The creeping threat and challenges of multivendor SD-WAN
Geographic considerations are often a key reason why organizations adopt multivendor SD-WAN. But these network environments have significant disadvantages.
Multivendor networks aren't a new concept. An IT organization might use one vendor for switching and another for Wi-Fi to use leading technology from each vendor. Another company might use two different switching vendors in a data center to keep each vendor honest on pricing.
However, does multivendor software-defined WAN (SD-WAN) make sense? Technically, SD-WAN is an overlay service. An organization deploys it across an existing WAN underlay to create a hybrid network that mixes MPLS, broadband, mobile networks and other services. From that perspective, using multiple SD-WAN vendors in the overlay layer would simply add unneeded complexity -- but that's just what a growing number of IT organizations are doing today.
New research from Enterprise Management Associates (EMA) found that more than 40% of organizations have or anticipate having multiple SD-WAN vendors. EMA research also found the number of organizations confident that they can maintain a single-vendor SD-WAN is shrinking, from 59% in 2020 to 49% in 2023. These numbers were published in a recent market research report based on a survey of 313 IT professionals who are engaged with SD-WAN.
Drivers of multivendor SD-WAN
EMA asked survey respondents to identify why they are going with multivendor SD-WAN. The respondents cited three main drivers and two secondary drivers.
- Technical requirements. Fifty-nine percent of organizations have specific requirements for SD-WAN functionality that forced them to adopt multiple vendors. For instance, perhaps they needed integrated 5G connectivity in a certain geography, but they required strong WAN acceleration features in a second geography.
- Site diversity. Fifty-four percent have sites with different needs. For instance, a company might have retail sites that require one type of service and manufacturing sites that require a different type of service.
- Lack of central control. Forty-nine percent have business units with independent technology strategies. Unfortunately, the network operations team might be tasked with managing both networks.
- M&A. Twenty-two percent are dealing with bringing multiple companies together with preexisting SD-WAN implementations.
- Gradual migration from vendor to vendor. Twenty-one percent are temporarily multivendor as they migrate from an old SD-WAN vendor to a new one. Unfortunately, this migration can take years. In the interim, the network team must manage multiple services.
Multivendor SD-WAN examples
A network engineer for a $200 billion healthcare services company said two of the above issues drove his multivendor SD-WAN. He said he works for a large enterprise that keeps acquiring new companies. As a result, new technology and devices are added to the mix, which means infrastructure needs to be merged. Another factor is the company operates as two companies: one in the U.S. and one everywhere else.
Sometimes, an enterprise succeeds in establishing a single-vendor SD-WAN strategy only to find that multivendor complexity continues to persist.
For example, a network operations director for a $37 billion multinational manufacturer said his company has standardized on a single SD-WAN vendor, but the company has more than a half-dozen MSPs operating the platform. This MSP complexity is driven by geography. No MSP was able to manage the company's entire global SD-WAN implementation. Each MSP is essentially offering a separate service, operating only a portion of the overall global network.
Multivendor SD-WAN challenges
EMA's research revealed that multivendor SD-WAN environments tend to struggle. Organizations were more likely to be successful with their SD-WAN implementations if they had a single-vendor environment. For example, 53% of the most successful organizations had one SD-WAN vendor, but only 13% of the least successful organizations had a single vendor.
Multivendor organizations identified the single biggest challenge with managing more than one SD-WAN platform. Their answers were the following:
- Consistent security (24%). Organizations struggle to translate security policies across multiple vendors. Each vendor has different security features but also change controls differ. If the security team introduces a new policy, the network team must ensure that policy is implemented correctly across two or more vendors.
- Skills gaps (18%). The network team must develop skills and expertise with two or more SD-WAN vendors. While the vendors might have similar features, the nomenclature for each one diverges, requiring training. Also, the depth of networking know-how might vary from one vendor to another. For instance, one vendor might be easily managed via a graphical interface, while another requires a CLI for advanced features.
- Costs (15%). The costs of managing multiple vendors can add up, in terms of Capex, software subscriptions and hours spent by the network team managing complexity.
- Poor cloud access (15%). SD-WAN vendors vary in how they integrate with cloud providers and provide connectivity into cloud environments. Also, most enterprises are now multi-cloud. These two factors combine to make it difficult to provide consistent access to cloud services via multiple SD-WAN vendors.
What can you do?
Many network managers may be powerless to prevent multivendor SD-WAN from infiltrating their environments. However, networking pros must try to be the voice of reason. If multivendor SD-WAN is headed your way, raise a warning about security challenges, skills gaps and cost overruns.
If you can't stop the multivendor tide, it's still possible to succeed. One recommendation is to establish effective network observability with a monitoring tool that can provide an end-to-end operational view of your entire network across multiple SD-WAN platforms.
Also, work with the security group on maintaining an effective approach to security policies and controls. For instance, using a third-party network security service that integrates with all your SD-WAN vendors might help you build a consistent security architecture.
Finally, most enterprises consume SD-WAN as a managed service. If that's the case with your organization, seek an MSP that can own and operate your end-to-end WAN, regardless of the number of SD-WAN vendors you have installed. In the right deal, an MSP might be willing to assume ownership of a legacy SD-WAN that is installed in one portion of your enterprise in return for bringing its preferred SD-WAN vendor to the rest of your network.
To learn more about EMA's latest SD-WAN research, check out a free research webinar.