SD-WAN
Graphiant: MPLS and SD-WAN Fail to Meet the Needs of the Modern Enterprise
Network-as-a-service startup Graphiant has released a report suggesting MPLS and SD-WAN are insufficient for meeting enterprise networking needs, and that businesses are starting to gravitate towards NaaS products.
In a survey of 200 network architects and admins across North America, Graphiant highlighted three use cases MPLS and SD-WAN are “failing” to meet. According to respondents, the most difficult task is connecting with external entities, such as customers or other companies. Other challenges include connecting to enterprise resources, which has grown more complex due to the rise of remote work, as well as connectivity with public clouds.
“This happens every 10-11 years,” says Khalid Raza, founder & CEO of Graphiant. “I saw this in 2000 while pioneering MPLS at Cisco. I saw it when I co-founded Viptela in 2012. And now It’s time again for a new approach to the network edge.”
Respondents called out three critical uses cases:
- Enterprise connectivity has changed in recent years, with a surge in remote workers, remote offices, and IoT.
- Cloud connectivity is the second use case that stretches enterprise capabilities.
- And trends such as digital transformation and the service economy are pushing enterprises to connect more often with customers and partners.
“These new use cases are tough for MPLS and SD-WAN,” says Robert Spangler, Senior Network Engineer at Ballad Health. “MPLS is too slow to deploy and change and far too expensive. And SD-WAN can’t handle that number of tunnels.”
The survey shows enterprises aren’t happy with MPLS and SD-WAN for these new use cases. Network architects gave both technologies D’s and F’s for metrics such as scalability, agility, and cost.
Graphiant Founder and CEO Khalid Raza told Fierce Telecom while MPLS has the advantage of being private and doesn’t place a heavy operational burden on the enterprise, it’s expensive, slow to provision and its scalability is tied to the service provider.
“If the Provider Edge needs to be upgraded to provide the bandwidth, routing table or site increase…it will take a while to get done,” he said. Regarding SD-WAN, Raza noted it gives enterprises last mile flexibility and the ability to add commodity bandwidth. However, SD-WAN’s need for an overlay (a virtual network created on top of a physical network) for every underlay “create[s] a huge tunnel scale problem,” which leads to challenges with hardware and software licenses and increases the operational burden for enterprises.
“SD-WAN leverages public transport so connecting to the resources the enterprise needs should be simple, but it’s not,” said Raza. “The security, privacy and compliance concerns that public networks create a huge operational burden that enterprises aren’t prepared to handle.”
Mauricio Sanchez, Dell’Oro Group’s research director of network security, SASE and SD-WAN, said larger enterprises with more sophisticated networking needs and architectures usually run into problems with MPLS and SD-WAN. For MPLS, he brought up the cost component and how “few enterprises are happy with how long it takes carriers to provision or change.”
“With regards to SD-WAN, it’s done wonders in the last mile where access routers used to rule,” Sanchez told Fierce. “However, SD-WAN hasn’t penetrated the middle-mile as much where meshed-SD-WAN stands to replace classic BGP-based [Border Gateway Protocol] networking.”
He explained meshed SD-WAN is more common in the enterprise WAN core than on the WAN edge, meaning smaller branch offices likely have their SD-WAN CPE router connect with a single-head end. Sanchez also noted it’s not easy for enterprises to set up large meshed SD-WAN deployments, “usually because the equipment starts running out of steam.” VPN capacity is one example of an issue.
“So I wouldn’t paper everything in SD-WAN and MPLS as having ‘failed,’ but more so highlight that there are areas where definite improvement opportunity exists,” he concluded.
Author’s Note: I have been blown away by SD-WANs success as there are no standards and therefore no interoperability. Especially needed is a NNI standard that would interconnect different vendor specific SD-WANs to facilitate communications between two or more enterprise networks.
…………………………………………………………………………………………………………………………………………………….
Graphiant’s report indicated more enterprises are thinking about implementing network-as-a-service solutions, with 62% of respondents saying they are “somewhat likely” to move to NaaS.
Launched last September, Graphiant has pitched a combination of MPLS-like performance in speed, scale and security with as-a-service agility. Raza told Fierce enterprises can connect to Graphiant’s core from any location – the data center, branch office, at home or the edge – and build their networks “in minutes instead of months.”
Separately, Graphiant in March closed a $62 million funding round led by Two Bear Capital, Sequoia Capital as well as other VC and private equity firms. The latest round brings Graphiant’s total funding to $96 million.
References:
https://www.fiercetelecom.com/telecom/graphiant-says-sd-wan-mpls-fail-meet-enterprise-needs
Comcast Business expands SD-WAN portfolio for SMBs and single location customers
Comcast Business is expanding its SD-WAN portfolio to give more options to SMB customers. The MSO/ cableco on Friday announced two new solutions geared toward standalone business locations. Comcast says the new solutions cater to partners who need to connect to cloud and Software-as-a-Service (SaaS) applications.
The SD-WAN solutions enable small and medium businesses, with either a single location or multiple standalone locations, to help securely connect and manage their network, applications, and users. These businesses rely on SaaS applications and cloud services to operate, making secure networking a critical requirement. Comcast Business’ full range of global secure networking solutions provide connectivity, security, application optimization and control, as well as threat monitoring and response for single and multi-site customers.
In today’s digital economy, companies of all sizes need to provide their users fast, reliable, and secure connectivity to applications everywhere. This includes delivering high-quality, consistent, and predictable quality of experience for critical applications residing in the Cloud or SaaS and accessed via the public Internet. With the addition of these tailored SD-WAN solutions, Comcast Business can bring the benefits of secure networking to standalone and multi-site businesses around the world.
“Comcast Business’ global SD-WAN solutions are a central component of our secure network solutions strategy,” said Shena Seneca Tharnish, Vice President, Cybersecurity Products, Comcast Business. “With the addition of capabilities that support standalone sites, we are more prepared than ever to partner with businesses of all sizes to tailor solutions that meet their unique needs. At Comcast Business, we’re committed to preparing every business for what’s next.”
The enhancements to Comcast Business’ SD-WAN solutions enable secure networking and application optimization for single or multi-site businesses who need to connect to the Cloud or SaaS applications but may not require site-to-site networking. These solutions provide businesses with resiliency and visibility, as well as intelligent application prioritization and traffic steering, with advanced managed service. Key features include:
- Diverse connectivity, intelligent traffic steering, and direct connections to Cloud services enhance application performance and resiliency
- Advanced security capabilities to help protect against cyberthreats
- 24×7 Security Operations Center (SOC)
- Low-touch deployment capabilities provide easy installation
- Highly competitive pricing
These solutions are ideal for companies that lack IT budgets or a corporate network but need to support single locations with cloud connectivity using public Internet services.
Comcast Business was recognized as a leader by market research firm Frost & Sullivan in its 2022 Managed SD-WAN Services in North America report [1.]. At the time, Comcast was touted as the second-largest provider of SD-WAN connections in North America. Frost & Sullivan noted that the provider is “especially successful among enterprise customers with 250 or more sites.” The market research firm also gave a nod to Comcast’s strategic acquisition of SD-WAN leader Masergy and “the resultant portfolio enhancements and expanded partner ecosystem for SD-WAN and cloud solutions it has enabled.”
Note 1. Frost & Sullivan assessed 12 leading network and managed service providers in the North American market, analyzing their SD-WAN portfolios based on factors including partnerships with SD-WAN equipment vendors, breadth of underlay network technologies, self-service customer portals, and ability to offer value-added virtualized network functions (e.g., firewalls and routers) and other security solutions such as SASE.
…………………………………………………………………………………………………………………………………………………………………..
Previously, Aryaka announced enhanced SD-WAN and SASE products specifically designed to meet the needs of SMEs with a new entry pricing of under $150 per site. Aryaka Chief Product Officer Renuka Nadkarni told SDxCentral that ease of management is another key concern for many small businesses, which is why so many prefer managed services. Dell’Oro Group predicted the untapped networking and security SMB market will grow significantly this year on the backs of providers who can offer managed services.
…………………………………………………………………………………………………………………………………………………………………..
About Comcast Business:
Comcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help organizations of different sizes prepare for what’s next. Powered by the nation’s largest Gig-speed broadband network, and backed by 24/7 customer support, Comcast Business is the nation’s largest cable provider to small and mid-size businesses and one of the leading service providers to the Enterprise market. Comcast Business has been consistently recognized by industry analysts and associations as a leader and innovator, and one of the fastest growing providers of Ethernet services.
References:
To learn more about Comcast Business SD-WAN solutions: https://business.comcast.com/enterprise/products-services/sd-wan-solutions/sd-wan
https://www.sdxcentral.com/articles/news/comcast-tailors-sd-wan-portfolio-to-smbs/2023/03/
https://store.frost.com/frost-radartm-managed-sd-wan-services-in-north-america-2022.html
Gartner: changes in WAN requirements, SD-WAN/SASE assumptions and magic quadrant for network services
Arista’s WAN Routing System targets routing use cases such as SD-WANs
Have we come full circle – from SD-WAN to SASE to SSE? MEF’s SD-WAN and SASE standards
Enterprises Deploy SD-WAN but Integrated Security (SASE) Needed
Enterprises Deploy SD-WAN but Integrated Security (SASE) Needed
A new IDC study, commissioned by GTC, reveals that over 95% of enterprises have deployed software-defined wide area networks (SD-WANs) or plan to do so within the next 24 months. However, nearly half (42%) reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all.
Enterprises today are facing what IDC calls “storms of disruption:” waves of economic, political, and social disruptions that are hampering companies’ efforts to become “truly digital enterprises” – like the Russia-Ukraine war, global recession, and industry-wide skills gaps. Networks need to support businesses in their move toward a cloud-native, digital-first, hybrid-working model of operation, and SD-WAN is now a cornerstone of network transformation, IDC stated in its GTT-commissioned study.
When asked to list the challenges they faced when taking a do-it-yourself (DIY) approach to SD-WAN, respondents cited difficulties related to hiring and retaining a skilled in-house workforce, keeping up with technology developments and the ability to negotiate favorable terms with technology vendors.
“Now that SD-WAN has matured and has been widely adopted, the complexity of deployments has grown, challenging enterprises on multiple fronts and compromising their ability to realize the full benefits of the technology,” said James Eibisch, research director, European Infrastructure and Telecoms, IDC.
“Enterprises are increasingly reliant on the resources and expertise of a managed service provider to ensure they deploy SD-WAN in a way best suited to their meet their organizations’ objectives. Security approaches like Secure Access Service Edge (SASE) [1.] that combine the benefits of SD-WAN with zero trust network access and content filtering features are well poised to dominate the next phase of SD-WAN enhancements as enterprises continue to enable the cloud IT model and a hybrid workforce.”
Note 1. SASE, when combined with a SD-WAN overlay network, is seen as a less expensive way to get circuits exactly where they are needed — especially to remote locations — than using traditional architectures like IP-MPLS. Scaling the enterprise WAN out to more user devices and more locations also becomes easier, a necessity at a time when hybrid and remote working continues to be popular.
…………………………………………………………………………………………………………………………………………………………..
The IDC survey found that more than 80% of respondents worldwide have either made SASE a priority (39%) or have recognized its benefits and are already incorporating it into company initiatives (42%). Only 19% of respondents worldwide reported they do not view SASE as a priority.
Despite this widespread recognition of the value of integrating security and SD-WAN, the survey found that many enterprises have not been able to leverage these benefits. In the U.S., 45% of respondents said they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all. In some countries, such as Switzerland and France, that figure was more than 50%. This trend held across vertical industries such as manufacturing (47%), retail (46%), healthcare (47%) and transportation (49%). Financial and business services were exceptions, with only 32% and 34%, respectively. Seven out of 10 respondents (71%) worldwide expect to use integrated security in the next 12 months.
Image Credit: Fortinet
“This IDC study highlights the critical role of expert managed services support for enterprises deploying SD-WAN. Experienced managed services providers can help integrate technology, connectivity and security, while also managing costs and increased complexity,” said Lisa Brown, CMO at GTT. “The research shows that a DIY approach to SD-WAN presents a number of challenges that can be addressed by teaming with a managed services provider.”
When respondents who were adopting a managed services approach to SD-WAN were asked for their reasons, many said they wanted to outsource day-to-day management tasks. The top reason cited by respondents globally for using a managed services provider was the benefit of always-on help desk support in local languages, with 36% citing this as a reason. Running a close second, 35% cited visibility, insights and control without the need for technology certification as a benefit. In addition, 34% cited ease of configuration management; the ability to manage, maintain and facilitate technology upgrades; and better protection against security threats.
Todd Kiehn, SVP at GTT, told SDxCentral, “There will be a continued evolution to SD-WAN integrated with cloud security over the coming year. The IT organization is going to require ever-increasing visibility into the actions of the end user. Consistently through our customers, prospects, CIO roundtables and through this recent research, the biggest obstacle enterprises are having in implementing new security solutions is finding and securing a staff with the necessary skills. The cybersecurity skill shortage particularly is a global problem.”
Companies that have no position on SD-WAN-specific security yet face the challenge of adopting these new technologies on their own or through managed service provider partnerships — either of which take time and resources.
“Enterprises can view SASE as a security architecture transformation alongside the deployment of SD-WAN. Our customers are deploying security to support their varied digital transformation initiatives such as work from anywhere, branch transformation or cloud migrations,” Kiehn noted.
“Security solutions based on the SASE framework provide choice and a roadmap to address the specific business needs of the enterprise such as enhancing the security posture of mobile users by replacing legacy VPN technology, improving security for guests and employees at brick and mortar locations, and developing a more comprehensive posture to support a hybrid cloud model,” Kiehn added.
About GTT:
GTT is a managed network and security services provider to global organizations. We design and deliver solutions that leverage advanced cloud, networking and security technologies. We complement our solutions with a suite of professional services and exceptional sales and support teams in local markets around the world. We serve thousands of national and multinational companies with a portfolio that includes SD-WAN, security, Internet, voice and other connectivity options. Our services are uniquely enabled by our top-ranked, global, Tier 1 IP backbone, which spans more than 260 cities on six continents. The company culture is built on a customer-first service experience reinforced by our commitment to operational excellence and continuous improvement in our business, environmental, social and governance practices. For more information, visit www.gtt.net.
References:
https://www.sdxcentral.com/networking/sd-wan/definitions/software-defined-sdn-wan/
https://www.sdxcentral.com/articles/news/sd-wan-security-needs-a-refresh-idc-says/2022/11/
MEF survey reveals top SD-WAN and SASE challenges
Omdia: VMware and Versa Networks are SD-WAN revenue leaders; SD-WAN market to hit $6.7B by 2026
AT&T tops VSG’s U.S. Carrier Managed SD-WAN Leaderboard for 4th year
Dell’Oro: SD-WAN market grew 45% YoY; Frost & Sullivan: Fortinet wins SD-WAN leadership award
MEF New Standards for SD-WAN Services; SASE Work Program
VSG Global SD-WAN Leaderboard Rankings and Results
MEF New Standards for SD-WAN Services; SASE Work Program; Dec 2022 UPDATE!
The Metro Ethernet Forum (MEF) [1.] has published new SD-WAN standards that add critical enhancements, including new service capabilities for underlay connectivity, important application performance metrics, and security zones for service providers deploying SD-WAN managed services.
Note 1. The MEF is an industry forum empowering enterprises to transform digitally with standard services and APIs for network, cloud, and technology providers. While initially focused on Carrier Ethernet, the MEF scope has broadened to encompass overlay services like SD-WAN. The ITU-T does not have an active SD-WAN standardization program so the industry must look to the MEF for service definitions and standards for that subject.
……………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………
The new MEF standards include:
- MEF 70.1 updates MEF 70, the industry’s first global SD-WAN standard, to include new service attributes for underlay connectivity services, new measurable performance metrics that provide visibility into an application’s performance within the provider network and across multiple service providers, and the infrastructure to support application-based security defined in MEF 88 (see below).
- MEF 88, MEF’s first security standard, enhances an SD-WAN service to add security functions. These include defining threats, malware protections, security policy terminology and attributes, and describing what actions a policy should take in response to certain threats.
- MEF 95 provides a unified policy framework for MEF’s SD-WAN (MEF 70.1), Network Slicing (MEF 84), and SASE (MEF W117) and Zero Trust (MEF W118) standards coming in 2022.
“We’re seeing a healthy uptick in SD-WAN deployments driven by work from anywhere, as more users are connecting to the cloud and cloud-based applications. We estimate the global SD-WAN service market will grow from $2.85B in 2020 to $14.5B in 2025 (CAGR of 38%),” said Roopa Honnachari, vice president of research & global program leader – network & edge services, Frost & Sullivan.
“MEF’s work in standardizing and certifying SD-WAN managed services is helping to drive that adoption, and we believe certified services and professionals will continue to play an important role in moving the market forward.”
“MEF develops standards and certifications to provide clarity and assurance and remove complexity for SD-WAN managed services.
The new standards define the service behavior and associated policy language needed to deliver high-performance, secure SD-WAN managed services,” said Pascal Menezes, CTO, MEF.
Source: MEF
……………………………………………………………………………………..
“These standards, and the forthcoming SASE and Zero Trust standards, benefit both customers and providers—customers know what to expect when purchasing SD-WAN managed services from a provider, and providers have the tools needed to deliver secure SD-WAN services that drive customer satisfaction,” Pascal added.
Both service providers and vendors can attain certification for MEF’s SD-WAN standards in the MEF 3.0 SD-WAN certification program which validates compliance with MEF standards for delivering managed SD-WAN services and the underlying technology. The objective is to eliminate market confusion, and enable faster SD-WAN market adoption.
In 2022, secure SD-WAN requirements will be added to the MEF 3.0 certification program. Currently, 17 companies have achieved MEF 3.0 SD-WAN certification. In addition, the MEF-SDCP Professional Certification training and certification provides an opportunity for the engineers, architects, product managers, and others deploying SD-WAN solutions to demonstrate their expertise in MEF 3.0 service standards.
- Worldwide, there are over 700 MEF-SDCP professionals employed by more than 120 companies.
- Over 60 service providers have either the Carrier Ethernet or SD-WAN certification within the MEF 3.0 framework, and a handful have both.
- AT&T, Verizon, Comcast Business and Windstream are among the service providers with MEF 3.0 SD-WAN Certification. Those companies also rank within the top five of Vertical Systems Group’s 2020 US Carrier Managed SD-WAN Leaderboard.
MEF SASE Work:
MEF will also be releasing SASE (MEF W117) and Zero Trust (MEF W118) standards in 2022. MEF started developing its secure access service edge (SASE) framework last fall to clarify the service attributes and definitions for SASE.
The SD WAN market has already become bogged down by different SASE definitions, which has led to confusion among enterprise customers and frustration for service providers.
MEF defines SASE as a “service connecting users (machine or human) with their applications in the cloud while providing connectivity performance and security assurance determined by policies set by the Subscriber.” The networking and security functions within a SASE service include routing, VPN, path selection, traffic shaping, firewall, threat prevention and more.
Yet finding one vendor that meets all those requirements, and delivers a SASE service that is simple to deploy, is proving challenging for service providers that want to provide SASE as a managed service to enterprise customers.
“The ideal is one vendor, right? That’s the ideal, we all agree with it. But at least for enterprise customers, we’d haven’t found a single vendor solution that meets their needs yet from a SASE perspective,” said Verizon’s Vincent Lee.
MEF Media Contact: Melissa Power [email protected]
……………………………………………………………………………………………………………………………………………………………………………………………………
References:
MEF Introduces New Standards for High-Performance, Secure SD-WAN Services
https://www.mef.net/service-standards/overlay-services/sase/
……………………………………………………………………………………………………………………………………………………………………………….
December 2022 UPDATE:
MEF SD-WAN and SASE Standards:
In August 2019, the MEF published the industry’s first global standard defining an SD-WAN service and its service attributes. SD-WAN Service Attributes and Services (MEF 70). The MEF SD-WAN standard describes requirements for an application-aware, over-the-top WAN connectivity service that uses policies to determine how application flows are directed over multiple underlay networks irrespective of the underlay technologies or service providers who deliver them. However, it does not address interoperability because it does not specify either a UNI or NNI protocol stack.
MEF 70 defines:
- Service attributes that describe the externally visible behavior of an SD-WAN service as experienced by the subscriber.
- Rules associated with how traffic is handled.
- Key technical concepts and definitions like an SD-WAN UNI, the SD-WAN Edge, SD-WAN Tunnel Virtual Connections, SD-WAN Virtual Connection End Points, and Underlay Connectivity Services.
SD-WAN standardization offers numerous benefits that will help accelerate SD-WAN market growth while improving overall customer experience with hybrid networking solutions. Key benefits include:
- Enabling a wide range of ecosystem stakeholders to use the same terminology when buying, selling, assessing, deploying, and delivering SD-WAN services.
- Making it easier to interface policy with intelligent underlay connectivity services to provide a better end-to-end application experience with guaranteed service resiliency.
- Facilitating inclusion of SD-WAN services in standardized LSO architectures, thereby advancing efforts to orchestrate MEF 3.0 SD-WAN services across automated networks.
- Paving the way for creation and implementation of certified MEF 3.0 SD-WAN services, which will give users confidence that a service meets a fundamental set of requirements.
In December 2022, MEF published two Secure Access Service Edge (SASE) standards defining 1.] SASE service attributes, common definitions & a framework and 2.] a Zero Trust framework that together allow organizations to implement dynamic policy-based actions to secure network resources for faster decision making and implementation for enterprises. MEF’s SASE standard defines common terminology and service attributes which is critically important when buying, selling, and delivering SASE services. It also makes it easier to interface policy with security functions for cloud-based cybersecurity from anywhere. MEF’s Zero Trust framework defines service attributes to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.
- SASE Service Attributes and Service Framework Standard: specifies service attributes to be agreed upon between a service provider and a subscriber for SASE services, including security functions, policies, and connectivity services. The standard defines the behaviors of the SASE service that are externally visible to the subscriber irrespective of the implementation of the service. A SASE service based upon the framework defined in the standard enables secure access and secure connectivity of users, devices, or applications to resources for the subscriber. MEF’s SASE standard (MEF 117) includes SASE service attributes and a SASE service framework.
- Zero Trust Framework for MEF Services: The new Zero Trust Framework for MEF Services (MEF 118) defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed. This framework also defines service attributes, which are agreed between a subscriber and service provider, to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.
IDC Directions 2018 Insight: Intelligent Network Edge, SD-WANs & SD-Branch
Introduction:
IDC Directions is the market research firm’s annual conference, which always delivers an informative and actionable overview of the issues shaping the information technology, telecommunications, and consumer technology markets. IDC speakers look at the current state of various markets, cutting edge trends and future IT developments that are likely to result in transformation and change.
This year’s event only had one session on networking which we cover in detail in this article. A total event summary is beyond the scope of the IEEE ComSoc techblog.
Abstract:
As the edge plays host to a growing array of new applications, the focus ultimately turns to edge networking, which must deliver the requisite connectivity, bandwidth, low-latency, and network services for both enterprise and service provider deployments. Indeed, as IoT and other edge services proliferate, a one-size-fits-all approach to edge networking and network security will not suffice. In this session, Brad Casemore of IDC examined the diversity of network requirements and solutions at the edge, covering physical, virtual, and network-as-a-service (NaaS) use cases and application scenarios.
Presentation Highlights:
According to IDC, the “Intelligent Edge” includes both the IT Edge (IT activities performed outside the data center, but within purview of IT) and the OT/Operations Technology Edge (embedded technologies that do not directly generate data for enterprise use, and are outside the direct purview of IT).
That’s in contrast to the “Core,” which is the “IT Data Center” — an information aggregation facility that is located on the firm’s own physical premises, off-premises in a collocation facility, or off-premises at a virtual location such as a public cloud.
Networking at the Intelligent Edge involves three types of sub-networks:
▪ Enterprise Cloud IT Edge (branch networking for the cloud)
▪ Enterprise Branch IT Edge (the evolution of networking at branch offices/remote sites)
▪ IoT Edge (networking to, from, and at the IoT/OT Edge)
Networking provides essential connectivity and bandwidth, but it also provides valuable network and security services that accelerate and optimize application and service performance at the edge. Brad said that significant innovation is occurring in edge networking which are enabling better business outcomes at the intelligent edge. Some examples of innovation are:
• Software Defined Networks (SDN)/Intent-based
• Overlay networks (such as SD-WANs)
• Network Virtualization (NV)/Network Function Virtualization (NFV)
• Network security (software-defined perimeter)
As a result, the intelligent edge network is significantly contributing to automated network intelligence, in addition to providing wireless and wireline connectivity services.
……………………………………………………………………………………………………………
Enterprise IT is being challenged to provide access to public and private clouds while also maintaining secure and effective communications with regional offices and headquarters (usually through an IP-MPLS VPN).
Enterprise WANs are not effective for Cloud access, because they lack agility, flexibility, and efficiency.
These two issues are depicted in the following two IDC figures:
As a result, a different Application Centric WAN architecture is needed. Brad proposed SD-WANs for this purpose, despite the reality there is no standard definition or functionality for SD-WAN and no standards for multi-vendor inter-operability or inter-SD-WAN connections (e.g. UNI or NNI, respectively). SD-WAN is an overlay network that provides user control via the Application layer, rather than via a “Northbound” API to/from the Control plane (as in conventional SDN).
The use cases for SD-WAN have been well established, including improving application performance by enabling use of multiple WAN links, simplifying WAN architecture, reducing reliance on MPLS, and improving SaaS performance by automatically steering traffic based on application policy instead of back hauling all traffic to the data center.
IDC believes the Internet of Things (IoT) will have a huge impact on networking infrastructure, especially at the edge where low latency/ real time control of IoT devices will be needed.
Casemore said that SD-WANs will help companies overcome issues associated with a traditional enterprise WAN, which wasn’t built for cloud and lacks operational efficiently.
In a real world example of SD-WANs for a medical device supplier, Brad noted the goals were:
• Dynamic access to all available bandwidth (underlays)
• Move away from using relatively expensive MPLS circuits for voice traffic
• Prioritize business-critical cloud apps ahead of nonproduction apps/traffic
• Need for greater visibility –quickly remediate issues and respond to evolving application/service needs
Benefits cited were the following:
• Improved resilience
• Better application performance and availability
• Cost-effective bandwidth utilization
• Better visibility (faster troubleshooting/remediation and proactive planning)
• IT department and network team now contributing to the business of making and shipping products quickly
IDC sees SD-WAN evolving to incorporate more intent based networking and intelligent automation, with business intent consistently applied to application delivery and performance, he said.
…………………………………………………………………………………………………………………….
Editor’s Note: Intent-based networking is a hot buzzword in the industry right now, generally describing technology that uses automation and machine learning to implement business policy with little or no human intervention. Many believe that intelligent automation will be how business intent is applied to application delivery and network performance across the WAN.
…………………………………………………………………………………………………………………….
Brad also suggested the following additional attributes for future SD-WANs
▪ Machine Learning and AI – SD-WAN must become cognitive, proactive, and ultimately self-driving, continuously adapting to changing conditions
▪ Pervasive Security – Applications automatically steered over appropriate links and to appropriate security devices. Secure segmentation provided on a per -application basis.
▪ Stepping stone toward SD-branch
“This is all moving us toward the software-defined (SD)-branch. SD-WAN serves as the precursor and serves as the essential conduit to SD-branch and network as a service (NaaS) at the edge,” Casemore said.
In the SD-branch, routing, firewall, and WAN optimization are provided as virtual functions in a cloud-like NaaS model, replacing expensive hardware. Management is automated and services can be easily adjusted as business needs change, Casemore said.
IDC believes telcos will use SD-branch to provide virtual CPE and unversal CPE services as per this slide from IDC:
……………………………………………………………………………………………………………………………………
Sidebar on SD-branch from a recent Network World article:
The branch network is a critical piece of the IT infrastructure for most distributed organizations. The branch network is responsible for providing reliable, high quality communications to and from remote locations. It must be secure, easy to deploy, able to be managed centrally and cost effective. Requirements for branch networks continue to evolve with needs for increased bandwidth, quality of service, security and support for IoT.
SDN and network virtualization technologies have matured to the point where they can deliver significant benefits for branch networks. For example, SD-WAN technology is rapidly being deployed to improve the quality of application delivery and reducing operational complexity. SD-WAN suppliers are rapidly consolidating branch network functions and have reduced (or eliminated) the need for branch routers and WAN optimization.
The most compelling argument for SD-Branch is operational agility. IT organizations can rapidly deploy and provision a network branch-in-a-box solution for new locations. Via a centralized management console, they can control and adjust all branch network and security functions.
Reducing or eliminating the need for trained IT personnel to visit remote branch locations results in significant cost and time savings. SD-Branch also promises to reduce hardware costs by deploying software on consolidated hardware as compared to many separate appliances.
Other SD-Branch benefits include:
- Decreased cost of support and maintenance contracts because fewer vendors will be involved.
- The ability to right-size hardware requirements for each branch thanks to software virtualization.
- A smaller hardware footprint, which is ideal for space-constrained branches.
- Network performance scalability. As network requirements change, the performance of any function can be tuned up or down by changing processor allocation or adding hardware resources.
- Lower power consumption because one power-efficient platform replaces many appliances.
Over time the SD-Branch will be easier to deploy, less complex to manage, and more responsive to changing requirements at the branch. The cost benefits in CAPEX and OPEX could be significant as the technology matures.
The broader concept of SD-Branch is still in its early stages. During 2018, we will see a number of suppliers introduce their SD-Branch solutions. These initial SD-Branch implementations will primarily be single-vendor and may lack state-of-the-art technology in some applications.
IT leaders should carefully evaluate the benefits of the SD-Branch architecture. Migration to SD-Branch will likely require significant changes to the existing branch network and may require a forklift upgrade. SD-Branch suppliers should be evaluated on their current and near-future technology, technology partnerships (e.g. security), and deployment options (do it yourself, channel partners, and managed solutions).
……………………………………………………………………………………………………………………………………
Brad believes that SD-branch is inevitable. He provided the following rationale for that:
▪SD-Branch will be enabled by SD-WAN overlays
▪ SD-WAN will be integral component of SD-Branch, but latter will include other
virtualized (perhaps containerized) network/security services
▪ Automated provisioning, management, and orchestration results in SD-Branch that
yields dynamic network as a service (NaaS)
• Network and security services added or modified as needed
• Results in CapEx savings (separate hardware appliances no longer need for each network
function)
• Network operating costs are lower, minimized need for branch IT
• Provisioning is far more agile, resulting in faster time to revenue/business outcome
▪ It’s not enough to have virtual network appliances
• Virtual appliances are still appliances architecturally
• SD-Branch gets us to cloud-like NaaS at the branch/remote office
…………………………………………………………………………………………………………..
IDC Prediction: Edge IT goes mainstream in 2022, displacing 80% of existing edge appliances.
…………………………………………………………………………………………………………..
IDC’s Essential Guidance for Users:
- Consider the role and value of the network not just in terms of connectivity, but in how it can contribute to intelligence at the edge.
- Look for edge-networking solutions that abstract management complexity, provide application-centric automation, speed provisioning, and ensure application availability and security.
- Ensure your intelligent-edge network evolves to a NaaS model, in which virtualized network and security services are dynamically provisioned as needed. The edge network must be as agile as the apps/services it supports.
IDC’s Essential Guidance for Suppliers:
- Continually enhanced intelligent network automation and orchestration to reduce operational complexity and provide network agility.
- Leverage ML/AI as means to the end goal of providing increasingly actionable visibility that loops back to feed intent/policy and allows for proactive remediation.
- Provide for true NaaS at the intelligent edge, incorporating a full range of virtualized network and network-security services (through ecosystem partnerships).
Analysis of Windstream’s 2nd quarter results; enhanced SD-WAN solution
2Q-2017 Operating Results:
Windstream Holdings Inc. on August 3rd reported a $68 million 2nd quarter loss and said it would end its quarterly dividend to shareholders as part of a new capital allocation strategy.
The Little Rock, AR telecommunications and cloud service provider reported 2nd quarter revenue of $1.49 billion, which was up 10% from the same quarter last year. Operating income was $107 million, down 31% from $155 million in the same period a year ago. Its $68 million net loss, or a loss of 37 cents per share, compared with net income of $1.5 million, or 1 cent per share, a year ago.
“Windstream delivered solid second quarter results, highlighted by sequential growth in Adjusted OIBDAR,” CEO Tony Thomas said in the previously referenced press release.
“Our unique network assets and cloud-based applications have us well positioned to grow market share. Additionally, we continue to improve our cost structure and have significant opportunities to further drive down costs through reductions in network interconnection costs, upcoming synergies from the EarthLink and Broadview transactions (i.e. acquisitions) and initiatives to advance our organizational effectiveness,” Thomas added.
……………………………………………………………………………………………
Recent Acquisitions:
1. Windstream completed its purchase of EarthLink Holdings Corp. of Atlanta, GA in February. The company has said the $1.1 billion all-stock deal will expand Windstream’s U.S. nationwide fiber footprint and lead to enhanced products and services.
2. Windstream closed on its $225 million purchase of Broadview Networks Holdings Inc. of Rye Brook, New York last month. The private, cloud-based unified communications services provider to small and medium-sized businesses offers a suite of services under the OfficeSuite UC brand which will now be sold by Windstream’s sales force.
…………………………………………………………………………………………..
Comment & Analysis:
Windstream is a leading rural local exchange carrier in the U.S. The company offers broadband Internet, private line, telephony and digital TV services to consumers primarily in rural areas. Windstream also provides advanced network communications such as cloud computing and managed services to enterprise (medium & large business) customers. The company also has business units for: ILEC consumer & small business, CLEC consumer & small business, and wholesale. They have recently entered the SD-WAN market via VeloCloud’s solution (see below).
From Windstream’s most recent SEC 10-K report filing:
Our vision is to provide a best-in-class customer experience through a world-class network. Our “network first” strategy entails leveraging our existing infrastructure and investing in the latest technologies to create significant value for both our customers and our shareholders.
Following the completion of the Merger with EarthLink, our business unit organizational structure will be focused on the following four core customer groups: ILEC Consumer and Small Business, Wholesale, Enterprise, and CLEC Consumer and Small Business, as further defined below. During the third quarter of 2016, we changed the name of our Carrier segment to Wholesale to better reflect our customer base and the products and services we are selling in the marketplace. Historically, we were solely focused on serving telecom companies based in the United States, but over the past year, we have expanded our focus to sell our products and services to nontraditional telecom companies, including content providers, data center operators and international carriers requiring voice and data transport services in the United States. This organizational structure aligns all aspects of the customer relationship (sales, service delivery, and customer service) to improve accountability to the customer and sharpen our operational focus.
Windstream’s local exchange business competitors include: wireless communications providers, cable television companies/MSOs, resellers of local exchange services, inter-exchange carriers, satellite transmission service providers, electric utilities, competitive access service providers.
Windstream has been losing access lines due to pricing pressure and fierce competition. The company is also under pressure with losses in the wholesale business. Being a local exchange carrier (both an ILEC and CLEC), Windstream remains exposed to stringent regulatory measures by the Federal Communications Commission (FCC) as well as state regulatory bodies and local public utility commissions.
……………………………………………………………………………………………
SD-WAN Offering:
In an earlier press release this month, Windstream touted its previously promoted SD WAN solution which now includes additional broadband flexibility, improved self-service monitoring and control options, and a new SD-WAN Concierge™ managed service that automatically optimizes application performance, lowers costs and simplifies network management. Windstream customers can also combine SD-WAN with Diverse Connect to achieve a 100 percent availability service level agreement (SLA).
“We introduced our SD-WAN service in January, and we have seen tremendous adoption in the first six months as customers find they benefit from a more tailored, flexible and controllable WAN experience,” said Joseph Harding, executive vice president and enterprise chief marketing officer at Windstream. “Following our merger with EarthLink, we are enhancing our SD-WAN solution as we work to integrate our offerings. The result is a powerful new solution that gives customers even greater network agility, scalability and performance, all while also reducing costs and virtually eliminating downtime.”
Windstream’s SD-WAN solution was said to utilize “cutting edge technology” (see Editor’s Note below) coupled with the customer’s application prioritization to dynamically route traffic over a combination of private and public networks to reach multiple locations. Customers maintain control over their network from a convenient centralized location rather than manage various individual routers and firewalls.
Windstream’s enhanced SD-WAN solution is available immediately to businesses in Windstream’s nationwide service area. Over the past six months, Windstream has partnered with customers in the retail, banking, professional services, healthcare, manufacturing and financial services industries, and the company expects demand to remain high for its industry leading solution.
In addition to SD-WAN, Windstream offers a full suite of advanced network communications and technology solutions like UCaaS and Diverse Connect along with voice and data services such as VoIP access, SIP trunking, MPLS, Wavelength, Ethernet and dedicated high-speed Internet. Windstream also offers managed services, cloud services and network security services designed to help businesses increase productivity and improve operational costs. For more information, visit windstreambusiness.com.
……………………………………………………………………………………………………
Editor’s Note:
As we’ve repeatedly stated in these techblog posts (and elsewhere), there are no standards for SD-WANs which implies each network provider goes with a single vendor solution which won’t inter-operate with any other SD-WANs from other network providers. Earlier this year, Windstream selected VeloCloud’s SD WAN as the product powering their SD-WAN service.
Earlier this summer, Windstream joined the ONAP open source project (under Linux Foundation). The ONAP Project is focused on creating a harmonized and comprehensive framework for real-time, policy-driven software automation of virtual network functions. ONAP’s primary objective is to enable software, network, IT, and cloud providers and developers to rapidly create new services which can be monetized.
References:
http://abea-43pvyw.client.shareholder.com/investors/releasedetail.cfm?ReleaseID=1035855
http://investor.windstream.com/investors/releasedetail.cfm?ReleaseID=1035354
https://www.windstreambusiness.com/solutions/networking-solutions/sd-wan
https://www.windstreambusiness.com/resources/brochures/sd-wan-solutions
http://files.shareholder.com/downloads/ABEA-43PVYW/4941624088x0xS1282266-17-13/1585644/filing.pdf
https://techblog.comsoc.org/2017/07/01/windstream-joins-onap-open-source-telco-movement/