alex_aldo - Fotolia

IT groups abandon DIY SD-WAN; prefer managed, hybrid model

Enterprises don't want DIY SD-WAN. Instead, they prefer managed SD-WAN, but they also don't want to outsource all SD-WAN operations to a service provider.

When software-defined WAN first emerged, the demand for the technology was split rather evenly between IT organizations that wanted to design and build their own SD-WAN implementations and others that wanted to consume it as a managed service.

Enterprise Management Associates' (EMA) newly published research on WAN transformation, based on a survey of 303 WAN professionals, has now revealed that IT organizations have pivoted hard toward managed SD-WAN services. Only 12% of enterprises prefer a DIY SD-WAN, versus 62% that prefer a managed offering.

SD-WAN complexity a key concern

Why are IT organizations moving away from DIY SD-WAN? I think the issue is complexity. In the early days of SD-WAN, complexity was an issue no matter what path an organization took, so enterprises saw little difference between DIY and managed SD-WAN.

On the DIY side, IT organizations found themselves working with a new layer of technology that introduced site-to-site tunnels across the existing WAN underlay. Aside from those tunnels, they had to figure out whether they would keep their existing routers in place and how to make sure those routers were compatible with SD-WAN technology.

Next, they had to configure the new quality of service setting that SD-WAN services offered. Soon after that, they learned they needed to integrate their network security architecture with SD-WAN. The list went on and on.

One might think managed offerings would solve this complexity, but one would be wrong.

From 2016 to 2018, I talked with several network service providers, from MPLS carriers to cable companies, that found it impossible to build an SD-WAN managed service that removed complexity. Many of the early SD-WAN products were immature and, in some cases, still contained complex legacy technology.

Providers struggled to "productize" these SD-WAN services into a managed service that could be deployed easily across different customer environments. Instead, they found themselves almost starting from scratch with each customer, and this strained everyone's patience.

This issue was exacerbated by large enterprises that had special requests. They would make idiosyncratic demands around things like routing compatibility and high availability architecture that service providers struggled to implement with SD-WAN technology intended to serve as a simple overlay. The result was a lot of unhappy customers and failed SD-WAN offerings.

The technology may have matured, but the amount of work that is required to get SD-WAN up and running is still a heavy lift.

Managed SD-WAN curtails complexity

SD-WAN technology has matured over the last few years and so have providers of managed SD-WAN services. As they've gained experience, managed service providers and network service providers have established best practices that make it easier for them to abstract complexity and make their offerings more "productized." Also, most of them have formed partnerships with multiple SD-WAN providers, which enables them to address a broader set of requirements from their more idiosyncratic clients.

However, complexity remains an issue for DIY SD-WAN. The technology may have matured, but the amount of work that is required to get SD-WAN up and running is still a heavy lift.

Architecture and topology are partly to blame. For instance, 56% of enterprises engaged with SD-WAN said they plan to build a full mesh network with SD-WAN, with any-to-any connectivity between almost every site, and out into every public and private cloud. This can be a mountain of work for an enterprise's network engineering team. They will have to build countless tunnels in the SD-WAN overlay.

On the other hand, only 12% of enterprises intend to build a hub-and-spoke network with SD-WAN. These enterprises might be more comfortable with a DIY approach. They will be dealing with fewer tunnels, and they will most likely be routing cloud traffic through one or more data centers, rather than building individual tunnels from each site into each cloud.

The future of SD-WAN appears to be a market of managed service offerings with a hybrid operational model.

IT won't outsource SD-WAN operations

While most IT organizations prefer a managed SD-WAN service, they do not want to outsource SD-WAN operations. The EMA survey asked how IT organizations want to manage operations like change management, monitoring and troubleshooting. Only 16% want to outsource this responsibility to a service provider.

On the other hand, only 17% want to keep SD-WAN operations entirely in-house. Instead, 63% want to establish a hybrid operational approach, where the service provider and the IT organization share responsibility. This hybrid model gives the network team more control, without necessarily saddling them with responsibility for every operational task related to the SD-WAN service.

For example, the internal networking team may want to serve as the tier 1 response team and escalate complex issues to the service provider. Other enterprises might want to take the opposite approach. It will depend on the skills and expertise of the team they have.

In any case, the future of SD-WAN appears to be a market of managed service offerings with a hybrid operational model. The emergence of Secure Access Service Edge (SASE) will probably encourage this strategy to continue on its current course. SASE combines SD-WAN, cloud-based security and secure remote access into a single platform.

The cloud-based security piece alone promises more complexity, since it will combine half a dozen or more security technologies into a single service. Then, you add SD-WAN and secure remote access on top of that. Enterprises will be better off consuming SASE as a managed service.

Dig Deeper on SD-WAN