The SD-WAN work-from-home conundrum


Johannesburg, 20 May 2021
Colin Thornton, CFO, Turrito Networks.
Colin Thornton, CFO, Turrito Networks.

Software-defined networking provides massive improvements against more traditional MPLS wide area networks. But in the remote work era, is SD-WAN enough or should we be talking more about cloud proxies and Web gateways?

The market needed more network flexibility and visibility, so in 2013, SD-WAN emerged as an alternative concept and quickly evolved into a commercial product popular among customers. The SD-WAN market, already worth $2 billion, is anticipated to reach $19 billion by 2026 (Market Research Future).

SD-WAN is fast becoming the ubiquitous networking tech of the connected world. But, notes Turrito Networks' CFO, Colin Thornton, the rapid adoption of work-from-home (WFH) working created a blindspot for SD-WAN customers.

"I don't see people talking about the downside of SD-WAN when it comes to remote working, especially in South Africa. SD-WAN, ironically, still relies on fairly high-level hardware at each point, and with the FTTH revolution, a lot of people only have entry-level routers at home. They can still connect to the SD-WAN, but only using VPN-like technology which has downsides like slower speeds and latency.”

Equipping remote workers

SD-WAN offers a couple of significant benefits. It manages network traffic by selecting the best routes, allows Internet access across multiple (often cheaper) mediums, and gives administrators clear views and control of the entire software-defined part of the network.

"SD-WAN is a great solution. Definitely, if people are going back to the office and most of the employees are sitting in branches, SD-WAN is a big improvement on anything else. And there are lots of options, including good hardware and as a service products, which make SD-WAN secure, affordable and flexible.

“Yet remote workers represent a challenge. The real SD-WAN benefits rely on high-end hardware at each site and businesses, understandably, don’t want to ship an expensive router to each person's house. The most common routers at homes (especially free models shipped by ISPs) can’t be properly connected to the software-defined corporate network and then admins need to create workarounds or allow users to connect directly to the Internet with little control or security and zero reporting.

"You also have to make sure that the hardware is configured properly. That's a lot easier to maintain nowadays and is one of SD-WAN's benefits. Most of the brands will have a single pane of glass type of portal. But if you don't have that level of control, you're going to have problems configuring and supporting all those home users," says Thornton.

Establishing such oversight and control threatens to be very costly, and if an employee leaves the company, recovering that hardware is an additional headache. SD-WAN in the work-from-home era is only half the answer.

The rise of cloud proxies

Cloud proxies and secure Web gateways are stepping in to help. Roughly as old as the SD-WAN markets, providers such as Z-Scaler, Cisco, Forcepoint and McAfee have experienced significantly more demand for such services.

Cloud proxies and gateways are similar to their traditional counterparts in that they manage and route traffic according to policies set by administrators. But they don't require any hardware, and they are not, unlike traditional proxies, focused on single applications or narrow traffic categories. Like SD-WAN, they provide dynamism and visibility.

"All the traffic is going through that proxy, regardless of where the user is, and you get really granular control of it. You can also add extra features, such as phishing detection or deep packet inspection – all the things that firewalls do. But it's in the cloud and requires no additional hardware."

Cloud proxies and secure Web gateways used to fall short in terms of performance, especially latency. Yet they’ve matured over the past several years and, today, in our remote working environments, fit very well for a market that desperately needs more networking management and oversight choices. That desperation is evident in a rush to bring such proxies and gateways onboard, resulting in Z-Scaler's stock value rising more than four times since 2020.

If a company wants to get the most out of its SD-WAN investments while supporting remote workers, it would be wise to adopt cloud proxies or gateways. Alternatively, if a company is still using a legacy WAN topology like MPLS, it might consider skipping SD-WAN completely and investigating a cloud proxy strategy instead.

"I'm not attacking SD-WAN," Thornton explains. "We design and implement SD-WAN regularly. But it was designed, in a pre-COVID world, to link multiple offices and their branches, not a thousand employees working from home.

"I think the market isn't talking about this because SD-WAN is still relatively new and compelling, and the changes due to the pandemic are also still being discussed and debated. But for those organisations that aren’t planning on a full return to the office, cloud proxies or gateways must be on the agenda. Even if there’s a plan for a partial return to the office, or an existing SD-WAN in place, these technologies can add massive value.”

Share