Digital transformation is only as effective as the network that underpins it.
Traditional network technology was developed in the late 90’s when clouds meant bad weather and the biggest challenge to the IT team was to ensure voice and video traffic was protected from the new wave of data traffic.
Since then cloud computing, mobility and the Internet of Things have radically changed the consumer and enterprise IT landscape. Yet the average organisation still uses the same network technology that was developed in the late ‘90s.
Traditional WAN technologies like MPLS, VPLS and VPN tunnels struggle to meet enterprise IT’s current needs. Connecting numerous applications, hosted in a complex combination of private and public cloud environments, is operationally intensive and expensive.
Bandwidths and performance are put under further pressure as it becomes easier to connect high-speed Ethernet and mobile devices to networks. Furthermore, the breadth of connectivity has dramatically increased the range of security threats a network has to deal with.
A growing number of Australian enterprises have turned to SD-WAN as a solution. SD-WAN combines a number of advances in network technology, each of which better support modern network requirements.
Here are four ways in which SD-WAN can underpin a digital transformation agenda:
SD-WAN introduces a powerful, software-based service layer that decouples services delivered to users and sites from the underlying connections providers by the Telcos. The service layer is known as the “overlay” network, while the traditional telco connectivity is known as the “underlay”.
In traditional networks, every endpoint on the network must be connected by a common network technology to ensure any-to-any user connectivity with consistently high quality. SD-WAN technology can build these overlay networks on top of a broad range of telco underlay networks, allowing customers to choose the highest-performing option for their business.
In practice, this means organisations can swap out expensive WAN connections, like MPLS, for lower-cost Internet and Ethernet services that are being introduced by the smaller Telcos and the National Broadband Network.
In addition, it means organisations can pool all of the networks they have across their business (including those for data centres, branches, and mobile) into a larger logical overlay network. This ensures they’re making the most use of all of their capacity at any given time, providing significant choice and flexibility to enterprise and government buyers.
Australian businesses are no strangers to cost and performance issues in WAN deployments. Piecemeal capacity upgrades and long circuit delivery timeframes have typically encouraged IT teams to over-provision their capacity – an approach that rarely proves cost-effective in the long run.
Being locked into traditional WAN architectures hasn’t helped businesses improve their performance, either: a recent IDC survey found that 65% of Australian enterprises send 50% or more of their branch office traffic looping back to a data centre or central office before connecting to the public Internet for onward routing to a software as a service or web-based services.
As a result, many organisations are challenged to provide a positive user experience for their applications.
SD-WAN provides two key tools to enhance user experience. Firstly, it allows for SaaS and web destined traffic to connect to via direct internet connection at the customers’ site which avoids looping back to the data centre. This reduces latency, saves on backhaul costs and enhances the user experience.
Furthermore, SD-WAN provides tools that can inspect and prioritise traffic based on a customer’s application priority. In practice, this means the network can now tell the difference between an Office 365 document and a browsing session on Facebook – and automatically assign the appropriate priority to each.
Although IT can now deliver new cloud-based applications and infrastructure faster than ever before, the network remains a bottleneck. High degrees of network complexity means that changes in functionality take significant time in planning and execution: every device on the network has to be modified separately for any function to be delivered.
Similarly, new endpoints on the network are dependent on slow fixed-telecom connections, and the availability of change-windows, for their successful deployment.
SD-WAN overcomes these challenges with the introduction of network analytics and network-wide automation. Analytics reduces the amount of time taken to plan changes, as all the information a network administrator needs are at their fingertips.
Automation makes it easier to test complex changes and, once change management has been agreed, enables the administrator to push changes to many sites as he or she wishes to.
For many new sites, provisioning is accelerated and simplified with a combination of 4G connections on devices and zero-touch provisioning functionality. This means that when the device is powered up to a new site, it simply phones home to obtain its configuration and join the network.
Cybersecurity in Australia is no longer simply IT’s responsibility. Governance requirements such as data breach notification, coupled with diverse local and overseas rules about data privacy and sovereignty, have made security a matter for the entire boardroom.
Unfortunately, at the same time, the businesses are exposing their networks to more security threats and taking on more risk.
Connecting to business partners along the supply chain, providing more customer-facing applications over the internet, providing access to business applications for remote or mobile workers, and even opening up wireless to enhance its customers' experience – all these create new and easily-overlooked risk profiles for the enterprise.
It should come as no surprise that, according to IDC’s research, 2 in every 3 Australian businesses are now purchasing managed security services: today, few in-house teams can keep up with the complexity and speed at which threats evolve.
While traditional network security fuses on pushing traffic through secure gateways into trusted networks, SD-WAN’s design takes a “zero-trust “ approach to security. This is designed to provide inherently secure connectivity in any situation.
Firstly, SD-WAN encrypts all traffic from every end-point with strong encryption keys, ensuring sensitive data cannot be decoded. It then allows easy segmentation of different traffic types into separately encrypted sub-networks: this means critical information can be insulated from other traffic, while third party suppliers can be segregated away from enterprise traffic.
For example, credit card data can be set up in a separate sub-network. Finally, the in-built automation within the SD-WAN control structure applies security policies and updates from a single point, reducing the likelihood of inconsistent implementations that might lead to a breach.
More and more Australian IT leaders have recognised that digital transformation cannot succeed without a new approach to network infrastructure. SD-WAN offers the choice, flexibility, and control that businesses need to keep up with the growing volume and complexity of digital applications and services.
Just like how the cloud revolutionised storage and applications, SD-WAN looks set to redefine enterprise networks throughout Australia. Those who take steps to adopt it now will enjoy a first-mover advantage – and the means to fully realise their digital transformation agenda – well into the future
Article by Tarquin Bellinger, chief operating officer, NTT Communications ICT Solutions