What is SDWAN and Which One is Right for Your Business?

SD-WANs are one of the biggest trends in enterprise networking today, even more so when combined with current interest in SASE architectures. Companies of all sizes are looking toward this next generation WAN technology as the best alternative to legacy networks to connect far-flung offices to resources hosted in the data center and the cloud. Many analysts and research firms expect the market to reach into the billions over the next couple of years.

Today, there is some confusion in the market as to whether SD-WAN is a component of SASE, or if it is a standalone set of capabilities.  Though the analyst forecast detailed later in this blog incorporates it within the overall SASE market, networking is still a distinct buying center.  The remainder of this blog looks at options for SD-WAN deployment, with an understanding that SASE capabilities will dovetail into this depending upon the suitability of the deployment model.

With that foundation, what exactly is an SD-WAN? What is all the fuss about? How does SD-WAN work? And the obvious question about how does SD-WAN help keep my network secure? Is it the same old hardware wrapped in new packaging or is it something worth investing your time and money in? Let’s find out.

Attracted by the potential, vendors from all walks are wading in: Start-ups, telcos, and edge-router providers are each offering a different take on the basic idea. Understanding the core differences is key. Whether you’re a mid-sized business or a global enterprise, the following information should help you understand what SD-WAN does and which is right for you.

SD-WAN Connectivity Options:
Private Core, MPLS, and internet for on-premises and remote


Software-Defined Wide Area Network (SDWAN) simplifies enterprise connectivity to remote locations and branch offices, providing needed flexibility, centralized control and monitoring, and reduced WAN costs.

Common features of an SD-WAN include the ability to:

  • Combine network links serving one location into a single pool of capacity available for all applications and services
  • Customize bandwidth and connectivity to meet the needs of specific network services, locations, or users
  • Centrally define and manage policies and network traffic without requiring manual configuration at each device

How SD-WAN Works?

SD-WAN centralizes control in the cloud and combines functions at the edge, so customers gain greater flexibility and performance combined with better economics.



There are three basic types of SD-WAN deployments: Internet-based SD-WANs, Telco and MSP Managed Service SD-WANs, and SD-WAN as-a-Service.  The performance needs of your global users and applications, the skillset of your in-house team, and your appetite for taking on the job of building and managing an SD-WAN, will determine which deployment option is best for your business.

1.  Internet-based SD-WAN (Do-it-Yourself, or DIY)

Internet-based SD-WANs, also known as DIY, use appliances at each company location, either behind routers or replacing them as the branch connection to the enterprise network and to the internet (SD-WAN appliances can also collapse the typical branch stack by replacing appliances for WAN optimization and firewalls).

Network traffic is forwarded over legacy MPLS links or the internet depending on performance considerations and established policies.  While using the internet to complement MPLS offers a low-cost, flexible, and rapid deployment option, and makes it easier to connect users to cloud/SaaS applications, performance of the public internet is often spotty, particularly over longer distances and in parts of the world where the internet is less reliable. Latency, packet loss and jitter are inherent to the internet and these issues are aggravated with distance.

Internet-based SD-WANs also leave the burden of managing the WAN on IT, and you still may have to invest in WAN optimization and other technologies to have a fully functioning network.

2. Telco or MSP Managed Service SD-WAN

With a managed service SD-WAN, the customer pays a service provider to install and deliver connectivity, as well as any appliances the service may require.  The managed SD-WAN is a value-added service and may come with service level agreements (SLAs), but the managed service is typically deployed using some of the same hardware to support internet-based SD-WANs and will typically rely on the public internet for access to cloud/SaaS applications, meaning the same caveats apply: application performance and user experience will suffer over greater distances.  In addition, the telco or MSP offering the managed service will rely on hardware and software from one or more networking and security vendors, creating support handoffs that result in a less than stellar experience.

3. SDWAN as-a-Service

With SD-WAN as-a-Service, which we call a Cloud-First WAN, companies acquire SD-WAN much the way they buy cloud services today, using a consumption model.  Instead of constructing their own SD-WAN using the internet, or having a service provider deliver that same tech, next-generation networks such as Aryaka’s fully managed Cloud-First WAN combine the security and reliability of a private network with the flexibility, low cost, and quick deployment of the internet to deliver a superior connectivity solution and support experience.

Businesses can rely on a fast and secure private core network without having to build out a heavy infrastructure and manage additional hardware at the edge, making it simple to expand branch offices or move locations as they please, without compromising on reliability, application performance, or security.

Enabling this faster connectivity through a global private network layered with WAN optimization ensures every employee around the world has seamless access and gets consistent performance when accessing mission-critical applications anywhere in the world.


Not sure which SD-WAN is right for your business? Here’s a look at the pros and cons of the different deployment options.

SDWAN as-a-Service:

  • Pros:
    • Private Network Connectivity
    • Reliable performance and consistent latencies
    • Direct IaaS/PaaS/SaaS connectivity
    • Works with all applications: on-premises, cloud, and SaaS
    • Built-in WAN optimization
    • Network and application monitoring
    • Deployment in hours or days including Last Mile Services
    • Zero CapEx/Lower TCO
  • Cons:
    • Not ideal for IT departments wanting to construct their own network infrastructure
    • Offered by only a handful of providers

Telco or MSP Managed SD-WAN:

  • Pros:
    • Reliable performance and consistent latencies within region
    • Direct IaaS/PaaS/SaaS connectivity
    • Fully managed service with support
  • Cons:
    • SD-WAN is deployed as an overlay which may create a less visible underlay (transport network), impacting SLAs
    • May not be delivered as a PoP-centric service, impacting potential SASE integration
    • Provider may need to partner with others for out-of-region connectivity
    • May require customer to pay for additional functionality
    • May lack connectivity to some cloud/SaaS services
    • May not include WAN optimization

Internet-based SDWAN

  • Pros:
    • Rapid deployment and cost savings if internet-only
    • Network and application monitoring
    • Great for regional deployments
    • Deploys in days
  • Cons:
    • Most likely not delivered as a PoP-centric service, impacting potential SASE integration except via a 3rd party security vendor
    • Inherits weaknesses of both internet (performance) and MPLS (cost, non-flexible, deployment times) with the enterprise responsible for all link contracting
    • Does not address global application performance issues
    • Lacks the network component
    • Zero CapEx
    • Lack of support for cloud/SaaS optimization


Depending on who you ask, the size and potential of the SD-WAN market can range from $1-10 billion, but everyone agrees this technology is part of a growing change in the networking environment.  Expanding the discussion, when looking at the combined networking and security market, some vendors are beginning to forecast SASE deployments, of which SD-WAN is a component.

Over the next five years, the market for secure access service edge will grow at a CAGR of 36%, reaching almost $15 billion by 2025. Buyers will split between single-vendor and dual-vendor approaches. – Gartner, July 2021

Note that NaaS, consisting of SD-WAN and FWaaS, will reach 7.5B in 2025.  The NSaaS component will grow to 7.2B in 2025.  The networking buying center is in many enterprises still distinct from the security buying center, but these are merging.

“Customers are moving beyond branch and cloud connectivity and using a Global SDWAN as-a-service as a unified connectivity solution for their data centers, applications and mobile users as well, completely replacing the existing hodgepodge of MPLS networks in the process.”

451 Research

“SDWAN is really part of the software-defined networking movement, where the idea is to spin up and down services…the idea that this entire network is being much more agile, flexible, and responsive.”

Forrester Research

“[Global SDWAN] provides the following capabilities within its WAN edge infrastructure portfolio: routing, SDWAN, advanced firewall and cloud gateways… Aryaka is representative of a vendor that specializes in this delivery model for its services.” 


Want to learn more about SD-WAN and get answers to questions such as “how do I manage an SD-WAN?”  Download some of these additional resources to gain more insight on the future of SD-WAN:

Add links to SOTW 2021, PoP architectures, cloud connectivity cookbook, SmartServices datasheet, ROI of SD-WAN, network security whitepaper, dummies

Or contact us today to find out which solution is best for your business.

Feel free to contact us today to find out which solution is best for your business.

About the author

Shehzad Karkhanawala
Shehzad is Director of Marketing at Aryaka. He leads public and analyst relations globally and demand generation as well as partner marketing activities for the Asia-Pacific region. Shehzad is an SD-WAN evangelist and often participates in webinars, events and discussions on the subject.