7 steps to select the right product for deploying SD-WAN for VoIP

Ready to deploy SD-WAN for VoIP? Networking expert Terry Slattery offers seven tips for selecting the right product to support real-time voice needs.

Software-defined WAN is growing in popularity with enterprises as a reliable wide area network choice, because the technology has proven itself in a variety of business cases, including sensitive real-time applications, like voice and video.

One major reason why SD-WAN products are increasingly prevalent is because they provide a lot of functionality in one system: They are centrally managed; they provide path resilience without complexity; and they include virtual private network-based security for packet flows and automated path selection.

SD-WAN is a great technology for resilient voice over IP (VoIP), because voice has a high level of real-time performance requirements. But as users contemplate SD-WAN for VoIP product options, they should consider a variety of factors before making a selection.

1. Understand your voice requirements

One of the first factors to evaluate is whether the SD-WAN product matches your voice system's requirements. If your organization uses a cloud-based voice system, such as RingCentral or Skype for Business Online, you may have different requirements than an organization that hosts the voice system on premises.

For cloud-based systems, you may need to acquire dedicated links to highly connected network providers, such as Equinix or Digital Realty Trust, that provide connectivity directly to the SaaS providers.

2. Multiple paths

SD-WAN for VoIP uses multiple links to transparently provide resilience and traffic separation. Make sure the available link technology is supported by the SD-WAN products you plan to use. Ethernet interfaces are most common, and different hardware is required if you use Long Term Evolution wireless backup for your VoIP service.

3. Rapid failover

After you've evaluated the various path options, find out how quickly the SD-WAN product fails over to an alternate path. Some options have a faster failover in a link-down event.

Make sure to get information about how much time it takes to react to changes in path characteristics, considering factors like latency, jitter and packet loss. Verify that the central management system is easy to use for defining when to switch paths. You want the ability to define the policy in one place -- the management system -- and apply it to many devices.

Be careful about products that quickly switch paths as path characteristics change. This can result in packet flows switching back and forth between two or more paths, which can cause problems for codecs that can't handle high jitter or out-of-order packets.

4. Monitoring path characteristics

SD-WAN is a great technology for resilient VoIP, because voice has a high level of real-time performance requirements.

The fourth factor in choosing SD-WAN for VoIP is to learn the mechanism the SD-WAN product uses to monitor path characteristics. How much overhead is required? Does the measurement piggyback a timestamp and sequence number on user packets by adding a header within the packets? Or, does it use separate measurement packets? How does the SD-WAN product measure paths when there is no user traffic? The piggyback method may cause packet fragmentation due to a larger maximum transmission unit.

Each approach has its own advantages and disadvantages. Understand what each vendor does and how the various approaches affect bandwidth and packet flows.

You must also learn how packet flows are identified for forwarding on the desired path. Does the SD-WAN device -- whether physical or virtual -- have to perform its own packet classification based on the contents of each packet? Or, does it rely on Differentiated Services Code Point value, assuming it was properly set upon ingress to the network.

Packet classification and marking needs to happen somewhere, and it's useful to understand what you need to do to implement it.

5. Policy configuration and system management

The next step is to test-drive the SD-WAN product's policy configuration system. How detailed is it? Is it easy to understand? Does it help reduce the complexity of creating policies for each type of traffic?

Make sure you understand how to allocate bandwidth for each traffic class. Find out what steps are required to prioritize voice traffic and potentially limit bandwidth to prevent voice traffic from consuming all available bandwidth.

Learn how an SD-WAN product maintains voice quality
during a WAN outage.

Check to see if the SD-WAN product has controls that allow different policies to be used when the traffic is taking certain links. If the low-latency link fails and voice traffic has to use the bulk data path, for example, is it possible for the policy to prioritize voice over bulk data? Then, determine if the resulting performance is acceptable.

Understand how the configuration system communicates with the SD-WAN elements. Some vendors require each SD-WAN element to contact a vendor server over the public internet before being redirected to the customer's controller, which may not work for some customers.

Verify the level of monitoring provided by the SD-WAN product and whether it can integrate with other network management systems. You may want it to send syslog messages to your event management system. Understand what visibility you get from the vendor's system. With automation increasing, make sure the SD-WAN product has an API to facilitate building interfaces into other parts of the network monitoring system.

To ensure the system functions properly and detect potential cases, it's best to understand how the system could fail. For example, can the system monitor the queues in order to detect when a queue drops packets or when jitter is high?

6. Integration with the network routing system

The SD-WAN system will serve your remote networks, which you'll want to advertise to the internal routing protocol for automatic distribution. Learn how the SD-WAN product integrates with your internal routing protocols -- probably Open Shortest Path First or Border Gateway Protocol -- to advertise networks that are reachable over the SD-WAN cloud. Determine which controls exist for controlling route distribution and filtering.

7. System security

The security of administrative access to the SD-WAN control system is important for defining real-time voice and video traffic policies. Does it use Remote Authentication Dial-In User Service or Terminal Access Controller System authentication and authorization with role-based access control supported so some functions can be delegated to other team members without giving away full control?

SD-WAN elements typically contact a central controller to get software updates and configurations. Have your security team or security consultant learn how the registration process works and how to prevent someone on the internet from joining your SD-WAN topology.

It would also be good to ask each vendor about security vulnerabilities their products have experienced and how they handled them. Ask how they distribute updates and how SD-WAN elements get updated. How elements are updated ties into the management system, as well.

If your network has high availability requirements, you may need dual SD-WAN devices at each site. With mechanisms in place to update one device, switch traffic to it and then update the other device.

SD-WAN products can provide a lot of benefits for optimizing the use of different types of WAN connectivity. SD-WAN technology is simple to use, because it hides a lot of complexity. When choosing a vendor, however, it's good to take a look under the hood to better understand how specific examples operate. These seven tips will help you find a good match for your organization and its voice, video and other business requirements.

Dig Deeper on VoIP and IP telephony