Post on 27-Jun-2018
transcript
©NemertesResearch2018www.nemertes.comDN6983 1
John Burke Principal Research Analyst and CIO Nemertes Research
Achieving Agility with Cloud UC SD-WAN reduces costs, boosts agility while better supporting cloud-based applications including UC as a Service
Q2 2018
©Nemertes Research 2018 www.nemertes.com DN6983 2
TableofContents...........................................................................................................................2
ExecutiveSummary........................................................................................................................3
TheIssue:BusinessNeedsUCaaS,UCaaSNeedsMore....................................................................4
TheShifttotheUCaaS..............................................................................................................4
It’sTimeforaNewWAN..........................................................................................................5
TheCloudRequiresaSimpler,Smarter,Software-DefinedWAN....................................................5
DirectInternetAccess..............................................................................................................5
EnterSD-WAN................................................................................................................................7
TypesofSD-WAN...........................................................................................................................7
OverlaySD-WAN.......................................................................................................................8
In-NetSD-WAN.........................................................................................................................8
DirectCloudConnect(DCC)............................................................................................................9
WAN-CloudExchanges(WAN-CX)............................................................................................9
MakingtheBusinessCaseforSD-WANwithUCaaS......................................................................10
BottomLineBenefits:CostSavings........................................................................................10
Top-LineBenefits:BusinessAgility.........................................................................................10
Bottom-lineBenefit:ManagementOverheadReduced.........................................................11
OperationalandPerformanceRiskReduced..........................................................................11
GlobalWAN,RegionalServices,UnifiedSolution...................................................................12
ConclusionsandRecommendations.............................................................................................12
Table of Contents
©NemertesResearch2018www.nemertes.comDN69833
Executive Summary Businessesarerapidlymovingtothecloudfortheircommunicationsandcollaborationneeds,especiallywhentheywanttodeliveraconsistentsetofservicestostaffanywhereintheworldwithoutthehasslesofmaintainingaPBXoftheirown.UnifiedCommunicationsasaService(UCaaS)strivestomeetbusinessneedsforfeaturesandperformance,butachievingasuccessfulrolloutmeansprovidinganetworkthatdelivershighavailability,highperformance,andtheabilitytoproactivelyaddressconditionsthatcanhurtcloudcommunicationsandcollaboration.Threeoptionsarekeytore-architectingtheWANintheageofcloud:Software-DefinedWAN(SD-WAN),DirectCloudConnect(DCC),andWAN-CloudExchanges(WAN-CX).SD-WANpoolsbranchconnectivityandintelligentlymanagestrafficacrossallavailablelinks,increasingresilienceandimprovingperformancewhilereducingmanagementcosts.DCCbypassestheInternetforcommunicationswithaspecificcloudserviceproviderbylinkingtheenterpriseWANedgetothecloudprovider’sedgedirectly.WAN-CXusesanexchangeapproachtodirectconnection:enterprisesconnecttoanexchange,thenspinupvirtuallinksthroughthatconnectiontoanycloudserviceproviderontheexchange.Connectingenterprisenetworkstocloudserviceprovidersthroughdirectconnect,SD-WAN,orWANexchangeservicesofferstheopportunitytoguaranteehighqualityapplicationservicedeliveryaswellastoreducecostsbyleveraginglower-costconnectivityoptionsglobally.ITleadersshould:
• Re-evaluatetheirwideareanetworkstrategiesinconjunctionwiththeirplanstoadoptcloudapplicationandplatformservices,especiallyUCaaS
• ExaminetheabilityofSD-WANtoreduceoperatingcosts,enablegreaterflexibility,andoptimizecloud-basedtrafficflows
• ConsiderDCCandWAN-CXofferingstoprovidemorepredictableperformance,increaseresilience,andenableend-to-endperformancemanagementforcloud-basedapplications,especiallyUCaaS
• ExplorevariousSD-WANapproachestofindtheonethatwillworkbestfortheirorganization.
©NemertesResearch2018www.nemertes.comDN69834
The Issue: Business Needs UCaaS, UCaaS Needs More BusinessesarerapidlymovingtothecloudfortheirUnifiedCommunications(UC)andcollaborationneeds,especiallywhentheywanttodeliveraconsistentsetofservicestostaffanywhereintheworldwithoutthehasslesofmaintainingaUCplatformoftheirown.LeveragingUnifiedCommunications-as-a-Service(UCaaS)enablesorganizationstorapidlydeploynewfeaturesandcapabilities,butatthesametimeoffloadresponsibilityformanagement,maintenance,resourceprovisioning/scaling,andsecuritytoasoftwareserviceprovider.UCaaSprovidersstrivetomeetbusinesses’needsforfeatures,reliability,andperformance,butachievingasuccessfulrolloutmeansprovidinganetworkthatisoptimizedforSaaS,thatdelivershighavailability,highperformance,andtheabilitytoproactivelyaddressconditionsthathurtcloud-basedUCandcollaboration.The Shift to the UCaaS Themarchtothecloudismovingahead—andaccelerating.Nemertes’2017-18CloudandNetworkresearchstudyfoundthat:
• 60%ofcompaniesusepublicInfrastructureasaService(IaaS)• 52%usePlatform-as-a-Service(PaaS)• SaaSsolutionscompriseabout18%ofthetypicalenterprise’stotalITworkload.
Atthesametime,nearly67%oforganizationsareusingorplanningtouseUnifiedCommunicationsasaServicetoshiftsome(38%)orall(29%)oftheirtelephony,messaging,andconferencingapplicationstothecloud.ITleadersjustifythisshifttothecloudmainlybypointingimprovedagility—44%callouttheabilityforITtosupportrapidlychangingbusinessconditions.Theyalsohighlighttheabilitytoshiftcapextoopex,andtotakeadvantageofnewcapabilitiesquicklyandeasily.Nearly18%notethattheyseecloudservicesasmoresecurethanon-premisesplatforms.(PleaseseeFigure1.)
Figure1:DriversforUCaaSAdoption
3.4%
9.0%
11.0%
16.2%
16.6%
17.6%
21.0%
24.8%
26.6%
33.1%
37.2%
44.1%
Other
Acquired right tools/services to assist with migration
Can't get budget for more IT staff, but can for cloud services
Providers investing more in cloud offerings than on-prem products
Executive mandate
Security is better in the cloud
Must free IT staff for strategic initiatives
More features available in the cloud
Can roll out services faster from the cloud
Perceived overall cost savings
Reduction in capital costs (shift capex to opex)
Improved agility for IT
Drivers Toward Cloud Services
©NemertesResearch2018www.nemertes.comDN69835
Greaterrelianceonthecloudforcriticalcommunicationsservicesmeanstheenterpriseneedsrock-solidreliabilityandhighthroughput—andalsoforapplicationintelligenceinthenetwork.Anintelligentnetworkpreserves,andimproves,performanceforbusiness-criticalapplications.It’s Time for a New WAN FormostofthelastdecadeIThasreliedonathree-tierWANarchitecture;itevolvedtodeliverapplicationshousedincorporatedatacenterstobranchofficeswithmaximumreliability.(PleaseseeFigure2.)Thisarchitectureisillsuitedtothetransitiontocloud.Thankstogrowingadoptionofcloud-basedapplications,anincreasingnumberoftrafficflowsconnectend-userdevicestosolutionsdeliveredviaIaaS,PaaS,andSaaS.UCaaSperfectlyexemplifiesthechallenges,asitweavescloudservicesintoeveryaspectofdailycommunicationsandthereforespotlightsthetorturedpathofold-WANtrafficinthecloudera:branchtoDCtocloudtoDCtobranch.
Figure2:TheCurrentDominant3-TierWANModel
The Cloud Requires a Simpler, Smarter, Software-Defined WAN Organizationscontinuetoincreasetheirnumberofphysicallocations,oftenbybreakinguplargeonesintomultiplesmallerones,orbyextendingapplicationsintothehomeviatelework.Emerging,cloud-optimizedWANapproachesincludeDirectInternetAccess,andSD-WAN.Direct Internet Access ReplacingMPLSpartiallyorfullywithdirectlyInternet-connectedofficeshasemergedasawayforITtodecreasenetworkspendwhileincreasingbandwidthandavoidingbackhaulof
Data Center
Optical, Carrier Ethernet
Internet, Satellite, broadband wireless
MPLS, Carrier Ethernet, Leased Lines
Data Center
Offices
Offices
Offices
Offices
Remote Site Remote Site
©NemertesResearch2018www.nemertes.comDN69836
trafficdestinedfortheInternet.WithUCaaS,Internet-connectedbranchescanimproveperformancebyeliminatingthelatencyassociatedwithbackhaulingInternet-boundtrafficacrosstheWAN,andcanfurtherreducecostsbyeliminatinglocalloopsorSIPtrunksforPSTNaccess.Offloadingsomeorallsuchtraffictolower-costbranchInternetaccessreducesoravoidsloadsonhigh-costWANlinks,andtherebyreducesWANperformancechallenges,aswell.Italsoreducesloadsonfirewallsandothersecuritysystemsinthedatacenter,freesupdatacenterInternetbandwidth,andcanevenreduceoverallvulnerabilitytodenial-of-serviceattacksagainstthedatacenters(andotherincidents)bymakingitpossibleformorepeopletogetmoredonewithoutusingdatacenterservices.Internet-enabledbranchescomeintwoflavors—brancheswithdirectInternetaccesssupplementingdedicatedWANlinks,andbrancheswithInternetlinksonly—withvariationsoneach.(PleaseseeFigure3.)
Figure3:FromTraditionalWANandBackhaultoInternet-EnabledBranches
Internet-onlybranchessubstitutecheaperbandwidthforMPLSforallbranchcommunications,andcomeinthreeflavors:VPN-only,splitpipe,andInternetonly.• VPN-onlyconnectionsusethewholeInternetlinkasanencryptedpipebacktoa
companydatacenter• Internet-onlyconnectionsusethewholelinktosendtrafficouttotheInternet.To
them,thecompanydatacenterlookslikeanyotherInternetsite;staffinsuchsitesapproachinternalsystemsjustastheywouldiftheywerenotonacompanynetwork:throughpublicinterfacesorviaadevice-specificVPNratherthanafull-siteVPN
• Split-pipeinstallationsdevotesomebandwidthtoasite-to-siteVPNandtheresttodirectInternetaccess.
Theseallofferthepotentialtoreducecosts.Internet-onlyandsplit-pipedesignsalignnetworkdesignmorecloselywithcloud-centrictrafficpatterns.Internet-onlybranchesareincreasinglycommon,andslowlymoving“upmarket”tolarger,moreimportant,orhigher-riskbranches.Onitsown,though,Internetconnectivityofferlittleopportunityfornetworkarchitectstooptimizeconnectionsforspecificapplications(suchasUCaaS),enableinsightintoperformancebetweenbranchofficesandSaaSproviders,orenableoptimizedutilizationofmultipleInternetconnectionsormixedInternetandMPLSscenarios.
©NemertesResearch2018www.nemertes.comDN69837
Enter SD-WAN Software-DefinedWAN(SD-WAN)optimizesbranchconnectivityusing:• Abstractionofedgeconnectivity:Virtuallycombiningalltheconnectionsintoa
location(InternetandMPLS)toserveasasinglepoolofcapacityforallservices• VirtualizationoftheWAN:OverlayingoneormorelogicalWANsonthepoolof
connectivity,withbehaviorandtopologyforeachvirtualWANdefinedtosuittheneedsofspecifictypesofnetworkservices,locations,orusers
• Policy-driven,centralizedmanagementanddeepvisibility:KeytoanSD-WANistheabilitytodefinebehaviorsforanoverlayWANandhavethemimplementedacrosstheentireinfrastructurewithoutrequiringdevice-by-deviceconfiguration;likewise,theabilitytosee,easily,notjustwhichapplicationsarerunningacrossthenetworkbuthowmuchcapacityisgoingtoeachandhowwelleachisperforming,somethingmanyITshopshavelongstruggledtoachievebyothermeans
• Flexible,dynamictrafficmanagementforperformanceandsecurity:SD-WANscanoptimizetrafficinmanyways,includingusingforwarderrorcorrectionandothertechniquestomitigatelatency,jitter,andpacketloss;andtheycanload-balanceandselectivelyroutetrafficacrossdifferentlinksbasedoncriteriasuchaslinkperformanceandend-to-endapplicationperformance,andcanselectivelysendingtrafficdirecttoclouddestinationsacrossbranchInternetlinks.
Figure4:SD-WANOverlaysLogicalWANsonPooledConnectivity
InterestinSD-WANisexploding,with29%ofcompaniesusingitbyendof2017,andanother13%planningtodeployin2018.Earlyadoptersreporta92%reductionintroubleshootingtimeanda95%reductioninbranchconnectivityoutages.Types of SD-WAN TherearetwokeywaystoprovideSD-WANservices:overlayandin-netSD-WAN.
©NemertesResearch2018www.nemertes.comDN69838
Overlay SD-WAN InanoverlaySD-WAN,SD-WANendpointseitherreplacebranchroutersorsitjustbehindthem.(PleaseseeFigure5.)SD-WANappliancescancollapsethetypicalbranchstackbyreplacingnotjustarouterbutalsooptimizersandfirewalls.ConnectivityisindependentoftheSD-WANsolution,aninterchangeablepartwhosedetailstheSD-WANabstractsaway.
Figure5:OverlaySD-WANArchitecture
In-Net SD-WAN Incontrast,in-netsolutionstietheSD-WANfunctionalitytotheconnectivity.Thesefunctionsmayallbeprovidedintheserviceprovider’sedgeandcoreinfrastructure,withthebranchusingatraditionalroutertoconnecttotheprovider’snearestpointofpresence.(PleaseseeFigure6.)Or,someorallfunctionsmaybeprovidedon-premisesviaappliancesunderserviceprovidermanagement,whichpushesworkoutoftheserviceprovider’sinfrastructureandalsoallowsoptimizationoflast-mileconnectivityviacompression.In-netSD-WANprovidersusuallyuseNetworkFunctionsVirtualization(NFV),withdeliversvariousWANfeaturesusingseparate,cooperatingVirtualNetworkFunctions(VNFs)softwaremodulesrunningonasharedcustomerpremisesedge(CPE)device,orrunningintheprovider’sinfrastructureandchainedintothetrafficpaththere.NFVmakesiteasytouseawhiteboxx86serverastheCPEdeviceinsteadofsomebespoke,provider-brandedbox,decreasingvendorlock-in.
MPLS Carrier Core
Branch
DC
Branch
Inte
rnet
SD-WAN
Encrypted tunnels Optionally encrypted tunnels
SD-WAN
SD-WAN
©NemertesResearch2018www.nemertes.comDN69839
Figure6:In-NetSD-WANArchitecture
Direct Cloud Connect (DCC) Ofcoursesometimes,routingtrafficovertheInternetisn’ttheidealoption.ExamplesincludewhenanorganizationwantstoadoptUCaaSbeforeithastheopportunitytotransitiontoSD-WAN,orwhereanSD-WANtransitionisn’tcost-effective,orwheregeographiesmaketheInternetpathtoaserviceinsufficientlyreliableorperformant.
Whenthevariabilityinlatency,loss,orspeedofanInternet-onlypathleadstounacceptableperformancevariationcloudservices,theenterprisecanconnectdirectlytoproviders’networkedgeswithservicessuchasAmazon’sDirectConnectandMicrosoft’sExpressRoute.UCaaSprovidersaregettingintothegameaswell,aswithRingCentral’sCloudConnect.
ForaDCC,theenterpriseextendsalinkfromoneofitsownedgerouterstoanedgerouterintheprovider’snetwork.Theymightpaytohavecablepulled,incaseswherethebusinesshassomeinfrastructureinadatacenterwherethecloudprovideralsohaspresence(a“meetme”space).Ortheenterprisemightleasearouterportinameet-mefacilityfromitsconnectivityprovider,extenditsWANtothatrouter,andhavetheconnectionpulledtothere.Forty-eightpercentofcompanieswillhaveatleastoneDCCbytheendof2018.
WAN-Cloud Exchanges (WAN-CX) WAN-CXsolutionsprovideanalternativetoDCCbyaddingalayerofmediationandabstraction:businessesconnecttothe“outside”oftheexchange,andmultiplecloudserviceprovidersconnecttothe“inside”ofit.Throughthephysicalconnectiontotheexchange,customerscanspinupmultiplevirtualDCCstoanyprovideronit.
SD-WAN Service Cloud
Branch Branch
DCSD-WAN
Internet
Encrypted tunnels
SD-WAN SD-WAN
PoP
©NemertesResearch2018www.nemertes.comDN698310
WAN-CXproviderscanbetraditionalcarriersornetwork-as-a-serviceproviders;orconnectivityexchangesoperatinginsidecarrierhotelsandbigcolocation/hostingfacilitiesthatserveasmeet-mepoints.ExamplesincludeAT&TNetBond,EquinixCloudExchange,Level3CloudConnect,andVerizonSecureCloudInterconnect.
Forty-onepercentoforganizationsuseorwilluseaWAN-CXbytheendof2018.
Making the Business Case for SD-WAN with UCaaS
Bottom-Line Benefits: Cost Savings FirstandforemostthebusinesscaseformostSD-WANadoptersiscostsavings,andthemainsourceofhard-dollarcostsavingsinSD-WANisthesubstitutionoflower-costInternetconnectivityinplaceofmoreexpensiveserviceslikeMPLS.SavingsareentirelydependentonthecostandavailabilityofInternetaccess,currentMPLSrates,andthescopeofthetransition.OneNemertesclientoperatinga200siteMPLSnetworkreducedexpectedWANspendby$4.9millionoverthreeyearsbyusingSD-WANtoaddInternetservicestoitsMPLSbackbone.(PleaseseeFigure7.)
Figure7:SD-WANCostSavingsExample
Top-Line Benefits: Business Agility Speedhasvalueinbusiness.Forthegrowingnumberofbusinessesadoptinga“getclosertothecustomer”approachtotheirphysicalstorefronts,thatspeedcanbemeasuredinpartbyhowmanydaysittakestoturnupanewbranch.UCaaSsupportsthismodelperfectly:assoonasthebranchisonthenetwork,ithasUCservices.SD-WANcanradicallyreducethenumberofdaystoproductivity,byprovidinghigh-qualitynetworkservicesusingalmostanykindofconnectivity.Mostsolutionsallowfreemixtureofdifferentvarietiesoflink.So,newlocationscanbebroughtupwithwhateverformofconnectivityismostreadilyavailable,beitcableorDSLoreven4G/LTE(afavoriteredundantlinktypewhenitisnotprimary;andtypicallyavailablefrommultiplecarrierswhenitisprimary).Anewbranchcanthereforecomeonlineinunderaweek,sometimes
©NemertesResearch2018www.nemertes.comDN698311
evenwithinadayofreceivingitsendpointequipment.ContrastthatwiththemoreusualcaseforlegacyMPLSnetworks:30tomorethan90daystoconnectupanewbranch.Bottom-line Benefit: Management Overhead Reduced SD-WANoffersnotjustthe92%reductioninWANtroubleshootingtime,butoveralla50%reductioninthenumberofstaffhoursrequiredtomanagetheWAN.Thatcantranslateintostaffexpansionsavoided,staffrepositionedtoworkonstrategicprojectsratherthanmundanemanagementtasks,orheadcountreduced.Operational and Performance Risk Reduced SD-WANsolutionscontributetotheoverallresilienceoftheorganizationinseveralways.TheymaketheorganizationlessdependentonitsowndatacentersbyallowingtraffictoflowbranchtobranchandbranchtoInternetwithoutpassingthroughadatacenter.Bymakingitcheapandsimpletoleveragemultiplenetworklinksinalocationsimultaneously,whileprovidingtransparentandreal-timefailoverofservicesfromfailinglinkstoworkingones,SD-WANkeepslocationsconnected.Byleveragingthosemultipleconnectionssimultaneously,androutingtrafficdynamicallybasedonapplicationneedsandcurrentlinkbehavior,SD-WANimprovestheperformanceofnetworkapplications,especiallyreal-timemediatoolssuchasUCaaS.SD-WANalsoimprovesUCaaSperformancethroughtrafficoptimizations.Solutionsmitigateagainstpacketloss,forexample,usingFEC(usefuleveninbrancheslackingredundantconnections)andbyemployingstrategiesliketrafficmultipathing(sendingduplicatepacketsalongdifferentpathstoensurebest-availabledeliveryforeverypacket).Theycanactivelymanipulatepacketsizestooptimizethemfordelivery;forexample,combiningpacketswhenlongpacketsaredoingbetterthanshortonesatgettingfromendtoendandbreakingpacketsintomultiplesmalleroneswhenthereverseistrue.InaUCaaSworld,addingSD-WANmeanscustomercallsdon’tgethungup,videostreamswon’tbreakup,conferencecallswillcontinueuninterrupted,evenwhenalink’sperformancewaversor(ifmultiplelinksareavailable)evenwhenalinkcompletelyfails.SomeUCaaSservicesemployoptimizationslikeFECdirectly,andcanprovidegoodperformanceoveranormallyfunctioningInternetlink.Evenforsuchsolutions,though,havingalinkfailisdeadlytoactivesessionsunlessthereisaredundantlinktofallbackon,andanintelligent,application-awareSD-WANtohidethetransitionfromendusers.Andforsolutionsthatdon’tdotheirownrobustoptimizations,SD-WANcanfillthegap.
©NemertesResearch2018www.nemertes.comDN698312
Figure7:UCaaSplusSD-WANforInternetBranches
Global WAN, Regional Services, Unified Solution Lastly,andagainlikeUCaaS,SD-WANcanmakeiteasierfortheorganizationtospinupnewbranchesanywheretheyneedto,globally,bydeliveringaconsistentsetofserviceswhiletakingadvantageofwhateverlocalconnectivityoptionsareavailable.In-netSD-WANcanenjoyaparticularadvantageinthisscenariobyusinganoptimizedbackbonetodeliver“middle-mile”optimizationsindependentoflocale,avoidingthemulti-continentalInternetperformancethatcanbehighlyvariable.Bringinggreaterconsistencyaswellasbetterperformancetobothin-houseandSaaSapplicationscanboostproductivityglobally.Conclusions and Recommendations Enterpriseadoptionofcloud-basedapplicationsisontherise.Asaresult,traditionalnetworkarchitecturesmustevolvetosupportchangingtrafficflowsandperformancerequirementsassociatedwithcloud-basedapplications,especiallyUnifiedCommunicationsasaService.ITleadersshould:
• Reevaluatetheirwideareanetworkstrategiesinconjunctionwiththeirplanstoadoptcloudapplicationandplatformservices.
• ConsidertheabilityofSD-WANtoreduceoperatingcosts,enablegreaterflexibility,andoptimizecloud-basedtrafficflows.
• EvaluateDCCandWAN-CXofferingstojoinenterprisedatanetworkswithcloud-basedservicesandprovidepredictableperformance,resiliency,andend-to-endperformancemanagementforcloud-basedapplications,especiallyUCaaS.
• ExplorevariousSD-WANapproachestofindtherightfitforthem.
Logical SD-WAN
Branch SD-WAN
Branch SD-WAN
Internet Internet
InternetUCaaS
Internet Internet
©NemertesResearch2018www.nemertes.comDN698313
AboutNemertes:Nemertesisaglobalresearch-basedadvisoryandconsultingfirmthatanalyzesthebusinessvalueofemergingtechnologies.Since2002,wehaveprovidedstrategicrecommendationsbasedondata-backedoperationalandbusinessmetricstohelpenterpriseorganizationsdeliversuccessfultechnologytransformationtoemployeesandcustomers.Simplyput:Nemertes’betterdatahelpsclientsmakebetterdecisions.