Today's network requirements, SD-WAN and the reduced need for MPLS

The ways in which organizations communicate are changing. People work at home, at coffee shops, in trains and even at the beach. This is great for productivity and work life balance. However, it requires a fundamental re-do in networking.

The old approach differs from what is necessary today both in how networks are architected and the mix of technologies that are used. Those two changes are deeply related. The legacy approach features a networking technique or mechanism called Multiprotocol Label Switching (MPLS). It rose to the head of the class for good reasons: MPLS is predictable and reliable, offers exemplary uptime and can be managed on an end-to-end basis. 

blog-hannah-wei-84051-unsplashPhotograph by Hannah Wei

At the same time, the approach has drawbacks.


  • is expensive (especially in cases in which trivial data is being transported) compared to now ubiquitous broadband, wireless and other emerging options.
  • is time consuming to deploy. It can take weeks or even months to do the paperwork and actually have crews do the job.
  • is vulnerable to cable cuts in the last mile. The final run to the customer’s premises represents a single point of failure. A severed cable means that service will go down.
  • is not a good fit with the cloud and the internet. This, however, is more of a function of how it is used than about MPLS itself.

The last point is particularly important. There is nothing about MPLS itself that makes it difficult to use with the internet or the cloud. The change is that the evolution of network designs and availability of less expensive transport is reducing the use cases for MPLS.

The downturn in the fortunes of MPLS is due to the move from highly structured and centralized network architectures to more fluid and flexible approaches that rely upon less expensive technologies to reach the internet and the cloud. MPLS also is too expensive for many branch offices.

Traditional networks are highly structured. Branch offices communicate with the internet or cloud through a centralized secure web portal. MPLS carries between the branch office and the portal, which usually is at the corporate data center. The advantages are the quality noted above and the consolidation of all security at that single point of access. The branch office is safe and sound because it doesn't touch the internet.

That highly regimented approach creates problems in the cloud and internet era. An increasing percentage of applications and services are latency sensitive. An interactive app that must traverse a path from Los Angeles to a secure web portal in New York City and back is unlikely to work well. This approach also squanders a lot of bandwidth.

SD-WANs meet the challenge

SD-WANs meet this challenge by enabling branch offices to link directly to the internet and the cloud. Various technologies, including cable modems, MPLS – generally used for mission-critical data – and wireless can be used to do so. This approach has the dual benefits of reducing costs and eliminating latency problems.

SD-WAN appliances create an overlay over these disparate networks. Traffic steering capabilities select the path based on conditions, application requirements, business priorities and other variables. Various approaches can create redundant logical networks to meet SLA and other customer demands.

The bottom line is that the transport technologies and the mechanisms that control them have evolved to the point that they can do the job that MPLS-centric networks do no longer.

Security is a core challenge faced by the new approach. Branch office employees must be shielded from the list of internet threats just as they are with a secure web portal in the MPLS-centric model. Firewalls, intrusion prevention systems and a host of other technologies must be in place. It is impractical from the cost and logistic perspectives to deploy these expansive platforms to each branch, however. The SD-WAN ecosystem has developed workarounds to navigate around this obstacle, which focus on isolating the branch and making it a client of physically separate security platforms.

SD-WANs are hot because what they offer fits perfectly with today's needs. They do a better job of supporting many of the most popular applications, are less expensive and can be provisioned far more quickly. And, if the network overlays and security are set up correctly, SD-WAN users pay no penalty in functionality, reliability or the safety of their data.

MPLS is a terrific technology, and it still may have a place in the network. Its dominant days are ending, however. Its high costs, combined with the decentralization of work, the real-time nature of applications and the availability of less expensive options are reducing its role. Properly engineered, SD-WAN can eliminate the need for MPLS with most networks.

a leading SD-WAN analyst image

This post was written by a leading SD-WAN analyst, for Open Systems.