According to Keith Langridge, VP of network services with BT, in the United States about 40 percent of enterprise VPN customers receive a router to deploy on their premises. In the rest of the world, 90 percent of enterprise VPN customers receive a router as part of a bundle.
BT already provides Cisco routers for its VPN customers. Now, it’s going to use those same routers and Cisco’s IWAN technology for its new BT Connect Intelligence IWAN service, essentially a managed SD-WAN offering.
One way to approach SD-WAN is through a network overlay on top of an enterprise’s existing MPLS and Internet connections. Both of these connections terminate in a box at the customer’s premises. Then, typically, an SD-WAN vendor will stack a third box at the premises for the network overlay.
Langridge says this is because traditional enterprise WANs are closed-loop systems, and that’s becoming unrealistic as businesses want to tap cloud services outside of their own data centers.
“We’re working with Cisco on a service provider version of IWAN, to enable IWAN customers to be linked into our cloud service nodes,” says Langridge. Those nodes connect to Microsoft Office 365 and Salesforce, for example.
BT already secured its first SD-WAN customer – Walgreens Boots Alliance, with outlets in about 20 countries – and the service provider will soon roll out the offering in about 80 countries.
Initial functions being offered through BT’s Connect Intelligence IWAN include VPN over hybrid network options, such as MPLS, private and public Internet, and mobile; traffic optimization; faster app performance; and analytics.
One benefit of using MPLS with a previously installed box is the security that is fully managed by the carrier. But that MPLS connection is expensive, says Lloyd Noronha, director of marketing with Viptela. He says enterprises pay about 100 times more per Mb/s for their MPLS WAN connection than they do for their connection to the public Internet.
Viptela’s pitch is that its SD-WAN can abstract the WAN services that are tied to the MPLS, and it can replace the customer premises equipment (CPE) with its own box.
“We’ve looked at the security MPLS provides because it’s a purely private network,” says Noronha. “We’ve taken the elements of MPLS and defined the security portion. All data from the first packet is fully encrypted; we make all the links more robust than MPLS. Encryption at a large scale is where we are really different. That’s why we’ve had deployment with banks.”
Charles Giancarlo, who used to work for Cisco and is now on the board of directors at Viptela, told SDxCentral in 2015, “I think in the SD-WAN space, the technology still has a lot of unknowns, and it has a lot of opportunity for differentiation and change in the market. Every vendor tries to feel their way in there and tries to influence their customers’ choices toward their solution.”