SD-WAN Vs. MPLS: Choose The Best WAN Solution For You

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Unless you were living under a rock, you probably heard about SD-WAN and its promise to transform enterprise networking as we know it. And, by enterprise networking we mean the use of MPLS at the core of enterprise networks. So, to SD-WAN or to MPLS? Here is what you need to consider.

MPLS Pros And Cons

If you are an MPLS customer, you are familiar with the benefits and challenges of the technology. MPLS is a premium networking service with guarantees around dedicated capacity, maximum latency and packet loss, and link availability. However, the service that comes with these guarantees is very costly, forcing enterprises to deploy just enough MPLS capacity in order to reduce their monthly spend. Furthermore, to ensure service levels, MPLS services must be deployed to the customer premises, which creates substantial lag time until a new office can be up and running on the service. To meet service levels, carriers prefer their MPLS networks very stable, so changes and adjustments also tend to be slow.

The MPLS architecture and its guarantees are now under pressure. As business applications migrate to the cloud, demand for Internet capacity increases. In the past, companies backhauled Internet traffic across their MPLS backbone to a secured, Internet portal. The cost of that backhaul, from both capacity and latency standpoint, was manageable when Internet usage was minimal. This is now no longer the case. In addition, MPLS service guarantees were offered between enterprise locations, not the enterprise and the Internet, where the customer’s carrier ultimately lost control of the traffic to other carriers.

SD-WAN Edge Appliances: Not Quite The Answer

This is where SD-WAN comes to play. SD-WAN creates a superset of MPLS by incorporating the MPLS service into a virtual overlay including additional services, such as cable, xDSL and 4G/LTE. These services offer a different set of attributes than MPLS: more capacity for less cost, faster deployment but often less predictability. By routing traffic across the overlay based on application requirements and underlying service quality, SD-WAN can bypass some of the challenges of MPLS. Routing becomes more flexible and backhauling of Internet traffic can be reduced. Services can be aggregated to maximize capacity. Branches can be deployed more quickly, initially on Internet services and with MPLS brought into the overlay as needed.

SD-WAN has several key challenges when compared with traditional MPLS architectures. Customers need to secure Internet traffic at the branch location or in the cloud to benefit from backhaul elimination. SD-WAN using edge technology alone cannot replace MPLS, unless the customer is willing to relinquish the end-to-end latency and packet loss guarantees that come with MPLS. Cloud resources and mobile users are unaffected by the SD-WAN edge capabilities, which are designed for physical locations.

Some of these issues may not be critical in all cases. For example, regional customers that have stable and high-quality Internet connectivity may not see packet loss or latency as inhibitors to move off MPLS. Another example will be a move to cloud-based apps that makes MPLS less critical to ensure application service levels. In both cases, SD-WAN can help support the transition from a hybrid WAN (MPLS+Internet) to Internet-only WAN.

Cloud-Based SD-WAN: A New Approach

Some SD-WAN vendors, like Cato Networks, expanded the scope of SD-WAN into a cloud-based, global SD-WAN service that includes SLA-backed backbone, built-in security, and extension of the overlay to cloud resources and mobile users. This architecture enables enterprises to augment and ultimately replace their MPLS architectures, address new security requirements, and support their needs outside branch locations.

Ultimately, customers need to make a decision. Continue with the current MPLS architecture or deploy one of the flavors of SD-WAN we discussed above to augment or eliminate MPLS. In the table below we summarize the considerations to make this decision. We will compare MPLS, Edge SD-WAN (using edge routers and central management), and Cloud-based SD-WAN (using a private backbone with built-in Next Generation Firewall).

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Cato Networks
Cato Networks is rethinking network security from the ground up and into the Cloud. Cato has developed a revolutionary new Network Security as a Service (NSaaS) platform that is changing the way network security is delivered, managed, and evolved for the distributed, Cloud-centric, and mobile-first enterprise. Based in Tel Aviv, Israel, Cato Networks was founded in 2015 by cybersecurity luminary Shlomo Kramer, who previously co-founded Check Point Software Technologies and Imperva, and Gur Shatz, who previously co-founded Incapsula.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?