The Benefits and Challenges of SD-WAN Architecture

This guide will provide you with a comprehensive overview of what an SD-WAN is, the benefits it can provide, when it is the right networking solution, and more.  This guide is written for IT engineers and decision makers and assumes a basic understanding of existing network technologies and systems.

What Is an SD-WAN?

A Software-Defined Wide Area Network, or SD-WAN, has become the standard for how corporations ensure connectivity for their employees who are spread out across multiple locations. Building out a traditional Wide Area Network (WAN) requires that you have dedicated private circuits (typically based on Multiprotocol Label Switching, or MPLS) connecting to each location. Not only is this expensive, but it also restricts your options for routing traffic and managing your connectivity.

With an SD-WAN, the network can use multiple connectivity options, including broadband internet circuits, along with any MPLS or other dedicated circuits you have in place. This allows for a robust network that uses smart routing to ensure your data is always taking the fastest route based on application requirements.

SD-WAN decouples the networking hardware from its control mechanism
Illustration of SD-WAN Architecture

The SD-WAN is also easier to manage than a traditional WAN because it can be done from one central location. You configure your application network settings, security, permissions, and other factors on a single interface and then push all the settings throughout the network. This is a major improvement over having to configure individual routers at every location.

The History Of SD-WAN

For nearly two decades, most organizations used traditional WAN infrastructure, primarily using MPLS circuits to handle the traffic. But that changed in 2013, when the ONUG board held a meeting where guests were invited to offer input and insights for technological solutions to issues that were not yet being addressed by suppliers.  ONUG was founded only a year earlier to help promote standardization and observability of infrastructure technologies.

At this meeting, Jim Kyriannis, who was the Program Director for Technology Architecture at New York University, brought up what he called the “Branch Office Has Multiple Paths to Headquarters” use case. At the time, he didn’t fully realize that he was defining a challenge faced by virtually all major companies. Over time, this subject was researched further, and the title was changed to the easier to remember name, Software Defined Wide Area Network, or SD-WAN. At the following ONUG meeting, the SD-WAN concept was voted as the top issue that demanded a solution. This prompted multiple vendors and other groups to begin working on proof of concepts for the technology.

By 2014, early adopters were already implementing SD-WAN technologies. Industry publications started using the SD-WAN term consistently. Vendors developed their own SD-WAN solutions, which  accelerated the adoption.

When Does an SD-WAN Make Sense?

The big question most organizations have concerning an SD-WAN is understanding when it makes sense to transition from an existing WAN infrastructure to an SD-WAN. The simple answer is that an SD-WAN will provide advantages to companies in just about every situation. It provides greater flexibility, and can be implemented in a variety of ways to meet the specific needs of a network environment.

For example, a company that currently uses MPLS connections to their remote offices can implement an SD-WAN and offload all traffic that was destined for cloud applications. This will allow them to reduce bandwidth usage on their MPLS circuits without giving up quality and stability where it is needed. Companies that eventually want to move 100% away from MPLS and use broadband internet connections for all their traffic, can use SD-WAN for a planned transition to reduce costs and avoid unnecessary downtime.


The Benefits Of SD-WAN

Each company will benefit differently based on the physical locations of their organization, the types of applications they use, their security needs, and more. The following are brief overviews of some of the most significant advantages of this technology.

Avoiding Wasted Traffic

With older WAN configurations, you needed all traffic from each location to travel back to your main office or data center. From there, it went out to its final destination. It’s easy to see how this  resulted in massive amounts of traffic having to traverse the network at all times, especially when it came to cloud solutions.

With an SD-WAN, if you have a remote location that needs to access cloud email, for example, the traffic will go from the location to the cloud service without having to travel to your data center. The specific route that the traffic takes through the public internet is determined based on the settings of your SD-WAN. Another benefit is that this traffic can  be routed around slow or broken circuits increasing speed and reliability.

Faster Response Times

SD-WANs operate faster than traditional WAN infrastructures. There are multiple reasons for this, including eliminating the need for traffic to travel to a centralized location. Additionally, SD-WAN technology is able to actively monitor the network to identify circuit outages, network congestion, and other issues that could cause slow response times.

When detected, the system will automatically route traffic around the trouble areas to ensure you are getting the fastest response times possible. Settings can also be adjusted manually to help troubleshoot potential issues or route around circuits that will be experiencing maintenance or other issues.

Reduced Costs

Provisioning and maintaining dedicated private circuits is sometimes necessary, but the cost of bandwidth on MPLS circuits is extremely high compared to other solutions. With SD-WAN, the need for private circuits is reduced or even eliminated. The software determines where traffic needs to go and the level of reliability it requires. The software then chooses the best path based on the configurations you set up.

Ideal For Cloud Applications

An SD-WAN is an ideal option to support your cloud-based applications and services. Cloud companies have built multiple high-capacity circuits into each of their locations to ensure they can handle the volume of traffic required. Because of this, an SD-WAN can send traffic directly where it needs to go without having to make unnecessary hops. In fact, the growth in popularity of cloud technologies was one of the driving forces behind the development of SD-WAN.

High Availability

One of the biggest difficulties with a traditional network that uses all private circuits is that when a circuit is having problems, the entire delivery chain is impacted until resolved. Companies often provision backup circuits as a way to avoid outages, but that is costly and time-consuming. With an SD-WAN, traffic can be set to automatically route around troubled areas. This minimizes downtime. Specific types of traffic, such as live video or voice, can also be configured to use paths that offer higher quality connections, such as dedicated MPLS circuits.

Security Benefits

Many engineers are concerned about security when moving from MPLS or other private circuits to an SD-WAN. The SD-WAN network, however, can provide some significant improvements to security. To start, security can be managed centrally, rather than having to push out rules and policies to each router distributed throughout the organization. This reduces the risk of human error, which can leave your data exposed or end users with elevated permissions.

In addition, since your data will typically be traveling over the internet to the cloud and other destinations, it will have to be encrypted. The specific method of encryption will depend on which SD-WAN vendor you are using. Regardless of the specific encryption method, however, you can increase trust because your systems are protected.

Common SD-WAN Challenges

While the benefits of an SD-WAN are undeniable, there are also some challenges that you need to be aware of before moving forward with any type of implementation.

Security Challenges

When done properly, SD-WAN security can be stronger than that of a traditional WAN. By virtualizing and decentralizing your network infrastructure, you reduce the amount of policy setting necessary to run traffic to the corporate data center and then out to the desired service. However, the drawback is that any security policy mistakes made will get pushed out to all locations at once (rather than one at a time, as would happen with MPLS).

Quality of Service

MPLS circuits are extremely reliable, making them ideal for technologies such as VOIP and live video streaming, while using broadband internet connections may have quality issues. Using multiple broadband connections, or a combination of broadband and MPLS, allows for redundancy to overcome this obstacle.

Network Monitoring Requirements

In the unlikely event that an MPLS circuit has problems, it is immediately obvious and can be addressed. On an SD-WAN, however, the software can often automatically route around problems, so they do not present any user impact. While this is obviously an advantage, if you do not actively monitor these situations, you may not take action on a problem. This reduces your redundancy and does not address the problem that resulted in reroute.


If you keep your existing MPLS network in place, you will have to deploy additional devices to each location. Fortunately, SD-WAN can use zero touch provisioning (ZTP) to configure the devices remotely, which makes this easier. Even if you are replacing MPLS circuits entirely, you still have to deploy the SD-WAN devices that are going to be replacing existing WAN routers.


Comparison of SD-WAN and MPLS Network Topology

While many people discuss SD-WAN as a replacement for MPLS based infrastructure, the reality is that SD-WAN is very often deployed alongside MPLS. Many companies continue to rely on the proven stability of MPLS circuits for systems that require this type of reliability. In fact, one of the hallmarks of SD-WAN is its ability to use multiple different connection types including MPLS, broadband, 4G, 5G, and more, all at the same time.

For some companies, completely phasing out MPLS circuits is a goal that they want to accomplish over a set timeframe. Until then, it makes sense to simply scale back the bandwidth that uses MPLS, and route less critical traffic  using inexpensive alternatives as chosen by the SD-WAN configuration.


Is an SD-WAN Right For You?

SD-WAN is quickly becoming a standard when it comes to network infrastructure. It should not be looked at as an alternative to traditional MPLS based WAN systems, but instead, as the evolution of these technologies and the integration of cloud solutions. With that in mind, an SD-WAN is the right option for just about any organization that operates in multiple locations and wants to keep their IT infrastructure costs down, while ensuring their systems are always stable.