Enterprise Networks: Maturity Assessment
Demanding challenges drive change, and change requires careful planning
Software Defined Networking holds the key to address many challenging demands of the digital transformation era, providing the necessary intelligence to dynamically shape enterprise networks, as a function of business needs. Notwithstanding, undertaking a Software Defined Wide Area Network (SD-WAN) deployment is not a straightforward exercise and the starting point for a successful journey should rest in taking a clear picture of the current WAN environment.
Understanding the 'Why?'
When it comes to defining a Wide Area Network (WAN) architecture there is no “one size fits all” approach. Organizations have different starting conditions, requirements and goals. As such, the identification of business drivers lays the foundation for determining the best fit for purpose WAN solution. In fact, the definition of technological and financial priorities unveils the challenges of the existing model and ascertains the business strategy guidelines.
In this context, it is imperative to identify what leads a particular organization to consider a WAN upgrade in the first place. This means clarifying if such motivations mainly stem from a technology enhancement perspective. For instance, for businesses reliant on a cloud transformation journey, extending security capabilities has become a top priority. Analogously, organizations with highly dynamic networking needs often seek SD-WAN to augment visibility, scalability and automation. On the other side, enterprises may primarily shift towards SD-WAN technology in the light of its inherent financial opportunities.
These benefits extend beyond rationalizing connectivity costs, resting also in TCO reduction and in soft savings.
Applying the 'How?'
In order to ensure a right-sized WAN transformation, it is key to adopt a systematic approach to characterize the network environment and point out where SD-WAN fits. With this in mind, carrying out a proper assessment entails supporting this exercise with a comprehensive analysis framework covering the following areas:
Naturally, the technical feasibility of a target state WAN architecture is dependent on the extent to which the starting conditions are analyzed.
In this sense, the success of the WAN transformation is reliant on an in-depth assessment covering the existing deployed infrastructure. In turn, such analysis, besides pinpointing the connectivity types and the links’ capacity available on a per-site basis, provides an understanding regarding the synergies established beyond the WAN domain, namely in what concerns integration with other networks and cloud services.
Furthermore, given the typical WAN’s heterogeneity in terms of site types, it is important to take an holistic view over the latter and categorize these based on geography and business requirements. Moreover, it is also pertinent to estimate how a given organization’s growth prospects are expected to affect its overall network size and topology.
Another piece of this multi-dimensional approach rests at the connectivity layer. In this context, it is key not only to identify the contractual arrangements in place for each of the transport options, but also to evaluate the underlay provider’s dispersion and the diversity of carriers available to prevent lock-in situations.
SD-WAN is touted as a technology that can greatly improve application performance by making the most out of the resources available in accordance with business priorities. As such, defending this premise involves, in a first instance, performing a comprehensive analysis to rank applications in terms of criticality and their network requirements (capacity, jitter, delay, QoS, as an example). Secondly, upholding this claim, implies taking a grasp on how the traffic flows within the WAN, namely between on-premises and cloud environments, perhaps via a data center functioning as a hub.
After all, productivity revolves around applications and, as such, recognizing both the performance issues and the future application requirements plays a pivotal role for selecting the right transformation approach.
By its very nature, the WAN is distributed, encompassing geographically dispersed branch offices, data centers and likely multiple public clouds. With this in mind, creating a sturdy security posture entails ensuring visibility of all assets, traffic flows, users and identities, outlining which perimeter controls surround these nodes, as well as perceiving how data is protected when traversing the WAN.
In fact, at the perimeter level, the scope of a maturity assessment resides in detailing not only the capabilities of edge devices and cloud security solutions, but also the management and monitoring tools and teams backing up a consistent, or not, policy enforcement. Also, to seize the ubiquity of publicly shared connectivity options, such as broadband internet and LTE, it is paramount to outline which controls safeguard data in transit, particularly which encryption mechanisms are place over these communication paths.
With any change in technology, comes a change of operating model. Moving towards a SD-WAN architecture – where the underlay is decoupled from the overlay network - requires a careful evaluation of the people, processes and tools in place to support it. Also important to understand the interactions between the different parties governing the network, exposing the roles, tools, and responsibilities associated with each entity.
Ultimately, this analysis brings to light potential drawbacks associated with current operating model and makes clear the changes that need to happen to enable a successful WAN evolution. From new roles to redesigned processes, the operating model is the enabler for maximizing the value of the network.
Clearly, there are multiple factors that should be taken into consideration to harness the full potential of SD-WAN. Thus, it is of the utmost importance to rely on a structured methodology to spot and address these considerations before rushing into a rollout phase.
Being able to assess the maturity of the network across 4 dimensions - infrastructure, performance, security and operating model - is critical to plan and execute a migration towards SD-WAN.