In this article

Enterprises are recognizing SD-WAN as a mature technology but designing and deploying an SD-WAN solution can be challenging.

Companies must decipher a solution's actual capabilities from those advertised. And while product roadmaps are exciting and rich, rapid innovations in the market can make information that was pertinent six months ago irrelevant.

At a basic level, there are three elements that are critical to success to consider when selecting an SD-WAN solution.

The solution should:

  1. Be capable of replacing existing infrastructure.
  2. Provide enough functionality to address business requirements.
  3. Integrate well with your enterprise architecture.

The primary elements every SD-WAN solution must incorporate.

Several myths have cropped up in the ever-changing SD-WAN market that have hindered properly assessing these elements.

Three myths in particular are due for some busting.

Myth 1: All SD-WAN solutions offer the same functionality as routers

Router features

Routers have been the de facto standard for remote branch access in the enterprise for decades. The term "router" implies a single function, but over the years these devices have become feature rich with multiple capabilities.

Branch router configurations can exceed 1,500 lines of code and cover network functions like Quality of Service (QoS), IPsec VPN, dynamic routing, NetFlow, SNMP, syslog, zone-based firewall (ZBFW), access control lists (ACL), event management, voice gateways, and much more.

Turning these features on gives engineers the ability to address various use cases and achieve business outcomes for their organization.

Feature parity

The value proposition of SD-WAN solution quickly erodes if it cannot address the required use cases and deliver business outcomes similar to the traditional router.

Enterprises are not looking to run a software-defined solution in tandem with existing routers to address router deficiencies. Doing so would significantly increase operational complexity and result in a higher total cost of ownership for the overall solution.

Instead, enterprises want to consolidate traditional routers and replace them where it makes sense. To do this, enterprises need an "SD-WAN router" that provides enough feature parity or functionality to make it a viable option for full router replacement.

SD-WAN deployment

So how does SD-WAN replace a traditional router?

First, let's look at how SD-WAN is commonly deployed.

While there are virtual options (best suited for the cloud), the most common deployment is vendor-branded hardware known as an SD-WAN edge. The edge must be capable of terminating a variety of service provider handoffs (e.g., Ethernet, LTE or T1) as well as providing routing or switching access to the branch infrastructure.

Another emerging deployment model is Network Functions Virtualization (NFV), which combines virtualization and white box compute platforms.

Regardless of the deployment model, there is a physical networking requirement that ultimately ties back to the SD-WAN edge.

Next, the SD-WAN device must provide the functionality required to integrate the branch into the WAN and the remainder of the enterprise network.

Router replacement?

Organizations often activate a router feature to solve a particular problem. While this may not be ideal engineering, the alternative requires too much change. The problem with this approach is that, fast forward a few years, and activated features have become critical aspects of the organization's overall network.

When the same organization considers an SD-WAN solution, they'll encounter the same problems that led them to activate the router features. The only way to address the issue now is to map it to a feature of the SD-WAN solution or tackle the root of the issue.

Enterprises will more than likely be in a stretched state, and an SD-WAN migration is a big enough project already. Tackling the root cause isn't usually an option.

If SD-WAN cannot fully replace the traditional router, yet an existing router is still critical to tying an organization's environment together and still addresses unique requirements — which solution do you think an organization will go with?

Probably the one that provides the required functionality. One can argue about superior application performance, but in the end, the solution that causes the least upheaval will likely win out.

Due to the role router features have historically played in enterprise networks, not all SD-WAN solutions can fully replace routers.

Myth 2: All SD-WAN solutions are comprehensive

Many vendors have deep roots in one of the core foundational SD-WAN technologies: routing, security or application awareness.

When you consider the changing requirements of the modern enterprise and the rapid innovation of today's technology, you'll see gaps emerge between solutions.

Historically, traditional enterprise routers were upgraded every five to seven years in conjunction with their lifecycle. New features were rarely added during a tech refresh. Instead, they were added incrementally and only after the careful planning and development of an implementation strategy.

With SD-WAN, enterprises are often being asked to replace infrastructure plus add a host of new features and functionality — all in one fell swoop.

Vendors are releasing new features as often as every three to six months, features that may be critical for implementation or that even negate design decisions due to prior system limitations.

The accelerated pace of feature releases makes sense as organizations must now carefully consider where workloads live (e.g., the public cloud) and how to consume cloud services.

Some vendors are striving to integrate security to provide segmentation and direct internet access. Others are providing solutions to support public cloud and colocation connectivity. And some are focusing on enhancing core routing capabilities to enable deeper integration into complex networks.

It is important to understand which of these capabilities are fully tested and ready for production while keeping a close eye on a vendor's roadmap for new features. Features you need may be roadmapped or part of a recent release but not yet available in a stable version.

Taking into account the varying focus of vendors and the rapid release of new features, not all SD-WAN solutions are comprehensive.

Myth 3: Migrating to SD-WAN is as easy as plugging it in

SD-WAN has been sold as the "easy button" to modern WAN infrastructure operation and management.

While this vision is certainly true of the end state of an SD-WAN deployment, it downplays the challenges that come with SD-WAN adoption.

Software-defined solutions offer a new way of thinking about branch networks, but that does not mean old best practices should be thrown out the window. Sensible network architecture that adopts technology in a structured manner is still the best way to integrate new solutions into existing infrastructure.

Nor should we forget the design principles that have been around for decades. These may vary but tend to follow three standard phases: plan, build and manage.

To realize the benefits of SD-WAN, an organization must invest a significant amount of time and effort in the planning phase. This includes activities such as:

  1. Market research.
  2. Network and application discovery.
  3. Proof of concept or production pilot testing.
  4. Migration strategy.
  5. Training.

These activities are critical to understanding how a solution will integrate into an organization's network and support ongoing business activities.


Software-defined technologies are meant to disrupt your organization in a positive way. Failure to carefully consider and plan your SD-WAN deployment could cause disruption of a much less pleasant kind.

To be effective in the planning stage, enterprises need to develop the skills necessary to effectively deploy SD-WAN. This can be fast tracked by working with a partner who provides SD-WAN expertise coupled with a strong understanding of network infrastructure fundamentals.

Following the planning phase, the build phase implements the deployment plan and migration strategy.


The level of effort required during a build phase can vary significantly based on an enterprise's environment and architectural vision. For example, deploying SD-WAN headend devices in an existing data center may take less time than coupling the deployment and standing up new colocation facilities.

After several branch sites have been migrated to SD-WAN and operational viability has been proven, then subsequent branch migrations become run rate.

However, there is still a logistical burden to deal with. There will be a period of time when SD-WAN is running alongside the original WAN infrastructure. This deployment and stretched state can last months or years depending on the size of the WAN.


The management and build phases overlap some, but the general idea is that during the management phase, the deployment has been successful and most, if not all, of the SD-WAN solution is in place in the network.

This phase is where organizations start to realize the true benefits of SD-WAN: centralized management, configuration consistency, global policy application, simplified software upgrades, zero-touch RMA, network visibility and much more.

Oftentimes SD-WAN is a preamble to more change within the enterprise as users are positioned closer to workloads in the public cloud (AWS, Azure, GPC) and SaaS applications that are optimized for dedicated internet access (DIA).

Because SD-WAN has reduced the operational complexity of managing the WAN, organizations are freer to pursue more strategic initiatives (such as cloud first) and actualize their business needs."

The basic design principles of plan, build and manage remind us that adopting SD-WAN is not as easy as plugging it in, despite what some may say.

Sample SD-WAN architecture


Every enterprise has unique network requirements and a unique footprint. Selecting the right SD-WAN solution comes down to identifying which one meets their requirements and provides the features most comparable to those of existing routers in their environment.

While SD-WAN represents digital transformation, enterprises still need to perform business as usual. They will be in a stretched state as they migrate, and at the end of the day, they simply need a solution that works.

Business leaders don't care if one vendor performs milliseconds faster than another or which vendor dropped 10 less packets in the span of an hour, as long as the SD-WAN solution supports successful day-to-day business operations.

In the end, it's all about the identifying the solution that best operates with your existing WAN and prepares your organization to grow in the future.

Unfortunately, these three myths aren't facts. SD-WAN is a significant journey for any enterprise and one that'll look different based on unique needs and requirements.

Luckily, we have end-to-end capabilities to help you get there. Learn more about our labs to see how we help organizations explore, design, implement and operate SD-WAN.

And remember to connect with me. SD-WAN is my passion, and I'm always up for some good myth busting.