gallery


Beyond MPLS: How to Help Fortune 5000 Companies with SD-WAN

SDN
C3's Matthew Toth

Matthew Toth

By Matthew Toth, CEO, C3 Technology Advisors

We’re hearing a lot about the resurgence in manufacturing — Bloomberg reports that U.S. factory production rose for a fourth straight month in December, capping the strongest quarter since 2010, and Federal Reserve data shows the sector primed for further advances.

Unfortunately, today’s Fortune 5000 global manufacturers are saddled with WANs that are not only ill-equipped to handle cloud workloads, they’re actively hindering the full productivity and value of employees and applications. The typical F5000 private wide area networking model is also expensive and overly complex.

Based upon more than a dozen interviews with F5000 global manufacturing companies, we see the typical wide area network looking like something like this:

  • Data centers on two to four continents, connected via 1G or 10G connections.
  • Internet breakout occurs at the data center per region, to reduce an organization’s security surface area.
  • Each continental WAN connects to its own data center, and each continental area (North America, APAC, Europe, sometimes China by itself) has its own MPLS WAN with a limited footprint of IP VPN-only sites.
  • Cisco routers are often managed by the MPLS providers.
  • Backup/secondary circuits are often provided by the same provider that delivers the primary circuits (a head scratcher).

The explanation is that years of acquisitions and divestitures have splintered the power structure. This is outside of manufacturing as well. As many partners will recall, the typical WAN of 20 years ago connected mainframes with clients primarily via point-to-point links that were extremely slow and expensive. Bandwidth couldn’t be shared at a network operator level.

Frame relay mostly replaced point-to-point as a less costly option that also enabled clients to mesh locations together using PVCs. Frame relay gave way to MPLS around 2005 thanks to its lower cost and ability to provide better prioritization of applications.

Then, for most large companies, time stopped. WANs were seemingly frozen in place.

Problem is, in 2005, the internet was still in its infancy, Office 365 hadn’t been invented, public cloud didn’t exist and virtualization hadn’t taken hold. Client data centers hosted 99 percent of enterprise applications.

MPLS was the perfect WAN technology for the time, but that time has passed.

Today’s enterprise network must support public cloud, private cloud, SaaS, Office 365, DevOps, remote users, cloud interconnects and legacy applications — and do so securely. MPLS is not up to that task.

The fact is, most F5000 WANs are stuck in 2005 for two main reasons.

First, network operators, including AT&T, BT and Verizon, didn’t innovate. Yes, incremental improvements were made to MPLS, but the core technology didn’t change much, because there’s no impetus to invest in R&D. The network operators’ landline divisions are, overall, a profitability drag on overall earnings.

For operators, wireless is significantly more profitable than wireline. So there’s little appetite to disrupt the market for MPLS, the highest-priced and highest-margin WAN product in the landline division. Would you further reduce profitability in an already financially weak sector of your company? Absolutely not. Operators are going to ride that MPLS gravy train until it’s disrupted, and then do their best to integrate that disruption into that legacy revenue to increase the life expectancy of MPLS.

Second, Cisco sales and engineers have, through an ecosystem of sales, support, certifications and training, continued to push MPLS. Cisco’s domination of UC and desire to provide a stable environment for its products meant a perpetual backing of MPLS. Many engineers to this day do not believe that any kind of QoS is available when an internet last mile is utilized, which is false.

So where does this leave F5000s?

Click through our gallery below for lessons on how to help customers make the move to SD-WAN — and why.

Matthew Toth is founder and CEO of C3 Technology Advisors.

Datapipe's Robb Allen

How to Sell? Push the Pain Points

Getting the conversation started with Fortune 5000 customers can be a struggle. Engineers hate to mess with their WANs. But there are nine conversation starters, focused around their concerns about legacy wide-area networking and whether it can support the cloud connectivity that line-of-business (LOB) leaders demand.

  1. MPLS links take a long time to deploy, and adds and changes are slow as well.
  2. Even large customers are seeing decreasing service levels/responsiveness from operators.
  3. MPLS is expensive. Agents know how to so a cost analysis.
  4. MPLS was built when a WAN was typically inwardly focused, with no cloud-based apps. Is that reality now? Not a chance.
  5. Related, ask whether IT can provide good branch connectivity to public clouds if the primary WAN technology is MPLS.
  6. Security is a concern if internet breakout happens at the branch/facility level.
  7. Latency can be a problem if users must connect to a non-regional/continental application.
  8. Guess what: Your users may have accepted subpar application experience as the norm and don’t even submit IT tickets. This is often a cultural phenomenon based on the user’s nationality, but millennials won’t be so accepting.
  9. The China problem: MPLS is expensive there, and an internet VPN doesn’t work. It can be difficult getting good feedback from users. 

So what should you advise your F5000 customers to do?

2019 Resolutions
Tap the Brakes

First, stop ordering more MPLS. Work with the customer to evaluate SD-WAN to see how it can fulfill their WAN and cloud-access needs. There are many competing providers out there with different value propositions, feature sets and maturity levels. My company, C3 Technology Advisors, has built a services business around helping customers decide which SD-WAN product is the right fit. You can do this as well, or turn to your own adviser.

Yes, their Cisco guy is telling them to evaluate Viptela.  Keep going.

Microsoft's Gavriella Schuster
Watch Contracts with an Eye on the Long Game

Start strategizing now on the future of the customer’s network. Don’t wait until the end of existing contracts. Incumbent MPLS vendors may try, through a series of perpetual upgrades and changes to MPLS circuits and bandwidths, to extend contractual commitments for large customers. The hope is, these changes will slip by.

As an adviser with expertise in this area, you know what to look for. Nix any contract change that will reduce your ability to help the customer introduce technologies, such as SD-WAN, that can reduce spend.

Microsoft's Gavriella Schuster
Plan for VPN Needs ...

If the customer needs private connectivity and SD-WAN + internet-only doesn’t suffice, evaluate a WAN provider with a private core that can be accessed using an Internet connection and a VPN tunnel. Examples are Aryaka and Cato Networks.

Most F5000 companies also have VPNs in place for small offices and remote workers. Some SD-WAN providers, like VeloCloud, can accommodate IP-Sec VPNs.

Need more branch-office support? In this report, we explain how a hybrid WAN can bundle multiple connection types and provide customers with business-class features, security and connectivity to locations where traditional circuits would be prohibitively expensive.

Microsoft's Gavriella Schuster
... and for Pushback

When working with CIOs and business leadership at F5000s on moving to SD-WAN, especially managed by a partner, expect pushback from internal network/router teams. These engineers might feel devalued as their knowledge on CLI routing, the inner workings of MPLS and traditional networking becomes less relevant. 

It’s up to their leadership to assure them that moving to a more modern WAN architecture will help them keep their own skill sets up to date. And, less time spent on CLIs is more time they can devote to newer, more business-relevant techs.

Rocket guy_gumption
Keep an Open Mind

As a digital services provider, don’t feel you need a limited portfolio of suppliers. In particular, don’t limit your SD-WAN and WAN technology portfolio to just the upper-right portion of the Gartner Magic Quadrant. While those suppliers are household names, and that brings a certain sense of comfort, true innovation very often isn’t coming from these vendors. We often find that smaller companies are easier to do business with as well.

In fact, it is our view that nontraditional suppliers with innovative SD-WAN products have a real opportunity to make waves in the enterprise market. F5000 customers – and partners – should keep an open mind when strategizing.

Channel Partners' regular SD-WAN roundups highlight innovative suppliers.

Lorna Garey
Bake In Security from the Start

Review the customer’s security architecture before recommending a move to a WAN comprised of Internet + SD-WAN. One reason MPLS has remained popular is security. With the introduction of more internet in a WAN, and the pushing of internet breakouts down to the branch level, you need to re-evaluate security, possibly bringing in a specialist.

Our stance: Customers should plan on being breached, regardless of the number of layers of security they have in place. Focus on reducing dwell time and using behavioral analysis. Many of the customers we work with are trialing cloud-based security solutions, like cloud proxies from Zscaler, that are much simpler to deploy and manage than on-site security devices. In fact, Aryaka recently partnered with Zscaler to combine its SD-WAN with Zscaler’s cloud security. Zscaler also inked a deal with Riverbed.

Note that I personally shy away from claiming cost savings on an SD-WAN comprised mostly of internet circuits vs. MPLS because that money should often be shifted to security.

Continuum's Michael George
To the Cloud!

Ask your SD-WAN supplier how to create better branch access to Azure, AWS, Office 365 and other public-cloud services in use by the customer. We have found that enterprise teams at AWS and Microsoft often push hyperscaling to F5000 organizations before their WANs are ready to handle it. That can mean an unnecessarily poor experience for end users.


Leave a comment

Your email address will not be published. Required fields are marked *

Polls

Which best describes your business?

View Results

Loading ... Loading ...
The ID is: 94080