Northgate Gonzalez Markets, a chain of grocery stores in southern California, was launching a fast-paced digital transformation initiative that required a complete revamp of its WAN infrastructure.
Northgate was taking the bold step of eliminating its data center and moving around 500 servers’ worth of applications and data to the cloud. The old WAN topology of backhauling traffic from each of its 43 locations to a central data center via two T-1s had to be replaced with a direct, reliable, resilient, secure connection from each individual location to the cloud.
Harrison Lewis, CIO and chief privacy officer at Northgate Markets, settled on an SD-WAN deployment. After evaluating the pros and cons of the do-it-yourself (DIY) option versus a managed service, Lewis decided that a managed approach was preferable for multiple reasons, with speed at the top of the list. “We had a compressed timeline,” he says. “We didn’t have the luxury of saying, ‘Let’s take our time with it.”’
Another key consideration was the sheer wherewithal it would have taken for his IT staffers to plan, pilot, configure, deploy, troubleshoot and manage the SD-WAN infrastructure at all of those locations. “We were able to leverage the knowledge and skills of someone who had done it before,” Lewis says. While SD-WAN hardware vendors argue that deploying their devices is pretty much plug-and-play, Lewis points out that “there’s a lot to be considered, and it was critically important that we get it right.”
For Lewis, a third key driver in favor of a managed approach was the ability to go beyond core SD-WAN connectivity and order up additional features from the managed service provider, including web content filtering, anti-virus, web firewalls and secure Web gateways.
Trend lines are up for managed SD-WAN
Northgate Markets is part of a growing trend of companies moving to SD-WAN via managed services.
Gartner analyst Lisa Pierce points out an interesting dichotomy: Most companies outside the U.S. use managed services for their WAN needs, while the majority of U.S. companies, especially the larger ones, have historically taken the DIY route. But that is changing.
Enterprises that are trying to reduce expenses while also achieving greater WAN agility and performance are increasingly turning to managed SD-WAN services, according to Gartner, which predicts that managed SD-WAN will grow at a compound annual growth rate of 84.7% between 2017 and 2022.
“By year-end 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on virtualized customer premises equipment (vCPE) platforms or software defined WAN (SD-WAN) software/appliances versus traditional routers,” says the latest Gartner report on WAN edge infrastructure. “Evaluate WAN-as-a-service for your next refresh, even if you have traditionally pursued a DIY approach,” the research firm recommends.
New research from Vertical Systems Group likewise finds that the U.S. market for carrier-managed SD-WAN services (this doesn’t include managed SD-WAN provided by systems integrators) is expected to surge to $4.5 billion by 2023. That figure counts revenue from WAN access services as well as overlay features.
Managed vs. DIY
The reasons to adopt SD-WAN itself are pretty clear cut: flexibility, agility, efficiency, centralized management, and better security. With an SD-WAN overlay, companies can slash MPLS costs, optimize WAN traffic on an application by application basis, and enable branch offices to connect directly to cloud services, which translates into an improved user experience and more efficient business processes.
The choice between DIY and a managed service is more complex and depends on a variety of factors, including the state of your current WAN, the types of business pressures that might be driving a switch to SD-WAN, the skill level of IT staffers, the geographic scope of the WAN, and how much control you’re willing to hand over to a service provider.
Here are five reasons to choose a managed SD-WAN:
- Speed: The managed route is simply faster to implement. Once you’ve identified SD-WAN as a key element of the company’s digital transformation efforts and you’ve received a green light to proceed, the business expects to see the benefits as soon as possible. With the DIY approach, you essentially have to coordinate two sets of parallel vendors selections – one for the SD-WAN gear that you buy and install at branch locations and one for the WAN access service that provides cloud connectivity. With a managed service, installations can begin right away, as you reap the benefit of the service provider’s large and geographically dispersed workforce. Plus, the managed service provider doesn’t have the same learning curve that internal staffers would face; it has developed a repeatable, standardized installation methodology that’s not only fast, but also constantly being refined based on the shared experience of the service provider’s staff. The managed service provider should also be able to avoid or at least minimize the normal glitches and configuration errors that typically slow down a complex rollout.
- Staffing: Does your existing IT staff have the skills, the training, and the bandwidth to go around installing new WAN edge devices at every location? Even if they do, is that the best use of their time? And do you want to assume the ongoing task of troubleshooting, updating, monitoring and managing all of these farflung devices? The advantage of a managed service is that those headaches fall on the service provider.
- Security: MPLS or a site-to-site VPN provides a secure, encrypted connection, but once you decide to switch to direct links from branch offices to the cloud over the public Internet, security becomes a concern. Security can be bundled into an SD-WAN managed service contract.
- Management: With a managed SD-WAN, the service provider, who controls the entire end-to-end WAN infrastructure, implements the latest automated monitoring, management and performance optimization techniques, down to the individual application. In addition, most enterprises are already managing too many vendor relationships; a managed SD-WAN means there’s only ‘one throat to choke.’
- Geography: If you have a regional network and can satisfy your WAN requirements with a single service provider, DIY is an option. But if you have a multi-national, multi-continent network, it makes more sense to allow a service provider to work behind the scenes with its international partners to stitch together an integrated, global WAN.
Here are some reasons to think twice before signing up for a managed SD-WAN service.
- Lack of control: Depending on the industry, the applicable regulations and the sensitivity of data traversing the WAN, handing control over to a third-party service provider could be an issue.
- Lack of flexibility: In a DIY scenario, IT staffers can move quickly to respond to changing business conditions, for example a branch office closing or a new one opening somewhere else. Gartner’s Pierce notes that some of these managed service providers are not known for stellar customer service, so that’s something to keep in mind.
- Lock-in: Typical contracts are in the three- to four-year range, so enterprises need to be really confident that the relationship will work out.
- Cost: This one is tricky: The argument that SD-WAN cuts costs because it allows companies to reduce reliance on expensive MPLS links is true. But the calculation between DIY and managed services is far from clear cut. In fact, Pierce cautions that when all of the access charges plus add-on security and management services are factored in, companies might not save any money going the managed route.
- Lack of standards and definitions: In a recent survey of carriers worldwide conducted by Vertical Systems, 82% of carriers said their biggest challenges associated with managed SD-WAN services were the lack of standardized interoperability between devices from different vendors and the lack of an industry accepted definition for managed SD-WAN.
Managed SD-WAN vendor options
While analysts are projecting an explosion of managed SD-WAN uptake over the next few years, the market has been somewhat slow in developing. According to Vertical Systems, current market penetration for carrier-managed SD-WAN is only 5% of the total $40 billion market for managed WAN services, which also includes MPLS and site-to-site VPNs.
“Misperceptions about SD-WAN have delayed network purchase decisions and limited market growth,” says Rosemary Cochran, principal and co-founder of Vertical Systems Group. “Migration to SD-WAN is a more complex undertaking than has been pitched to date, particularly for larger enterprises and global networks.”
Cochran adds that it took some time for carriers to build out the internal processes and infrastructure required to offer a new service. But carriers are now all-in on managed SD-WAN. Of course, enterprises also have the option of working with a systems integrator. In addition, going to a managed SD-WAN doesn’t have to be all or nothing; there are hybrid options that allow enterprises to pick up management responsibilities post-installation or to enter into a co-management arrangement.
Northgate picks AT&T
In the case of Northgate Markets, AT&T, the incumbent, was almost an afterthought when Lewis was putting together a list of potential vendors. He says he didn’t think AT&T would respond well to a proposal that called for them to cannibalize their cash cow MPLS service. But AT&T came back with an impressive managed SD-WAN proposal, and Lewis hasn’t looked back.
He has been able to increase bandwidth, boost reliability, improve security and prioritize traffic at the application level. AT&T installed SD-WAN gear from VeloCloud (owned by VMware) and cloud security tools from Zscaler. The installation went “incredibly smoothly,” Lewis says.
And by having two broadband access modes – one wired, one wireless – Lewis has enjoyed uninterrupted service. In fact, he has occasionally received a notice from AT&T that there was a service interruption on the wired network several days prior, but the failover was so seamless that he wasn’t even aware of it and there was no business impact. “That’s a pretty crazy place to be as IT organization,” Lewis says.
Lewis says he’s on track to have the entire data center moved to cloud platforms by October. “This has opened up a lot of possibilities for us to continue a reduction in expenses, improve resiliency, be able to scale, innovate and differentiate. It has also enabled us to focus in on driving value to our business.”