SD-WAN Explained: Replacing Traditional WANs
Software-Defined Wide Area Networking (SD-WAN) is transforming how businesses connect branch offices, remote workers, and cloud applications. By abstracting the WAN control plane from the underlying transport, SD-WAN delivers better performance, lower costs, and simpler management than traditional MPLS networks. This guide explains how SD-WAN works and when it makes sense for your organisation.
What Is SD-WAN?
SD-WAN (Software-Defined Wide Area Network) is a technology that uses software to intelligently manage and optimise wide area network connections. Instead of relying on a single, expensive MPLS circuit between sites, SD-WAN can aggregate multiple transport links, including broadband internet, 4G/5G cellular, and MPLS, into a single logical overlay network.
The SD-WAN controller continuously monitors the performance of each underlying link, measuring latency, jitter, and packet loss in real time. It then dynamically steers application traffic over the best-performing path. A video conference might be routed over a low-latency link while a bulk file transfer uses a higher-bandwidth but higher-latency connection. This application-aware routing is the core differentiator of SD-WAN.
How SD-WAN Differs from Traditional MPLS
MPLS (Multiprotocol Label Switching) has been the gold standard for enterprise WAN connectivity for over two decades. It provides dedicated, private circuits with guaranteed service levels, managed entirely by the carrier. MPLS is reliable and predictable, but it comes with significant drawbacks in the modern era:
Cost: MPLS circuits are expensive, often costing several times more per megabit than broadband internet. A 100 Mbps MPLS link can easily cost ten times what a 100 Mbps business broadband connection does.
Provisioning time: Ordering a new MPLS circuit can take weeks or even months, making it impractical for rapidly opening new locations or responding to changing business needs.
Cloud inefficiency: Traditional MPLS architectures backhaul all traffic through a central data centre, even traffic destined for cloud services like Microsoft 365 or AWS. This adds unnecessary latency and forces the central site to bear the entire internet egress load.
SD-WAN addresses all of these limitations. It can utilise low-cost broadband and cellular links while providing intelligent path selection that approaches MPLS-like reliability. Traffic destined for cloud applications can break out directly to the internet at the branch, bypassing the central data centre entirely.
Key Benefits of SD-WAN
Cost Reduction
By replacing or supplementing expensive MPLS circuits with commodity broadband and 4G/5G connections, organisations typically see WAN cost reductions of 30–70%. The savings are even greater for businesses with many branch offices, where MPLS costs scale linearly with each new site.
Application Performance
SD-WAN’s application-aware routing ensures that latency-sensitive applications like VoIP, video conferencing, and real-time collaboration tools always travel over the best available path. If a link degrades, traffic is automatically rerouted in milliseconds, often before users notice any disruption. Some SD-WAN platforms also include WAN optimisation features like forward error correction (FEC) and packet deduplication.
Simplified Management
SD-WAN is managed through a centralised cloud-based controller, providing a single pane of glass for all WAN configuration, monitoring, and troubleshooting. New branch offices can be brought online in minutes using zero-touch provisioning, where the SD-WAN appliance automatically connects to the controller and downloads its configuration. This is a radical improvement over the CLI-heavy, site-by-site management of traditional routers.
Direct Cloud Access
Modern businesses rely heavily on cloud services. SD-WAN enables local internet breakout at each branch, routing Microsoft 365, Google Workspace, and SaaS application traffic directly to the internet rather than backhauling it through a central site. This reduces latency, improves user experience, and offloads traffic from the central data centre’s internet link.
Pros
- Significant cost savings over MPLS by leveraging broadband and cellular links
- Application-aware routing dynamically optimises traffic paths in real time
- Centralised cloud management with zero-touch provisioning for new sites
- Direct cloud breakout eliminates unnecessary backhaul latency
- Transport agnostic: works across broadband, MPLS, 4G/5G, and satellite
- Built-in encryption provides secure site-to-site connectivity over public internet
Cons
- Underlying broadband links do not offer the same SLA guarantees as MPLS
- Initial deployment requires careful planning of application policies and failover rules
- Vendor lock-in can be a concern; migrating between SD-WAN platforms is non-trivial
- Requires reliable internet connectivity at each site for optimal performance
- Some SD-WAN solutions have per-device licensing costs that add up across many sites
When Should SMBs Consider SD-WAN?
SD-WAN is not only for large enterprises. Small and medium businesses should consider SD-WAN if they meet any of these criteria:
Multiple locations: If you have two or more offices that need to share resources securely, SD-WAN provides a cost-effective alternative to MPLS or traditional VPN tunnels.
Heavy cloud usage: If your team relies on Microsoft 365, cloud-hosted ERP systems, or SaaS applications, SD-WAN’s direct cloud breakout can dramatically improve performance.
Remote workforce: Many SD-WAN platforms now offer client agents that extend SD-WAN benefits to individual remote workers, providing consistent application performance regardless of location.
Unreliable primary link: If your main internet connection experiences outages or degradation, SD-WAN can aggregate a primary broadband link with a 4G/5G backup for seamless failover.
SD-WAN represents the biggest shift in enterprise networking since the introduction of MPLS. It democratises WAN optimisation, making enterprise-grade connectivity accessible to businesses of all sizes.
No. SD-WAN is an overlay technology that sits on top of your existing internet connections. You still need underlying transport links such as broadband, MPLS, or cellular. SD-WAN makes those links smarter by adding intelligent routing, encryption, and centralised management.
Yes. SD-WAN encrypts all traffic between sites using IPsec or similar tunnelling protocols. Many SD-WAN platforms also integrate security features such as next-generation firewalling, intrusion prevention, and URL filtering, often referred to as SASE (Secure Access Service Edge) when combined with cloud-delivered security.
Absolutely. A common deployment strategy is to run SD-WAN alongside existing MPLS during a transition period. SD-WAN treats the MPLS circuit as one of its available transport links, and you can gradually shift traffic to broadband as you gain confidence, eventually decommissioning the MPLS circuit to realise cost savings.
The SD-WAN market includes a range of vendors. For SMBs, popular options include Cisco Meraki (simple cloud management), Fortinet (strong integrated security), Peplink (excellent multi-WAN bonding), and VeloCloud (VMware) (carrier-agnostic flexibility). Evaluate based on your specific needs around security, management simplicity, and integration with existing infrastructure.
