Deploying a DIY vs. Managed SD-WAN Solution

As organizations seek to lower overall total cost of ownership (TCO) while still delivering fast, scalable, and flexible connectivity, software-defined wide-area network (SD-WAN) solutions have emerged as an attractive strategy. The demand for SD-WAN solutions is growing rapidly, and SD-WAN can be deployed in multiple ways: do-it-yourself (DIY) or managed SD-WAN.

With DIY SD-WAN, an organization's own IT team sets up and manages all the components of the SD-WAN in-house. A managed SD-WAN provides organizations with an out-of-the-box solution to manage multiple network connections, critical applications, and security.

Whether you use DIY or managed SD-WAN is not an easy decision to make and is not as simple as choosing between an on-premises versus a cloud-based solution. Several factors go into this decision, and as organizations of all sizes need to adapt quickly to changing business demands, this decision is vital.

How Does DIY SD-WAN Compare to Managed SD-WAN?:

The DIY model gives organizations full control of their networks and is most appropriate for larger enterprises with significant internal technical expertise in deploying, configuring, and monitoring these networks. The in-house IT team is also responsible for maintaining the company's own SD-WAN equipment, connections, and software. 

A managed SD-WAN solution, on the other hand, is suited for organizations seeking to save time and reduce operational overhead. With managed SD-WAN, your IT staff can spend more time on other value-adding projects. The managed model is also a way for smaller companies to transition to software-defined networking, enabling them to study and learn about SD-WAN from their providers.

Pros of DIY SD-WAN

There are certain scenarios in which DIY SD-WAN makes more sense than the managed route, such as:

  1. Existing IT talent: Larger organizations may already have the necessary IT expertise to deploy and configure the network. IT professionals who have worked with the company for years understand its connectivity and security needs quite well.
  2. Complicated needs: Certain organizations, including those in regulated industries, such as financial services and healthcare, have complex requirements and must conduct internal risk assessments of their networks and facilities regularly. A managed solution may not be able to handle such needs. 
  3. Additional security: Even with an SD-WAN in place, organizations will still need to install and configure extra security technologies and protocols to ensure that sensitive data is protected until it arrives at its destination.
  4. Additional configuration: Managed SD-WAN is not completely hands-off. Companies are still responsible for configuring network paths and routers before deployment.  

Pros of Managed SD-WAN

Aside from bringing provider expertise into the equation, managed SD-WAN provides organizations with the following benefits:

  1. Reliance on the expertise of others: Smaller organizations often do not have the IT resources to handle the installation and management of the SD-WAN on their own. 
  2. Cost savings: Bandwidth for multiprotocol label switching (MPLS), a protocol-independent routing technique, is costly, which is why organizations want alternative solutions for their corporate WAN. Also, as more and more organizations move to mobile and the cloud, MPLS no longer meets enterprise WAN needs.
  3. Additional IT resources: Managed SD-WAN providers not only supply the necessary equipment but also the experts to assist from installation to completion. 
  4. Integration with other network services: Managed SD-WAN providers offer consolidated billing, offering a bundle of different types of broadband connections.
  5. Integration with public cloud services: Managed SD-WAN providers often have connections with public cloud services, such as Amazon Web Services and Microsoft Azure. 

Who Needs a DIY vs. Managed SD-WAN?

Different companies have different needs. Let us take a look at some examples.

  1. DIY SD-WAN: Company A has a large internal team of IT professionals. The company's network and security needs have grown over time, and the IT staff is well aware of the different technologies, solutions, and vendors available in the marketplace. The IT team is adept at handling every step of the process of installing, managing, and monitoring the network on their own following the selection and purchase of an SD-WAN product. 
  2. Managed SD-WAN: Company B has a small IT department that already has a lot of responsibilities. The staff cannot handle the installation, management, or monitoring of the SD-WAN network on their own, and may lack the experience and know-how to integrate other critical applications. The organization is growing, mainly through the hiring of remote employees who join the WAN through the public internet. As such, the organization's network and security needs increase in complexity very quickly. They choose a service provider to manage their SD-WAN solution because it would be impossible to manage the network on their own. 

Choosing the Right Deployment Option for Your Business

Demand for enterprise-level SD-WAN is increasing, and instead of acquiring and handling their own SD-WAN infrastructure, many organizations are increasingly relying on managed SD-WAN services. Business size normally factors into this decision. Larger enterprises may already have the technical expertise in-house to do it all on their own, but smaller and even medium-sized enterprises often do not. 

Apart from IT expertise, the number of locations needing secure connectivity and the speed of data transport are factors to consider. For example, large retailers find their WAN to be business-critical, especially as large volumes of transaction data need to travel quickly and securely to the retailer's data center for processing. As such, the internal IT team at the retailer may prefer to deploy and manage the WAN for the most control. 

Additionally, the amount of control a customer needs can inform the decision to build in-house or use managed SD-WAN. For example, a financial services organization has required policies for security and performance. All of their transactions should never go through the public internet but instead through secure MPLS transport. The financial services organization may have developed its own internal policies—ones that are continually revised based on internal compliance requirements and that of the industry at large. As such, the level of security and performance needed means that the SD-WAN is better off managed in-house.

However, regardless of size or industry, organizations are increasingly interested in managed SD-WAN solutions. Providers deliver comprehensive knowledge and experience with how SD-WAN solutions integrate with other vendors, particularly those related to cloud infrastructure. Additionally, other value-added features, including ease of use, centralized management, reporting, and analytics, make managed SD-WAN an attractive option. 

When choosing between a DIY or managed SD-WAN solution, some questions you can ask that might help in the decision process include:

  1. Can my team design and manage the deployment of the WAN?
  2. Can I supply a WAN help desk staff required for 24/7/365 coverage?
  3. Do I want to manage legacy parts of my network that might still need attention and maintenance? 
  4. Are my sites global? Are they running critical applications across multiple regions and carriers?
  5. Is managing the network adding value to my business, or can I add value in other ways? 
  6. Do I use the public cloud? Which deployment model better supports public cloud infrastructure and Software-as-a-Service (SaaS)?
  7. Am I aware of the extra security protocols my organization needs to reduce risk?
  8. What is my organization's timeline to make the decision to roll out SD-WAN? Who internally must sign off on this?

There is actually a third option—a hybrid model—that gives organizations even more flexibility in creating the kind of network they need. This is a model that is designed and managed by both the customer and the network service provider. Generally, medium-sized businesses find the hybrid model the most attractive, as they can be split between DIY and managed SD-WAN.

For the creation of application and security policies, both the provider and the organization can work together to find the best fit. The service provider would be responsible for handling connectivity and managing the end-user experience along with providing guarantees for any network service-level agreements (SLAs). As a value-add, service providers also offer analytics and technical consulting services. 

Solutions for DIY and Managed Deployments

Different networking environments have different needs. Some organizations prefer to rely on their own in-house IT talent for a more hands-on approach to managing SD-WAN while others seek a completely managed solution.

Fortinet's SD-WAN solution is compatible with either deployment strategy, enabling organizations to quickly adapt to changing business demands. As an SD-WAN leader, Fortinet invests in the latest SD-WAN technologies for the benefit of its customers, adding value through detailed knowledge of how solutions integrate with other systems.