How to Tame SD-WAN Complexity


Tame SD-WAN hero

Known to some as “The Wild West of SD-WAN,” Spirent has identified a set of best practices to tame the complexity of SD-WAN. Learn the essentials of managing SD-WAN complexity with a comprehensive test and validation strategy.

Because of its policy-based forwarding, inherent security and centralized management, SD-WAN (software-defined wide-area network) is viewed by many enterprises as their on-ramp to the cloud. IDC research projects “robust growth to resume post-COVID-19 in 2021.” The Federal News Network observes the government sector is especially receptive to the SD-WAN opportunity, citing IDC research forecasting the SD-WAN market will grow to $5.25 billion by 2023. Powered by the explosive growth of the cloud, Appledore Research sees SD-WAN growing rapidly (~100% YoY), predicting strong growth through 2024.

In the first wave of SD-WAN adoption, enterprises took responsibility for designing, deploying, and operating their SD-WAN networks. Since 2019, SD-WAN managed service providers (MSPs) have emerged as the predominant deployment model, forgoeing the earlier DIY (Do It Yourself) approach, while enterprises continue to migrate their applications and data from the data center to the cloud. In Futuriom – Future of Cloud Tech’s 2021 SD-WAN Managed Services Survey (February 2021), 90.8% said that SD-WAN technology will grow as part of the strategy to replace alternatives such as leased lines, and in the same report, 82.5% are researching MSP offerings. MSPs, however, must win over enterprises whose expectations are conditioned by the cloud, leading to demands for tailored services and specific SD-WAN vendors. To capitalize on the opportunity, SD-WAN MSPs must be able to rapidly integrate specific SD-WAN capabilities across multiple vendors, while reducing both the costs and time to new services. To achieve that, they must address the elephant in the room: taming the complexity inherent in SD-WAN.


SD-WAN MSPs must be able to rapidly integrate specific SD-WAN capabilities across multiple vendors, while reducing both the costs and time to new services. To achieve that, they must address the elephant in the room: taming the complexity inherent in SD-WAN.

SD-WAN’s rapid evolution created a proliferation of SD-WAN vendors, each striving to differentiate based on specialized features including security, policy, WAN optimization, etc. Over the past four years, network equipment providers including Cisco, VMware, Juniper, Oracle and Palo Alto Networks made major acquisitions, to begin to consolidate the SD-WAN equipment. Yet, despite this consolidation trend, the SD-WAN market remains fragmented, with a wide variety of service offerings and products, each with differentiated feature sets and proprietary SD-WAN controllers/managers. For some, this is an opportunity. For managed service providers, it’s a source of serious heartburn.

Normalizing SD-WAN’s unruly and evolving landscape

While SD-WAN managed services dramatically reduce complexity for enterprises, proliferating vendor offerings and a multi-layer architecture create significant challenges for MSPs. The situation is exacerbated by a growing number of cloud providers and a wide variety of offerings from dozens of vendors increasingly label their products simply as ‘SD-WAN’ (aka ‘SD-WAN Washing’). Thankfully that’s all changing with new standards that verify SD-WAN conformance. Working closely with MEF, Spirent developed the industry’s first certification for SD-WAN.

Keep reading to learn our set of best practices to tame the complexity of SD-WAN: tame the stack, tame the risks and tame the lifecycle.

Tame the stack

  • Validate the layers. Evaluating only the network connectivity is no longer sufficient; service providers must now validate multi-vendor underlay and overlay network layers, as well as the service and virtualization layers in between.

  • Ensure service readiness. Service Readiness Testing (SRT) is required to complement Service Activation Testing (SAT), to proactively identify and mitigate issues before the customer experience is degraded.

  • Certify for certainty. The MEF SD-WAN certification program validates conformance with the industry’s first SD-WAN standard, utilizing a common test suite, standardized by MEF, to enable multi-vendor SD-WAN ecosystem.

Tame SD-WAN Stack

Tame the risks

  • Validate security readiness. Identifying security vulnerabilities during deployment is essential so they are alleviated before going live, to avoid disrupting service availability.

  • Assess operational security. Proactively monitor operational networks, endpoints and applications to enhance security by ensuring security functions are behaving and performing as expected to protect against the ever-changing threat landscape.

  • Certify for security. Going forward, it’s critical that security certification adopts new methodologies that blend network and security testing in both the lab and operational networks, using test agents that emulate real-world attacks and proactively identify vulnerabilities.

Tame SD-WAN Risks

Tame the lifecycle

  • Optimize before deploying. Extensive testing in the lab offers an opportunity to exercise policy management, product configurations, and assess key features to optimize performance.

  • Proactively assure service levels. Proactive, SD-WAN multi-layer active testing verifies service levels to enhance the user experience.

  • Automate lifecycle troubleshooting. Ensure SD-WAN solutions are readily integrated into DevOps pipelines using a range of frameworks to facilitate overall orchestration and automation.

Tame SD-WAN Lifecycle

Not sure if it's worth the effort? Here are some benefits of taking our best-practice approach to taming SD-WAN complexity:

  • Coverage spanning the lifecycle and traversing the entire SD-WAN stack

  • Flexible deployment models scaling across the technology and a wide array of network environments

  • Blends security testing based on emulated, real-world applications and threat traffic with simulated network traffic, to accurately assess policies, data loss prevention, performance and availability, across the entire SD-WAN network

  • Verifies SD-WAN managed services and products conform with emerging SD-WAN and security standards to enable product differentiation, streamlined deployment, and ultimately simplifies the multi-vendor environment

  • Leverages best practices and advanced security testing methodologies to ensure security functions are performing as expected

Empowering the realization of SD-WAN’s promise

SD-WAN ushers in a new era of cloud-based services, which tailor the network to the application demands. However, migration to the cloud incurs challenges of reliable interoperability and inherent inefficiencies. This includes new risks and vulnerabilities as the potential attack surface increases dramatically with an explosion in endpoints and increased use of publicly accessible networks. Taming the complexity of SD-WAN services is further complicated by the virtualization of SD-WAN endpoints and controllers, which introduce a new set of challenges. Any organization attempting to address these complexities on their own, without a deep bench of expertise and technology capabilities, faces serious challenges. Having a vendor-neutral partner is essential to success.

Our original Taming SD-WAN eBook has been updated and expanded to examine the new challenges posed by Covid and other developments in technology. For additional details on how Spirent's SD-WAN Test/Validation/Assurance approach may benefit both MSPs and their vendors, download the new SD-WAN eBook Paving the Way to Secure SD-WAN.




Marc Cohn
Marc Cohn


Marc在思博伦的战略部门工作,其任务是确定虚拟化领域的技术方向。他专长于SDN和NFV领域,曾担任Linux基金会的网络战略副总裁、OPEN-Oopen编排项目(自从并入ONAP项目以来)执行董事、开放网络基金会(ONF)市场区域总监和研究员 、ETSI NFV ISG主席的顾问、OpenDaylight董事会银牌会员代表和财务主管。他还在 ClearPath Networks、Ciena和 IP Infusion等公司担任过战略和营销方面的高层职务。最近,Marc被任命为MEF认证委员会的联合主席,并加入了MEF的领导团队。您可以在LinkedIn上与Marc联系,或关注他的Twitter账号 @mdcohn