost all companies that want to change their network are asking themselves the question of moving to SD-WAN. It is often seen as a relevant solution because it allows them to gain agility, to go easily into the cloud and to put a security brick on all their sites. SD WAN also saves money, if and only if customers have high throughputs – starting at 10 or 20 Mb per site. Another advantage is that customers are now putting a lot of back-up links in 4G – now 5G – which makes it possible to have two completely different carriers, which was not the case before.
Of course, there are cases where the SD WAN is not financially relevant: for example, when there are virtualized workstations or when there are very low speeds on the MPLS. When you pay between 50 and 60€ for your link, it is already the price of the SD WAN box on which you will have to add one or two links.
But every time our customers want to move away from MPLS or are wondering about it, we use the criteria outlined in our white paper to check their appetite and we conduct tenders: and generally our solution implementation reviews show that they are very satisfied, even if some of them are not going there yet.
So you still consider that this market has a strong dynamic?
Yes. This is the new network. The benefits are numerous. But like any new technology, it is not magic either. And sometimes you don’t have to go. During workshops, we will look at where the data is hosted, what the needs are in terms of throughput, security, whether companies use SaaS software, especially Office or Salesforce, which are often used… as soon as there is a need for a local Internet exhaust on the site.
Obviously, the financial equation must be taken into account. We generally estimate how much the SD WAN could cost, what the project load will be – knowing that depending on the size of the company, an SD WAN will require 6 months for a RFP and one year for deployment. This is time consuming and resource intensive. With each deployment, we always take a little risk, so the customer must be ready to make this effort of transformation, which is not neutral. All of these elements will determine whether or not to go ahead. And in this case, it is necessary to go with full knowledge of the facts, especially financial.
What are the main benefits you see today in this evolution of the network to SD WAN?
The promises are fulfilled: this technology allows access to the cloud, to increase its speed at low cost thanks to the greater availability of FTTH links in France. The sites are increasingly eligible for FTTH connections that allow to have a speed of several tens or even hundreds of megabytes for less than 100€.
In addition, SD-WAN technology allows a site to be connected to the corporate network very quickly. All you need is a 4G link and an SD-WAN box. This is very advantageous compared to the deployment of an MPLS link which can take several months.
The SDWAN also allows access to the Internet and in particular to SaaS solutions such as Office 365, UCaaS or Salesforce,… directly from the sites thanks to the local break out.
What are the most common obstacles you see in the field in the transition to SD WAN?
One of the main obstacles is the price. Especially for sites with low MPLS speeds where there will be no savings on links. Generally, when we move to SD WAN, we are tempted to put resilience in place, most often by adding a second link that will double the cost, with the installation and operation of the box also adding to the cost. In the case of a network with hundreds – even thousands – of sites, the bill can quickly explode.
Another common obstacle comes from architectures that do not necessarily need SD WAN. There is little advantage when there is no data or cloud applications, everything is on datacenters that are already on MPLS, and you don’t really need an exit to the internet.
When you don’t need additional speeds, when you are happy with the price of your operator, it is better to do an MPLS agreement with him. This will increase the few flows that are needed, without charges or project costs. Otherwise, the transformation effort would be too great in relation to the gain expressed.
In which cases is the choice obvious?
Some network architectures are clearly “pro-SD WAN”: the criteria are deployment agility. For example, we have a customer who does construction work and needs to install network connectivity on his sites. In this case, taking SD WAN is ideal: it can be deployed immediately, especially with 4G links. He puts in an SD WAN box and the site is directly connected, in less than a day, to his entire network with all the necessary security. If we had to pull MPLS links, it would have taken 3 months.
The same is true when you have cloud solutions: in this case, it is unnecessary to bring all these connectivities to your Datacenter or to your Internet outlets. We’ll take them out site by site.
It’s also worth it when we have an explosion of speeds on sites where it is possible to recover links – especially FTTH – which cost much less and which allow to have high speeds – 100, 200 or 300 Mb thanks to FTTH when you are well located – for 60 €, while in MPLS we will be around 1000€. It makes it much easier to have resilience by adding links and it’s always easier and cheaper to implement.
But is it easy to act?
When you want to move to SD WAN, all the benefits need to be sifted through, but then you have to ask yourself if you really want to go there or not. Knowing that we will have to do an RFP and redeploy.
Moving from MPLS to SD WAN involves a deployment project. This requires the time of an internal resource, an internal or external project manager, and work with SD WAN service providers (“box” providers, network providers, etc.). Network migration can have side effects that are very manageable but still constitute a risk, even if temporary. If the gains are low, it is therefore to be reconsidered.
It is also necessary to plan the management of the SD WAN. We generally recommend that the integrator of the boxes be responsible for the end-to-end service, and in particular that it manage incidents on the links with the operators.
In any case, the diagnosis is made quite quickly. In a few workshops it is possible to determine if it is relevant to start or not. In this way, we offer our customers conscious solutions, sometimes with hybrid choices where we will recommend SD WAN on the main sites and not on those which we do not consider eligible.
Today, what is Lucernys’ vision on the approach to implement SD-WAN and how does SASE fit into this approach?
SASE is an approach to implementing security bricks that manufacturers have packaged into a concept. The idea is to ask, population by population, what the risks are and deploy the right tools by population and by risk. On the SD WAN implementation process, several points are important. In particular, it is essential to ask site by site – or group of sites by group of sites – what the needs are going to be in order to choose the right links and the right boxes. We look, site by site, at the flows needed for the activity to size the links. We look at whether there is a need for access to the Internet or not, which will define whether the SD WAN links should be Internet links or whether MPLS links should be used. A reflection is also made on the suppliers of the links which can come from a single or several operators. We evaluate what the sizing of the boxes should be and what security bricks to put in the box – knowing that you can put security bricks in the cloud. And in the RFP process we establish several scenarios: some technically ideal – often more expensive – and others with a lower quality of service but less expensive. We question the market and according to the ratios price – advantages – disadvantages, we evaluate the good configurations, site by site to optimize the answer on the technical and financial axes.
Another important aspect of the process is to evaluate what already exists in the company to avoid having duplicate bricks. It is necessary to look at the constraints and commitments with the existing providers and align these commitments with the new demands so as not to pay double. All this requires a lot of back and forth, but allows us to propose the best compromise according to our capacities, whether financial or technical. It is also in this approach that we can envisage what will be necessary in the future without closing any doors. In this type of long and complex projects, you can’t make a big bang
Finally we try to use the existing links or at least the support of these links. The incumbent therefore has a competitive advantage over the others.
The goal is to make the transformation as simple as possible. Indeed, it is very easy to build a SD WAN directly when you create a company. It is in the air of time and in the direction of the market. But companies that have been around for a long time have their networks, datacenters, data, and you have to take legacy into account. Finally, this is the most complex – but also the most interesting – part of the transformations.
What other trends do you see in this market in 2022?
We can see that operators are trying to regain control of the SD WAN. Yet the philosophy of this technology was to change the balance of power. Where operators used to control everything by offering MPLS with pipes and service, the service brick is now carried by the SD WAN. Operators are therefore losing value and are trying to regain the lead in the SD WAN. They respond to tenders and try to take everything by making good prices on their links to those who choose their solution.
Let me explain: in the calls for tender that we make we have 3 lots, a lot “boxes and installation of boxes”, a lot “links” and a lot “operation”. But what we are looking for is that those who deploy the SD WAN also take care of the deployment of the links and do the overall project management. And in the operational phase, when we support the SD WAN, we also support the links. Indeed, if I operate the boxes and a link falls on a site, I will be responsible. I will be the one to open the tickets at the operator. It so happens that the operators are organized to manage this deployment and operation part. They are therefore serious competitors to box manufacturers who rely on third parties to deploy and operate. On the other hand, one of the key promises of the SD WAN has not been kept: that of independence from the operator.
For example, if, in order to have a better resilience, I take a first SFR link, a second Orange link and the operation at Econocom, I don’t put all my eggs in the same basket. But Orange or SFR will try to convince me to stay with them via unbeatable prices. The customer is often sensitive to this. At the end of the day, we end up with cases where the customer will either have a single operator or will be managed by a main operator and a third party operator with very few links in financial terms. If an operator takes over everything related to low-cost consumer internet links – FTTH, copper, 4G or 5G links – and the former operator who has the expensive links takes over the SD WAN part, in this case, you don’t get rid of the operator at all. This promise is not always kept and finally it happens in the RFP where there are more advantages than disadvantages to do this.
However, this is a decision that the client will make on our advice. If at the beginning of the consultation we had put in the objectives of the RFP that we had to get out of the independence of the operator, we will obviously take this into account. During the tender process we usually offer several options. It may be that the option where the operator manages the boxes and the network has a financial and technical interest, in particular to avoid that the providers continuously pass the buck.