Checklist / Networking / SD-WAN / WAN
SD-WAN Procurement Checklist: 5 Questions to Ask Before you Buy
If you haven’t already made the switch to Software-Defined Wide Area Networking (SD-WAN), there’s a good chance that your company is, at least, evaluating this new-age technology. While SD-WAN provides a plethora of benefits to your enterprise network, there’s also many questions you need to ask yourself before even thinking about procuring the service.
This post provides a “checklist” for you to review prior to procuring SD-WAN. Knowing the answer to these questions will help you procure the best-fit solution for your enterprise.
Fair warning that this post contains a bit of networking jargon. If you’d like to brush up on SD-WAN before reading any further, check out these resources:
SD-WAN Procurement Checklist:
1. What’s your use case?
Your network use case is the first and foremost consideration when evaluating SD-WAN.
1a. Do you need site to site VPN?
Although SD-WAN includes “WAN,” not every SD-WAN solution includes inter-office VPN capabilities.
So, if you need to connect directly between offices with your SD-WAN, you need to look for providers who offer this capability. BigLeaf is an example of a provider who does not provide inter-office managed VPNs.
1b. Do you need active load balancing?
Given the “smart traffic queuing” that is a staple for all SD-WAN solutions, you’d be surprised to learn that not all SD-WAN providers offer active load balancing. If this is something you require, make that known to the providers (or your SD-WAN procurement partner) up front. Meraki is an example of a provider who does not support active load balancing, only failover.
However, it’s worth noting that not every enterprise network needs or wants active load balancing.
Say you have a cellular connection as your secondary circuit (i.e. your backup connection). Cellular connections tend to be slower and much more expensive than your regular way circuits. This is an example of where you wouldn't want to employ active load balancing; you'd want to use your expensive secondary connection exclusively for failover.
1c. How will remote users access the network?
Historically, enterprises have offered network access to remote employees through a VPN or remote desktop environment. While these have largely worked, the pandemic has put an increased focus on optimization for remote users.
To this end, many SD-WAN providers offer small appliances for offices of one, and/or offer software that runs on remote user's laptop. Both allow remote users not only to securely access the WAN, but also to gain access to preferred routes over a middle mile network. You can even enable traffic prioritization for remote workers with SD-WAN (i.e. prioritizing their file transfer data over their YouTube streaming data).
As expected, if you require these remote worker capabilities with your SD-WAN, you need to make sure you’re procuring from a provider who offers these solutions.
2. How many locations/appliances need to be serviced?
How many locations will you be servicing with your SD-WAN? When kicking off an SD-WAN procurement project, you should know the answer to this question for your current business state and have an idea of your future growth needs as well.
This is important because, first and foremost, SD-WAN is often billed “per appliance” - either on a monthly basis or as a one time fee. (On top of the appliance fee, you are typically charged for the actual bandwidth utilization as well as a SD-WAN management fee - discussed in later sections.)
Once you know the number of appliances you require, you need to determine the appliance specifications based on the needs of each location where it will be deployed. For most SD-WAN deployments, the number of locations won’t have a big impact on your procurement process (i.e. you likely don't need to worry if they will have enough appliances or not) but it WILL have an impact on cost depending on how much your appliance specifications vary by location (more customization = more expensive).
Note that every enterprise location will need to utilize the same SD-WAN provider, but there might be some edge cases where you can have a self-managed SD-WAN appliance from one provider sitting on top of another managed SD-WAN appliance.
3. What are your bandwidth / throughput requirements?
To estimate your bandwidth requirements, you need to know all of the applications and services you want to put on your SD-WAN overlay and the bandwidth requirements of each. These requirements will vary depending on where you are accessing your applications from: public cloud, private cloud, or locally. You also need to take into account what your users are doing on those applications, what the application use cases are, when they are being used, and how often.
Bandwidth needs estimation is both an art and a science. The general rule we follow is based on determining if your network utilizes primarily “low bandwidth activities” (such as internet browsing or emailing) or “high bandwidth activities” (such as large file downloads/uploads and video calling). If you utilize primarily low bandwidth activities, multiply the number of users on your network by three, and that will equal a rough estimate of your bandwidth needs in megabits per second (Mbps). If you utilize primarily high bandwidth activities, multiply the number of users on your network by ten, and that will equal a rough estimate of your bandwidth needs in Mbps.
Note that SD-WAN appliance bandwidth needs often take into consideration your primary and your secondary circuit. I.e., if you have 100 Mbps DIA primary circuit and a 500 Mbps best effort secondary circuit, the SD-WAN provider will likely charge you for 600 Mbps of throughout.
4. Will the provider assign IP addresses?
If you choose to use a middle mile network provider it’s worth asking if they assign IP addresses to their customers. Some SD-WAN providers do this, some don’t.
Having a public or static IP address assigned by the SD-WAN provider allows you to have multiple underlay circuits/ISPs route ingress and egress traffic from different underlay carriers that have their own separate IPs. Simply stated, the internet sees all of your traffic coming from the single IP assigned by SD-WAN provider’s cloud network/IP, regardless of how many different IPs/ISP connections make up your underlay network.
What does it mean if your SD-WAN provider doesn’t have a middle mile network? Read more on that here.
5. What are your network security needs?
What are your network security needs and how does that impact your SD-WAN buying decision?
It’s becoming common to buy security packaged with your SD-WAN service, but this is not always the case. If you want to buy security WITH your SD-WAN service, you need to know this up front because not all SD-WAN companies provide security services.
Once you decide to buy security with your SD-WAN services, you'll need to know the level of security you require between your locations and remote workers.
With SD-WAN, the security capabilities range from a basic firewall to full blown SASE. Table stakes security is having a solution that encrypts your traffic and securely transmits it, while SASE is a step up from basic security. Most SD-WAN providers offer IPSec to secure site-to-site VPN traffic with up to-256 bit encryption, and some even go as far as providing Layer 7 firewalling. Pairing your SD-WAN solution with SASE will ensure the tightest security standards.
If you utilize a separate security solution that you'd like to integrate with your SD-WAN, flag this up front to your provider as not all SD-WAN solutions offer such integrations.
These questions are less pertinent to determine pre-procurement, but you should understand how they play into an SD-WAN procurement/deployment.
6. What contract length do you want?
Before reaching out to carriers, you should determine what contract term length you are comfortable with (with 36 months being the standard).
Oftentimes, the hardware appliance costs will be amortized over the life of the contract. In this case, a longer contract service will result in a lower monthly recurring cost (MRC), but not necessarily a lower total cost.
Note that SD-WAN contracts typically come with more flexibility than a typical circuit.
7. What’s your installation timeline?
Last, but certainly not least, are the installation considerations of choosing an SD-WAN solution.
7a. Install Interval:
As long as there’s no reliance on new underlay circuits, SD-WAN installation intervals tend to be much faster than circuits given that SD-WAN can be deployed over existing connectivity.
A 50-location deployment may come with an average installation interval of 30 to 45 days, but this will vary based on project complexity.
One important note to hit on is that SD-WAN generally involves much shorter installation intervals than MPLS (more on SD-WAN vs MPLS here).
7b. Install Cost:
Going into the SD-WAN buying process, it should be noted that almost all providers charge an upfront cost for SD-WAN in addition to the ongoing subscription fee.
Switching from MPLS to SD-WAN? Read this first
When planning a move from MPLS to SD-WAN, considering your existing network architecture (which likely drove the decision to implement MPLS initially) is the best place to start.
In particular, you need to think through which applications and resources are especially sensitive to latency, jitter and packet loss. SD-WAN is proficient at enabling consistent and predictable access to SaaS based applications that often reside in public clouds, but for centralized systems built in private clouds/data center environments there may need to be additional considerations. Examples of these are VoIP, ERP, financial trading systems, etc.
Designing a wide area network is a huge undertaking that calls for compromise around every corner. As you can see by these five (+2), not-so-simple questions - there’s a lot to scope out when considering an SD-WAN deployment for your enterprise.
The telecom industry tends to lack transparency. We hope that this post provided some clarity on what to think about when procuring SD-WAN and will help your IT team avoid wasting time and money in the process.
Speaking of time and money savings… Lightyear’s free, online telecom procurement software has helped hundreds of enterprises procure their SD-WAN solutions. Our software manages the entire procurement process from quoting to implementation and project management. You can get started for free with our 2-minute online questionnaire here!
Want to learn more about how Lightyear can help you?
Let us show you the product and discuss specifics on how it might be helpful.