Uptime is quite possibly the single most important metric in IT. If you work in IT, whether your goal is to ensure your Tier 4 data center achieves those “five nines” (99.999% uptime), keep an ecommerce site available to your customers, run internal business applications, connect your users to cloud services, or anything in between, you know the importance of uptime. If your users can’t access their resources, you’re not doing your job right.
For this reason, some of the hottest topics in modern IT are high-availability (HA), fault tolerance, and self-healing. The more robust you can make your infrastructure, the more uptime you can expect. In the world of enterprise WAN, scaling high-availability without adding a ton of complexity has traditionally proven to be difficult and expensive. However, recent developments in the world of SD-WAN are changing that for the better. Premium, cloud-based SDWaaS (SD-WAN as a Service) providers are able to offer customers a means to enable HA in their WAN environments that is self-healing, scalable, and easy to manage. This means that organizations can benefit not only from a resilient and highly-available infrastructure, but also from the inherent reduction of downtime created by human error and misconfigurations that come along with a streamlined approach to HA.
In this piece, we’ll walk through the challenges with the traditional DIY (Do-It-Yourself) approach to SD-WAN HA, how SDWaaS addresses these challenges, and how SDWaaS can be a real game changer for enterprise IT.
The traditional approach to SD-WAN HA
The DIY approach to SD-WAN involves deploying an SD-WAN appliance and a number of security and networking appliances (e.g. Next Generation Firewalls) to supplement and secure the deployment. Given the importance of redundancy to HA, generally each of these devices need to be purchased and deployed in pairs, if one fails, the other is there to take over. From there, if they wish to attempt to maximize uptime, enterprises may also need to consider configuring failover to another (physical or cloud-based) location in the event a primary site fails.
Not only does this approach to HA require enterprises to source, provision, and maintain a variety of appliances and software products, it also often entails a significant amount of manual configuration. This leaves room for human error. Additionally, if you must manually reconfigure security rules every time a failover occurs, you’re layering additional downtime on top of the initial failure as you wait for a network engineer to complete the tasks required to make the failover site go live (and this often has to be undone when switching back to the primary site).
In short, the DIY approach to high-availability SD-WAN involves a number of moving parts, manual configuration, and a non-trivial amount of complexity. At best, achieving true high-availability while facing these obstacles requires dedication of a significant amount of IT resources and expertise. At worst, it leads to enterprises missing the mark completely when it comes to meeting their uptime goals.
The SDWaaS advantages
Premium, cloud-based SDWaaS solves the problems of achieving a highly available WAN infrastructure in two fundamental ways:
- By abstracting away the complexity of HA configuration
- By automating failover and recovery
To understand how SDWaaS is able to solve the HA problems more effectively than legacy approaches to SD-WAN, it is important to understand how premium SDWaaS is designed from the ground up with resilience and performance in mind. Premium SDWaaS do more than just provide Policy-based Routing (PbR), they add a robust, SLA-backed, backbone to the equation. Premium SDWaaS providers have multiple Points of Presence (PoPs) across the globe that are interconnected by links supported Tier 1 ISPs (Internet Service Providers). In the event of an outage at one PoP, failover to another can occur automatically, ensuring enterprises see as few interruptions in service as possible for as short a period as possible. The processing engine and underlying hardware infrastructure to make this possible are already baked-in to premium SDWaaS services, meaning enterprises can focus on tasks more relevant to their core business, rather than expend resources on developing complicated HA plans.
In addition to automating failover and recovery in the event of an issue occurring, premium SDWaaS services now offer enhanced self-healing techniques that include dynamic rule changes. This means that security rules won’t “break” when you failover to another network, or when you switch back to a primary route. This functionality is made possible by self-healing algorithms that leverage BGP (Border Gateway Protocol) to recognize the new IP ranges and auto-update all relevant security polices as required. This makes a zero-touch approach to failover possible and helps enterprises maximize uptime even when things begin to go wrong at a given site.
SDWaaS automates and simplifies HA
As we have seen, SDWaaS is capable of adding a level of simplicity, scalability, and automation to an enterprise’s WAN that the DIY approach simply cannot match. By abstracting the underlying complexities of the WAN infrastructure away from the user, providing a robust, SLA-backed backbone.