Today's CTOs know networking should be lean, which means maximizing network utilization and ensuring the flexibility needed to handle ever-increasing bandwidth. Software-defined wide area networks (SD-WAN) can help by providing secure connections to standard broadband and the ability to dynamically choose the best traffic route. Because of this, it has become a standard deployment in enterprise infrastructure.

Now more than ever, the efficiency gained by SD-WAN will prove pivotal, but the ability to minimize downtime is equally important. Networks are becoming more geographically dispersed to support data-rich applications and Internet-connected devices. Additionally, as we are seeing with the current pandemic, unexpected issues can lead to new working conditions as well as network traffic surges of unprecedented duration and intensity.

This means networks must handle a lot of traffic economically and be resilient enough to withstand disruptions, security breaches and behavioral changes in users. To handle this, organizations will need to implement a plan for end-to-end resilience into their overall enterprise networking ecosystem that will work in conjunction with SD-WAN to ensure efficiency and security.

Growing pains of SD-WAN

Although SD-WAN brings new flexibility and efficiencies for managing the flow of data, it also presents additional points of failure and requires a secure system to remotely manage on-site devices.

Traditional branch networking routers could go years without needing any support, such as firmware updates or configuration. In contrast to this, SD-WAN routers run larger software stacks, which require more updates and present more possibilities of something going wrong. While cloud-based provisioning makes remote configuration of an SD-WAN router easier, it could still be vulnerable to network events if management is tied to the main production network.

SD-WAN can also introduce visibility blind spots, creating security challenges. For instance, engineers using traditional network management tools in an SD-WAN environment may find it difficult to see unauthorized IoT devices and ensure IT applications are working as required - this makes troubleshooting sites and underlaying networks more challenging.

End-to-end network resilience to ensure SD-WANs stay up and running

Though streamlining network traffic will go a long way towards reducing latency and improving the ROI and TCO attained from a network, none of this will mean anything if the tools aren't in place to ensure the environment is kept up and running. When disruption happens, companies must be prepared.

This is where end-to-end resilience is key. Beyond redundant equipment to failover to, organizations need an intelligent system that makes it easy to monitor every piece of equipment and ensures management can always remotely recover issues quickly if needed.

Resilience is more easily achieved if there is a distinct separation of the network management plane so that engineers and management tools can reach any site in a network, regardless of the status of the production network. Additionally, if you do have an alternate path in place, it is highly advisable to use a wireless connection - solutions like plain old telephone lines may require on-site configuration and be limited in the capabilities they offer.

In the modern networking world, there are a variety of smart tools to enable end-to-end network resilience, like out-of-band management, failover to cellular and NetOps automation. These work in concert to provide essential benefits ranging from remote monitoring and management to continued internet connectivity during an ISP outage, and minimize the need for human intervention.

These tools can supply an always-on, remotely configurable, alternative path to devices located at remote sites when the primary network is down, which helps mitigate potential disruptions in an SD-WAN. They can also help management use a separate management plane, apart from the network accommodating user-traffic, to securely monitor and access all devices without impacting normal operations.

In addition to enabling always-on SD-WAN infrastructure, this improves day-to-day operations in many ways, including enabling staff to pre-emptively recognize and remediate issues as well as reducing the travel required for technicians to come on site to configure new equipment or make repairs. A smart approach to network resilience is also scalable, providing the ability to manage infrastructure at distributed sites.

Be proactive: prevention is better than treatment

The adoption of SD-WAN infrastructure will continue to rise, with some projecting that revenues from the technology will reach $5.25 billion USD globally by 2023 (Statista). While this is great news for the future of controlling network traffic, it also means that organizations must implement the right tools alongside SD-WAN to ensure their networks are resilient to outages, security breaches and other disruptions.

A network is an entire ecosystem that requires preventative care and careful upfront planning if you want to keep the whole environment healthy. When network outages occur, damages accumulate and gather steam quickly. This means enterprise leaders must pre-plan and ensure they have the tools and processes in place to prevent network issues in their SD-WAN infrastructure - rather than scrambling to react.

Organizations often defer discussions around network resilience with the idea that other concerns may be more pressing, and that there will always be time to prepare. This is not ideal, and many organizations today can attest. When starting fresh or updating with a solution like SD-WAN, network resilience should be incorporated into planning network architecture as soon as possible. This can pay dividends to anyone looking to ensure their SD-WAN stays up and running.

##

About the Author

Marcio Saito is responsible for product and technology strategy for Opengear. He is based in the San Francisco Bay Area and has previously held executive level positions in global technology companies. At Cyclades, he was a pioneer in the Open Source Software movement and helped to establish the concept of out-of-band management for Data Center Infrastructure. Later, as the VP of Strategy for Avocent, he managed product and engineering teams and led the development of one of the first DCIM solutions in the market. He holds a BSEE degree from University of São Paulo.