achieving agility with cloud uc pools branch connectivity and intelligently manages traffic across...

©NemertesResearch2018www.nemertes.comDN6983 1

John Burke Principal Research Analyst and CIO Nemertes Research

Achieving Agility with Cloud UC SD-WAN reduces costs, boosts agility while better supporting cloud-based applications including UC as a Service

Q2 2018

©Nemertes Research 2018 www.nemertes.com DN6983 2

TableofContents...........................................................................................................................2

ExecutiveSummary........................................................................................................................3

TheIssue:BusinessNeedsUCaaS,UCaaSNeedsMore....................................................................4

TheShifttotheUCaaS..............................................................................................................4

It’sTimeforaNewWAN..........................................................................................................5

TheCloudRequiresaSimpler,Smarter,Software-DefinedWAN....................................................5

DirectInternetAccess..............................................................................................................5

EnterSD-WAN................................................................................................................................7

TypesofSD-WAN...........................................................................................................................7

OverlaySD-WAN.......................................................................................................................8

In-NetSD-WAN.........................................................................................................................8

DirectCloudConnect(DCC)............................................................................................................9

WAN-CloudExchanges(WAN-CX)............................................................................................9

MakingtheBusinessCaseforSD-WANwithUCaaS......................................................................10

BottomLineBenefits:CostSavings........................................................................................10

Top-LineBenefits:BusinessAgility.........................................................................................10

Bottom-lineBenefit:ManagementOverheadReduced.........................................................11

OperationalandPerformanceRiskReduced..........................................................................11

GlobalWAN,RegionalServices,UnifiedSolution...................................................................12

ConclusionsandRecommendations.............................................................................................12

Table of Contents

©NemertesResearch2018www.nemertes.comDN69833

Executive Summary Businessesarerapidlymovingtothecloudfortheircommunicationsandcollaborationneeds,especiallywhentheywanttodeliveraconsistentsetofservicestostaffanywhereintheworldwithoutthehasslesofmaintainingaPBXoftheirown.UnifiedCommunicationsasaService(UCaaS)strivestomeetbusinessneedsforfeaturesandperformance,butachievingasuccessfulrolloutmeansprovidinganetworkthatdelivershighavailability,highperformance,andtheabilitytoproactivelyaddressconditionsthatcanhurtcloudcommunicationsandcollaboration.Threeoptionsarekeytore-architectingtheWANintheageofcloud:Software-DefinedWAN(SD-WAN),DirectCloudConnect(DCC),andWAN-CloudExchanges(WAN-CX).SD-WANpoolsbranchconnectivityandintelligentlymanagestrafficacrossallavailablelinks,increasingresilienceandimprovingperformancewhilereducingmanagementcosts.DCCbypassestheInternetforcommunicationswithaspecificcloudserviceproviderbylinkingtheenterpriseWANedgetothecloudprovider’sedgedirectly.WAN-CXusesanexchangeapproachtodirectconnection:enterprisesconnecttoanexchange,thenspinupvirtuallinksthroughthatconnectiontoanycloudserviceproviderontheexchange.Connectingenterprisenetworkstocloudserviceprovidersthroughdirectconnect,SD-WAN,orWANexchangeservicesofferstheopportunitytoguaranteehighqualityapplicationservicedeliveryaswellastoreducecostsbyleveraginglower-costconnectivityoptionsglobally.ITleadersshould:

• Re-evaluatetheirwideareanetworkstrategiesinconjunctionwiththeirplanstoadoptcloudapplicationandplatformservices,especiallyUCaaS

• ExaminetheabilityofSD-WANtoreduceoperatingcosts,enablegreaterflexibility,andoptimizecloud-basedtrafficflows

• ConsiderDCCandWAN-CXofferingstoprovidemorepredictableperformance,increaseresilience,andenableend-to-endperformancemanagementforcloud-basedapplications,especiallyUCaaS

• ExplorevariousSD-WANapproachestofindtheonethatwillworkbestfortheirorganization.


The Issue: Business Needs UCaaS, UCaaS Needs More BusinessesarerapidlymovingtothecloudfortheirUnifiedCommunications(UC)andcollaborationneeds,especiallywhentheywanttodeliveraconsistentsetofservicestostaffanywhereintheworldwithoutthehasslesofmaintainingaUCplatformoftheirown.LeveragingUnifiedCommunications-as-a-Service(UCaaS)enablesorganizationstorapidlydeploynewfeaturesandcapabilities,butatthesametimeoffloadresponsibilityformanagement,maintenance,resourceprovisioning/scaling,andsecuritytoasoftwareserviceprovider.UCaaSprovidersstrivetomeetbusinesses’needsforfeatures,reliability,andperformance,butachievingasuccessfulrolloutmeansprovidinganetworkthatisoptimizedforSaaS,thatdelivershighavailability,highperformance,andtheabilitytoproactivelyaddressconditionsthathurtcloud-basedUCandcollaboration.The Shift to the UCaaS Themarchtothecloudismovingahead—andaccelerating.Nemertes’2017-18CloudandNetworkresearchstudyfoundthat:

• 60%ofcompaniesusepublicInfrastructureasaService(IaaS)• 52%usePlatform-as-a-Service(PaaS)• SaaSsolutionscompriseabout18%ofthetypicalenterprise’stotalITworkload.

Atthesametime,nearly67%oforganizationsareusingorplanningtouseUnifiedCommunicationsasaServicetoshiftsome(38%)orall(29%)oftheirtelephony,messaging,andconferencingapplicationstothecloud.ITleadersjustifythisshifttothecloudmainlybypointingimprovedagility—44%callouttheabilityforITtosupportrapidlychangingbusinessconditions.Theyalsohighlighttheabilitytoshiftcapextoopex,andtotakeadvantageofnewcapabilitiesquicklyandeasily.Nearly18%notethattheyseecloudservicesasmoresecurethanon-premisesplatforms.(PleaseseeFigure1.)

Figure1:DriversforUCaaSAdoption

3.4%

9.0%

11.0%

16.2%

16.6%

17.6%

21.0%

24.8%

26.6%

33.1%

37.2%

44.1%

Other

Acquired right tools/services to assist with migration

Can't get budget for more IT staff, but can for cloud services

Providers investing more in cloud offerings than on-prem products

Executive mandate

Security is better in the cloud

Must free IT staff for strategic initiatives

More features available in the cloud

Can roll out services faster from the cloud

Perceived overall cost savings

Reduction in capital costs (shift capex to opex)

Improved agility for IT

Drivers Toward Cloud Services


Greaterrelianceonthecloudforcriticalcommunicationsservicesmeanstheenterpriseneedsrock-solidreliabilityandhighthroughput—andalsoforapplicationintelligenceinthenetwork.Anintelligentnetworkpreserves,andimproves,performanceforbusiness-criticalapplications.It’s Time for a New WAN FormostofthelastdecadeIThasreliedonathree-tierWANarchitecture;itevolvedtodeliverapplicationshousedincorporatedatacenterstobranchofficeswithmaximumreliability.(PleaseseeFigure2.)Thisarchitectureisillsuitedtothetransitiontocloud.Thankstogrowingadoptionofcloud-basedapplications,anincreasingnumberoftrafficflowsconnectend-userdevicestosolutionsdeliveredviaIaaS,PaaS,andSaaS.UCaaSperfectlyexemplifiesthechallenges,asitweavescloudservicesintoeveryaspectofdailycommunicationsandthereforespotlightsthetorturedpathofold-WANtrafficinthecloudera:branchtoDCtocloudtoDCtobranch.

Figure2:TheCurrentDominant3-TierWANModel

The Cloud Requires a Simpler, Smarter, Software-Defined WAN Organizationscontinuetoincreasetheirnumberofphysicallocations,oftenbybreakinguplargeonesintomultiplesmallerones,orbyextendingapplicationsintothehomeviatelework.Emerging,cloud-optimizedWANapproachesincludeDirectInternetAccess,andSD-WAN.Direct Internet Access ReplacingMPLSpartiallyorfullywithdirectlyInternet-connectedofficeshasemergedasawayforITtodecreasenetworkspendwhileincreasingbandwidthandavoidingbackhaulof

Data Center

Optical, Carrier Ethernet

Internet, Satellite, broadband wireless

MPLS, Carrier Ethernet, Leased Lines

Data Center

Offices

Offices

Offices

Offices

Remote Site Remote Site


trafficdestinedfortheInternet.WithUCaaS,Internet-connectedbranchescanimproveperformancebyeliminatingthelatencyassociatedwithbackhaulingInternet-boundtrafficacrosstheWAN,andcanfurtherreducecostsbyeliminatinglocalloopsorSIPtrunksforPSTNaccess.Offloadingsomeorallsuchtraffictolower-costbranchInternetaccessreducesoravoidsloadsonhigh-costWANlinks,andtherebyreducesWANperformancechallenges,aswell.Italsoreducesloadsonfirewallsandothersecuritysystemsinthedatacenter,freesupdatacenterInternetbandwidth,andcanevenreduceoverallvulnerabilitytodenial-of-serviceattacksagainstthedatacenters(andotherincidents)bymakingitpossibleformorepeopletogetmoredonewithoutusingdatacenterservices.Internet-enabledbranchescomeintwoflavors—brancheswithdirectInternetaccesssupplementingdedicatedWANlinks,andbrancheswithInternetlinksonly—withvariationsoneach.(PleaseseeFigure3.)

Figure3:FromTraditionalWANandBackhaultoInternet-EnabledBranches

Internet-onlybranchessubstitutecheaperbandwidthforMPLSforallbranchcommunications,andcomeinthreeflavors:VPN-only,splitpipe,andInternetonly.• VPN-onlyconnectionsusethewholeInternetlinkasanencryptedpipebacktoa

companydatacenter• Internet-onlyconnectionsusethewholelinktosendtrafficouttotheInternet.To

them,thecompanydatacenterlookslikeanyotherInternetsite;staffinsuchsitesapproachinternalsystemsjustastheywouldiftheywerenotonacompanynetwork:throughpublicinterfacesorviaadevice-specificVPNratherthanafull-siteVPN

• Split-pipeinstallationsdevotesomebandwidthtoasite-to-siteVPNandtheresttodirectInternetaccess.

Theseallofferthepotentialtoreducecosts.Internet-onlyandsplit-pipedesignsalignnetworkdesignmorecloselywithcloud-centrictrafficpatterns.Internet-onlybranchesareincreasinglycommon,andslowlymoving“upmarket”tolarger,moreimportant,orhigher-riskbranches.Onitsown,though,Internetconnectivityofferlittleopportunityfornetworkarchitectstooptimizeconnectionsforspecificapplications(suchasUCaaS),enableinsightintoperformancebetweenbranchofficesandSaaSproviders,orenableoptimizedutilizationofmultipleInternetconnectionsormixedInternetandMPLSscenarios.


Enter SD-WAN Software-DefinedWAN(SD-WAN)optimizesbranchconnectivityusing:• Abstractionofedgeconnectivity:Virtuallycombiningalltheconnectionsintoa

location(InternetandMPLS)toserveasasinglepoolofcapacityforallservices• VirtualizationoftheWAN:OverlayingoneormorelogicalWANsonthepoolof

connectivity,withbehaviorandtopologyforeachvirtualWANdefinedtosuittheneedsofspecifictypesofnetworkservices,locations,orusers

• Policy-driven,centralizedmanagementanddeepvisibility:KeytoanSD-WANistheabilitytodefinebehaviorsforanoverlayWANandhavethemimplementedacrosstheentireinfrastructurewithoutrequiringdevice-by-deviceconfiguration;likewise,theabilitytosee,easily,notjustwhichapplicationsarerunningacrossthenetworkbuthowmuchcapacityisgoingtoeachandhowwelleachisperforming,somethingmanyITshopshavelongstruggledtoachievebyothermeans

• Flexible,dynamictrafficmanagementforperformanceandsecurity:SD-WANscanoptimizetrafficinmanyways,includingusingforwarderrorcorrectionandothertechniquestomitigatelatency,jitter,andpacketloss;andtheycanload-balanceandselectivelyroutetrafficacrossdifferentlinksbasedoncriteriasuchaslinkperformanceandend-to-endapplicationperformance,andcanselectivelysendingtrafficdirecttoclouddestinationsacrossbranchInternetlinks.

Figure4:SD-WANOverlaysLogicalWANsonPooledConnectivity

InterestinSD-WANisexploding,with29%ofcompaniesusingitbyendof2017,andanother13%planningtodeployin2018.Earlyadoptersreporta92%reductionintroubleshootingtimeanda95%reductioninbranchconnectivityoutages.Types of SD-WAN TherearetwokeywaystoprovideSD-WANservices:overlayandin-netSD-WAN.


Overlay SD-WAN InanoverlaySD-WAN,SD-WANendpointseitherreplacebranchroutersorsitjustbehindthem.(PleaseseeFigure5.)SD-WANappliancescancollapsethetypicalbranchstackbyreplacingnotjustarouterbutalsooptimizersandfirewalls.ConnectivityisindependentoftheSD-WANsolution,aninterchangeablepartwhosedetailstheSD-WANabstractsaway.

Figure5:OverlaySD-WANArchitecture

In-Net SD-WAN Incontrast,in-netsolutionstietheSD-WANfunctionalitytotheconnectivity.Thesefunctionsmayallbeprovidedintheserviceprovider’sedgeandcoreinfrastructure,withthebranchusingatraditionalroutertoconnecttotheprovider’snearestpointofpresence.(PleaseseeFigure6.)Or,someorallfunctionsmaybeprovidedon-premisesviaappliancesunderserviceprovidermanagement,whichpushesworkoutoftheserviceprovider’sinfrastructureandalsoallowsoptimizationoflast-mileconnectivityviacompression.In-netSD-WANprovidersusuallyuseNetworkFunctionsVirtualization(NFV),withdeliversvariousWANfeaturesusingseparate,cooperatingVirtualNetworkFunctions(VNFs)softwaremodulesrunningonasharedcustomerpremisesedge(CPE)device,orrunningintheprovider’sinfrastructureandchainedintothetrafficpaththere.NFVmakesiteasytouseawhiteboxx86serverastheCPEdeviceinsteadofsomebespoke,provider-brandedbox,decreasingvendorlock-in.

MPLS Carrier Core

Branch

DC

Branch

Inte

rnet

SD-WAN

Encrypted tunnels Optionally encrypted tunnels

SD-WAN

SD-WAN


Figure6:In-NetSD-WANArchitecture

Direct Cloud Connect (DCC) Ofcoursesometimes,routingtrafficovertheInternetisn’ttheidealoption.ExamplesincludewhenanorganizationwantstoadoptUCaaSbeforeithastheopportunitytotransitiontoSD-WAN,orwhereanSD-WANtransitionisn’tcost-effective,orwheregeographiesmaketheInternetpathtoaserviceinsufficientlyreliableorperformant.

Whenthevariabilityinlatency,loss,orspeedofanInternet-onlypathleadstounacceptableperformancevariationcloudservices,theenterprisecanconnectdirectlytoproviders’networkedgeswithservicessuchasAmazon’sDirectConnectandMicrosoft’sExpressRoute.UCaaSprovidersaregettingintothegameaswell,aswithRingCentral’sCloudConnect.

ForaDCC,theenterpriseextendsalinkfromoneofitsownedgerouterstoanedgerouterintheprovider’snetwork.Theymightpaytohavecablepulled,incaseswherethebusinesshassomeinfrastructureinadatacenterwherethecloudprovideralsohaspresence(a“meetme”space).Ortheenterprisemightleasearouterportinameet-mefacilityfromitsconnectivityprovider,extenditsWANtothatrouter,andhavetheconnectionpulledtothere.Forty-eightpercentofcompanieswillhaveatleastoneDCCbytheendof2018.

WAN-Cloud Exchanges (WAN-CX) WAN-CXsolutionsprovideanalternativetoDCCbyaddingalayerofmediationandabstraction:businessesconnecttothe“outside”oftheexchange,andmultiplecloudserviceprovidersconnecttothe“inside”ofit.Throughthephysicalconnectiontotheexchange,customerscanspinupmultiplevirtualDCCstoanyprovideronit.

SD-WAN Service Cloud

Branch Branch

DCSD-WAN

Internet

Encrypted tunnels

SD-WAN SD-WAN

PoP


WAN-CXproviderscanbetraditionalcarriersornetwork-as-a-serviceproviders;orconnectivityexchangesoperatinginsidecarrierhotelsandbigcolocation/hostingfacilitiesthatserveasmeet-mepoints.ExamplesincludeAT&TNetBond,EquinixCloudExchange,Level3CloudConnect,andVerizonSecureCloudInterconnect.

Forty-onepercentoforganizationsuseorwilluseaWAN-CXbytheendof2018.

Making the Business Case for SD-WAN with UCaaS

Bottom-Line Benefits: Cost Savings FirstandforemostthebusinesscaseformostSD-WANadoptersiscostsavings,andthemainsourceofhard-dollarcostsavingsinSD-WANisthesubstitutionoflower-costInternetconnectivityinplaceofmoreexpensiveserviceslikeMPLS.SavingsareentirelydependentonthecostandavailabilityofInternetaccess,currentMPLSrates,andthescopeofthetransition.OneNemertesclientoperatinga200siteMPLSnetworkreducedexpectedWANspendby$4.9millionoverthreeyearsbyusingSD-WANtoaddInternetservicestoitsMPLSbackbone.(PleaseseeFigure7.)

Figure7:SD-WANCostSavingsExample

Top-Line Benefits: Business Agility Speedhasvalueinbusiness.Forthegrowingnumberofbusinessesadoptinga“getclosertothecustomer”approachtotheirphysicalstorefronts,thatspeedcanbemeasuredinpartbyhowmanydaysittakestoturnupanewbranch.UCaaSsupportsthismodelperfectly:assoonasthebranchisonthenetwork,ithasUCservices.SD-WANcanradicallyreducethenumberofdaystoproductivity,byprovidinghigh-qualitynetworkservicesusingalmostanykindofconnectivity.Mostsolutionsallowfreemixtureofdifferentvarietiesoflink.So,newlocationscanbebroughtupwithwhateverformofconnectivityismostreadilyavailable,beitcableorDSLoreven4G/LTE(afavoriteredundantlinktypewhenitisnotprimary;andtypicallyavailablefrommultiplecarrierswhenitisprimary).Anewbranchcanthereforecomeonlineinunderaweek,sometimes


evenwithinadayofreceivingitsendpointequipment.ContrastthatwiththemoreusualcaseforlegacyMPLSnetworks:30tomorethan90daystoconnectupanewbranch.Bottom-line Benefit: Management Overhead Reduced SD-WANoffersnotjustthe92%reductioninWANtroubleshootingtime,butoveralla50%reductioninthenumberofstaffhoursrequiredtomanagetheWAN.Thatcantranslateintostaffexpansionsavoided,staffrepositionedtoworkonstrategicprojectsratherthanmundanemanagementtasks,orheadcountreduced.Operational and Performance Risk Reduced SD-WANsolutionscontributetotheoverallresilienceoftheorganizationinseveralways.TheymaketheorganizationlessdependentonitsowndatacentersbyallowingtraffictoflowbranchtobranchandbranchtoInternetwithoutpassingthroughadatacenter.Bymakingitcheapandsimpletoleveragemultiplenetworklinksinalocationsimultaneously,whileprovidingtransparentandreal-timefailoverofservicesfromfailinglinkstoworkingones,SD-WANkeepslocationsconnected.Byleveragingthosemultipleconnectionssimultaneously,androutingtrafficdynamicallybasedonapplicationneedsandcurrentlinkbehavior,SD-WANimprovestheperformanceofnetworkapplications,especiallyreal-timemediatoolssuchasUCaaS.SD-WANalsoimprovesUCaaSperformancethroughtrafficoptimizations.Solutionsmitigateagainstpacketloss,forexample,usingFEC(usefuleveninbrancheslackingredundantconnections)andbyemployingstrategiesliketrafficmultipathing(sendingduplicatepacketsalongdifferentpathstoensurebest-availabledeliveryforeverypacket).Theycanactivelymanipulatepacketsizestooptimizethemfordelivery;forexample,combiningpacketswhenlongpacketsaredoingbetterthanshortonesatgettingfromendtoendandbreakingpacketsintomultiplesmalleroneswhenthereverseistrue.InaUCaaSworld,addingSD-WANmeanscustomercallsdon’tgethungup,videostreamswon’tbreakup,conferencecallswillcontinueuninterrupted,evenwhenalink’sperformancewaversor(ifmultiplelinksareavailable)evenwhenalinkcompletelyfails.SomeUCaaSservicesemployoptimizationslikeFECdirectly,andcanprovidegoodperformanceoveranormallyfunctioningInternetlink.Evenforsuchsolutions,though,havingalinkfailisdeadlytoactivesessionsunlessthereisaredundantlinktofallbackon,andanintelligent,application-awareSD-WANtohidethetransitionfromendusers.Andforsolutionsthatdon’tdotheirownrobustoptimizations,SD-WANcanfillthegap.


Figure7:UCaaSplusSD-WANforInternetBranches

Global WAN, Regional Services, Unified Solution Lastly,andagainlikeUCaaS,SD-WANcanmakeiteasierfortheorganizationtospinupnewbranchesanywheretheyneedto,globally,bydeliveringaconsistentsetofserviceswhiletakingadvantageofwhateverlocalconnectivityoptionsareavailable.In-netSD-WANcanenjoyaparticularadvantageinthisscenariobyusinganoptimizedbackbonetodeliver“middle-mile”optimizationsindependentoflocale,avoidingthemulti-continentalInternetperformancethatcanbehighlyvariable.Bringinggreaterconsistencyaswellasbetterperformancetobothin-houseandSaaSapplicationscanboostproductivityglobally.Conclusions and Recommendations Enterpriseadoptionofcloud-basedapplicationsisontherise.Asaresult,traditionalnetworkarchitecturesmustevolvetosupportchangingtrafficflowsandperformancerequirementsassociatedwithcloud-basedapplications,especiallyUnifiedCommunicationsasaService.ITleadersshould:

• Reevaluatetheirwideareanetworkstrategiesinconjunctionwiththeirplanstoadoptcloudapplicationandplatformservices.

• ConsidertheabilityofSD-WANtoreduceoperatingcosts,enablegreaterflexibility,andoptimizecloud-basedtrafficflows.

• EvaluateDCCandWAN-CXofferingstojoinenterprisedatanetworkswithcloud-basedservicesandprovidepredictableperformance,resiliency,andend-to-endperformancemanagementforcloud-basedapplications,especiallyUCaaS.

• ExplorevariousSD-WANapproachestofindtherightfitforthem.

Logical SD-WAN

Branch SD-WAN

Branch SD-WAN

Internet Internet

InternetUCaaS

Internet Internet


AboutNemertes:Nemertesisaglobalresearch-basedadvisoryandconsultingfirmthatanalyzesthebusinessvalueofemergingtechnologies.Since2002,wehaveprovidedstrategicrecommendationsbasedondata-backedoperationalandbusinessmetricstohelpenterpriseorganizationsdeliversuccessfultechnologytransformationtoemployeesandcustomers.Simplyput:Nemertes’betterdatahelpsclientsmakebetterdecisions.

achieving agility with cloud uc pools branch connectivity and intelligently manages traffic across...

Documents