Why not all HybridWAN Solutions Were Created The Same

According to Gartner, one of the key architectural characteristics of SD-WAN is the ability to leverage a variety of transport mechanisms to connect branches in a way that achieves an optimal mix of reliability, application performance and cost efficiency.

The current status quo is simple: as they adopt SD-WAN, enterprises -among other things- look to reduce cost and increase agility by looking beyond MPLS for branch connectivity. The cost gap between MPLS and internet connectivity can be as high as a 100x factor, while the performance gap is very significantly less. The latter is particularly true if you combine premium last mile connectivity to the branch with a private, global L2 core network infrastructure that overcomes the limitations of SLA guarantees between service provider domains, as is the case with the Aryaka Managed SD-WAN model.

The term HybridWAN has been widely coined in SD-WAN to refer to traditional MPLS connectivity combined with direct internet access (DIA) and/or LTE wireless connectivity.  But note that MPLS is still extensively used wherever strict SLAs are required, because the typical SD-WAN overlay architecture relies on the deterministic nature of an MPLS physical underlay to try to deliver on QoS guarantees that are outside its own control.

Consequently, when most SD-WAN vendors talk about the advantages of HybridWAN, how internet connectivity is much cheaper and how they allow you to leverage it, that applies for non-business critical applications. If you leverage the internet connectivity option for traffic that is business-critical and then complain about user experience, your SD-WAN vendor will tell you “Well, what were you thinking, setting up a traffic policy for business-critical traffic to run over a best-effort internet transport tunnel?”. A virtual overlay SD-WAN network basically outsources SLA guarantees to the physical underlay network, and MPLS remains a critical part of the picture to deliver on enterprise-class network performance.

And there is one further complication: when you build a global network, even if you leverage extensive MPLS connectivity, you’ll depend on the infrastructures of several different service providers to deliver end-to-end SLA guarantees. And we all know service providers as a rule don’t guarantee cross-domain SLAs, since they do not have control of the entire path and MPLS peering agreements between service providers seldom guarantee QoS.

The Aryaka model is different. Let’s start with the challenge of global connectivity: because Aryaka owns its private, L2 global infrastructure, it does guarantee global, end-to-end SLAs. Just like AWS wouldn’t tell you “that EC2 instance somehow moved outside the infrastructure we own, so sorry if your marketplace app could not process orders for a while, but it was outside our domain”, Aryaka does never outsource business-critical SLAs to infrastructure elements it does not entirely control. Customers’ subscribed core bandwidth is always guaranteed. That’s a core architectural element of Aryaka’s global L2 private network.

The Aryaka model allows you to augment and perhaps replace your expensive MPLS links (when you’re ready) with premium internet connectivity to the Global Aryaka L2 private core network. This model leverages the best locally available internet connectivity to one of over 30 global Aryaka’s POPs (point of presence), which are within 30ms of over 90% of the world’s knowledge worker population. Business critical traffic travels over an optimized global Aryaka transport highway, free of the constraints of traditional service providers’ domain and SLA boundaries. It is a bomb-proof way to deliver global SLAs for business-critical applications that require strict deterministic network performance guarantees.

But we will readily admit it: while our global L2 private connectivity service is priced very competitively against global MPLS-based offerings, it is a premium service. And enterprises these days run many applications that may not be quite as business-critical, or that don’t necessarily benefit from superior, deterministic QoS. For example, many enterprises offer guest WiFi services that should be broken out into the internet as soon as possible.

In the Aryaka model we leverage premium internet connectivity wherever we can. We have 10 years of experience in procuring premium direct internet access to connect branches: tell us where they are, we can manage connectivity with our last mile services, or point you the right way based on our experience. We know that last mile is going to perform at MPLS SLA levels at a significantly reduced cost point. But not all of the traffic that originates in a branch needs to travel around the world on our Aryaka private L2 core network infrastructure.

The Aryaka HybridWAN definition differs from the usual MPLS-plus-internet SD-WAN overlay definition, because Aryaka HybridWAN offers on 3 possible transport paths out of the branch that *all* rely on premium, redundant internet last mile connectivity based on SmartLINK technology:

  • The Aryaka path to SmartConnect provides the industry-leading capabilities of the Aryaka solution for business-critical applications, both on-premise and cloud-based: fully deterministic support for 5 Classes of Service (CoS), full application visibility and application optimization capabilities.
  • The internet path can provide an IPSec-encrypted VPN-tunnel to remote sites across the public internet. This primarily provides a path for lower priority business applications that do not require strict SLAs. The internet VPN-tunnel can also provide a backup communication path in the unlikely case that the primary path via SmartConnect degrades or fails.
  • The local breakout to the public Internet option typically serves the purpose of connecting to consumer-grade cloud-based applications (i.e. Facebook, Youtube etc).

Network Monitoring Portal
Figure 1: MyAryaka console view of Aryaka Core vs internet path traffic

As previously mentioned, the Aryaka solution often co-exists with traditional MPLS connectivity, however over time customers tend to start to migrate traffic from MPLS to the SmartConnect Aryaka core network as they establish that it provides MPLS performance at internet access cost, given its optimal synergy with the global Aryaka L2 core.

In a nutshell: Aryaka’s HybridWAN is fundamentally different as it primarily leverages DIA last-mile connectivity and Aryaka’s global private L2 network, instead of perpetuating the model of relying on a cost-intensive MPLS infrastructure to try to deliver on a consistent user experience for business critical applications for the digital, cloud-first enterprise.

Want to learn more? Please book a demo with one of our experts.

About the author

Paul Liesenberg
Paul is a Director in Aryaka’s Product Solutions Team. Paul has over 20 years of experience in product marketing, product management, sales engineering, business development and software engineering in Cisco, LiveAction, Bivio Networks and StrataCom. Paul enjoys scuba diving, motorcycles, open software projects and oil painting.
CTO Insights

2023 Enterprise Network Transformation Report

Download Report >>

Unified SASE Whitepaper

Download Whitepaper >>

Where Do I Start With SASE Evaluations: SD-WAN, SSE, Single-Vendor SASE, or Managed SASE?

A Gartner® Emerging Tech Report

Download Report >>