What to Consider when Comparing Managed SD-WAN Providers

Businesses spend a lot of time and energy on their telecommunications services, and global telecom spending is expected to amount to $1.45 trillion in 2021. 

Software Defined Wide Area Networking (SD-WAN) is the latest WAN technology advance that adds agility as well as cost effectiveness to WAN services. Because of its potential to save companies time and money, SD-WAN has grown significantly in popularity in recent years and the SD-WAN market is expected to grow 26.5% this year. 

Making the switch to a new technology such as SD-WAN is a daunting decision to start with, and with so many providers to choose from, SD-WAN procurement gets complicated fast. G2 reviews suggest that there are 75+ SD-WAN providers out there, with about 40 of them providing a managed SD-WAN solution. 

We wrote this blog to help you understand the differentiators between managed SD-WAN providers so you can make the best choice when selecting a provider for your enterprise. 

Quick review: What is SD-WAN? 

Simply put, SD-WAN is a software-defined dynamic method to manage your wide area network. An SD-WAN has a centralized control function at the software level, allowing layer 7 traffic to get directed intelligently and securely across the network while providing robust reporting and options for intelligently routing traffic across multiple transports and underlay networks.

You can buy SD-WAN services that are fully managed by the provider, fully user managed (by your IT team), or somewhere in the middle. In this post, we’re focusing on Managed SD-WAN providers.  

If you aren’t familiar with SD-WAN, we recommend you check out these articles before reading on: 

• What is SD-WAN? How Does it Compare to MPLS?

• SD-WAN for Dummies: The Ultimate 2020 Buyer's Guide

• SD-WAN vs. VPN for Enterprises: Which Makes the Most Sense for Your Company?

Factors that Differentiate SD-WAN Providers

The following are the key differentiators to consider when evaluating managed SD-WAN providers. 

• Define “Managed”

• Middle Mile/Peering Capabilities

• Appliance / Edge Device Capabilities 

• Security

• Quality of Experience (QoE)

• Managed VPNs

• WAN Ingress & Egress Traffic 

• Supply Resiliency 

• Recent M&A

Define “Managed”

As mentioned above, there’s 40+ managed SD-WAN providers out there. Unfortunately, the definition of “managed” will vary by provider.

For example, some managed SD-WAN providers will manage your underlay network while others will not. This means that if there is an issue with your underlying circuit, your SD-WAN provider will reach out to the provider and get it fixed. If they don’t manage the underlay, then your IT team is in charge of identifying and fixing underlay network issues. 

Additionally, each managed SD-WAN provider draws the line differently when it comes to what is your IT team’s responsibility and what is the SD-WAN providers’ responsibility. Sometimes the provider will manage your VPNs and other times that will be your responsibility (but for the most part, “managed SD-WAN” includes VPN management). 

Lastly, some providers will help you manage circuit Move/Add/Change requests whereas some will not include that in their definition of “managed SD-WAN”. 

Middle Mile/Peering Capabilities

When choosing a managed SD-WAN provider you need to know whether they provide a middle mile network or not and how well peered it is (if they do have a middle mile network). 

A middle mile network is when the SD-WAN provider actually maintains their own points of presences (POPs), direct cloud connectivity, and peering relationships into the public internet. Peering is a voluntary interconnection of administratively separate networks for the purpose of exchanging traffic between the users of each network at top speeds. Peering provides a customer with preferred routing: aka packets move faster from one network to another because direct connections optimize the network path.

If your SD-WAN provider has a middle mile network, you will send all of your traffic to their network and they will move it for you. For example, instead of you connecting to the Microsoft Azure cloud over the public Internet, you send traffic to your provider and they connect to Azure for you. When procuring managed SD-WAN, you should have a list of your most business-critical applications/clouds and try to choose a provider that is well peered to those applications/clouds. 

PeeringDB is an open source database where you can check out how well peered providers are. As seen here, Cato Networks is an example of a well-peered managed SD-WAN provider. However, don’t trust PeeringDB on its own; you should always double check these peering relationships with the actual provider (Cato even has a contact email for peering on their page). 

What if they don’t have a middle mile network?

If a managed SD-WAN provider does not have a middle mile network, they are simply making traffic decisions with the appliance (the “edge site”); they aren’t adding any value on traffic conditioning/routing optimization on the public Internet.  

If you choose to work with a managed SD-WAN provider who does not have a middle mile network, but you still want a direct connection into your cloud service, for example, you can procure a dedicated underlay circuit that you utilize strictly as a VPN into your cloud service.

You’d think that if an SD-WAN provider does not have a middle mile network that their services would cost less, but unfortunately that isn’t the case (as far as we’ve seen). 

Appliance/Edge Device Capability

Every SD-WAN provider has a unique appliance or “edge device” and you’ll need to vet the capabilities of each appliance before choosing a provider.  

How many WAN interfaces does the device have? What is the throughput/bandwidth capacity? Does it have redundant power supplies? Can you stack the devices for high availability? 

You’ll need to determine your appliance needs at each location and then make sure that the provider can meet those needs. Ideally, they have a solution that can handle your current and future network needs. 

Security

It should come at no surprise that enterprise networks are under constant attack. Cybercrime is expected to inflict damages totaling $6 trillion globally in 2021, according to Cybersecurity Ventures. Considering that SD-WAN utilizes the public Internet as part of its network, cyber security options are of the utmost importance when comparing providers. 

The process typically starts with basic firewalls (aka stateful firewall) and consists of a wide and growing range of other features, like SASE (Secure Access Service Edge) and Zero trust security, that offer more sophisticated security checks for today’s modern cloud applications. Typically, you’ll pay more when you add more security layers to your service.

Check out our post on The Pros & Cons of SASE to learn more about this SD-WAN security option. 

Quality of Experience (QoE)

A key feature of SD-WAN is that you are able to intelligently steer traffic over the public Internet (or your own dedicated connection). The public Internet is dynamic: traffic routes are established on the fly for each connection. Consequently, how quickly information moves from end-point to end-point is inherently unpredictable. Due to this, the term used to define SD-WAN “service levels” has its own unique name that differs from the quality definition for dedicated services. 

Quality of Experience (QoE) is the “contractual term” that defines the service level expectations for your SD-WAN. To meet QoE standards, a carrier establishes a few optimized routes for the customer’s network traffic over the public Internet. The information then moves over these predetermined pathways, rather than traffic routing over the Internet willy nilly.

Before signing up with any SD-WAN provider, you should understand their standards for QoE and track record of meeting customer expectations. 

Managed VPNs 

Businesses often establish a Virtual Private Network (VPN) link between sites. In the past, such connections were often fixed between end points, which ensured that the connection was secure but may not route information quickly or efficiently.

Managed VPNs address that limitation. They examine circuit quality in real time, identify which path is best, and route the information over that link.

As mentioned in the “Defined Managed” section, not all “managed SD-WAN” providers will actually manage your VPNs for you. Most do, but not all; some managed SD-WAN providers sell themselves as strictly a middle mile network where you use your own devices to route over their network. 

WAN Ingress and Egress Traffic  

In some cases, SD-WAN providers will assign IP address(es) to their customers but in other cases, they will not. This difference in design impacts how quickly packets move back and forth between different underlay circuits/end points and how much resiliency a line has. 

If the provider has a middle mile network you will (in most cases) be assigned an IP address. If they do not have a middle mile network then you likely won’t have unique IPs.

Supply Resiliency

Ensuring you have a steady and resilient supply of SD-WAN appliances is critical for your network. Whether you experience breakage, your appliance requires maintenance, or perhaps you want to expand your SD-WAN to a few new locations - you’ll always need more appliances. 

As the SD-WAN market has grown in recent years, the number of providers in the game has increased as well – and many of the providers are new/young companies who simply haven’t had the time to prove their business’ staying power and supply chain resiliency. 

Just because a company is young does not necessarily mean that they will run into issues such as a supply chain disruption. However, like any vendor selection process, you must complete due diligence on your potential vendors to get comfort with their operations and ability to serve your business. 

SD-WAN appliance supply resiliency is especially a focus this year as the semiconductor shortage continues.  

Any Recent M&A

As you might’ve seen in the news, the SD-WAN M&A market has been hot in recent years. 

While M&A, in theory, should mean brighter/better days for a product are in the future, this isn’t always the case. Before teaming up with a managed SD-WAN provider, you should understand their corporate structure and if they are undergoing any large corporate changes (such as M&A) that could cause any issues or changes to their services/pricing/etc. 

Summary: How to Compare Managed SD-WAN Providers

SD-WANs have continued to take market share as they empower organizations to gain more agility and control over their WAN at (typically) attractive prices. 

But, as you read here, not all managed SD-WAN providers are created equal. When evaluating SD-WAN providers, be sure to know where they stand on all of the features and capabilities outlined in this post. This can be an even more daunting decision if you're transitioning to SD-WAN from an entirely different network topology.

If that sounds like a daunting task, you can use Lightyear’s online telecom procurement software to automate that process for you. Simply fill out our 2 minute questionnaire then we’ll vet providers on your behalf and provide you with pricing to choose from. 

Looking for more SD-WAN resources? Check out our SD-WAN Procurement Checklist: 5 Questions to Ask Before you Buy next!