4 tips for managing the move to a new Cloud-native WAN architecture

There is a common psychological trait we all hold, which is “resistance to change”. We all resist change to some extent, some more than others and in some instances, we support it by using the term “If it is not broken don’t fix it”. But just because something is working ok, it does not mean it is suitable for an ever-evolving business which demands agile and rapid adaptation that cannot be met by current WAN infrastructures.

We also understand resistance to change can be governed by many other concerns within an organisation, like the additional demands on an already stretched IT team or reduction in budgets that cannot be met with a compelling ROI. But tackling a transformative redesign of any enterprise WAN infrastructure and making it a success requires a completely different approach and strategy to deliver on the promise it offers.

Some will believe the responsibility lies with their Telco provider to provide this evolution of WAN capabilities, but this will of course still come at a cost that will help Telcos justify the already high costs charged for MPLS services today.

Here are some guidelines and tips to help you navigate your way through the new WAN architecture design process, overcome resistance to change within the IT and help you decide whether to stick with one or multiple service suppliers.

1. Key areas to consider when designing a new WAN architecture

Re-architecting any complex and critical infrastructure demands a lot of resource, time and patience than anyone would ever foresee, and it is this insight that can weigh heavily on a decision to transform the way application services are best delivered in the business.

At Accelerate Technologies, over the years, we have developed a proven methodology to help reduce overhead and complexity when designing new WAN architectures with the aim of helping to deliver on the future requirements of the business. The following diagram shows key areas that should be considered when reviewing a move to a new WAN.

2. Overcome the Security team’s resistance to the merging of roles and responsibilities

Responsibility for WAN communications has sat with the network teams for years – ensuring applications can be reached, backups are completed, and telephony is uninterrupted. Unless the need arises, it is rare for the security team to get involved or participate in the management or control of the infrastructure. But, networks today cannot exist without the security team helping to define and secure the extending perimeter.

We understand many of the security threats faced today but rarely will we know what threats are faced tomorrow. What we do know, is that the changing dynamics of the network will require two teams that have traditionally been divided in task, responsibility and risk awareness, to come together to build an aligned approach to protecting the new digital business.

On paper at least, we see the combination of SD WAN and SASE addressing a challenge that is seldom addressed in an organisation. Allowing the security teams to have the reassurance that their security policies are well defined and ensure that they are being enforced through a central coordinated approach between the network infrastructure and enterprise security domains.

3. Service Suppliers – One or Many?

Managing change of large and complex infrastructures is a challenge that many businesses, understandably, do not want to face regularly. For many, however, there is also an additional question that raises concern: “Should I use one single supplier to deliver a multi-service infrastructure or multiple suppliers?”  The ideal scenario for many enterprises is consolidation, delivering a one-stop shop for all telecoms that will provide a single invoice for voice, network and mobile services, and offering them a potential position of power to negotiate contract renewals.

However, while a single telecoms provider may sound like the ideal solution to the promised land of better service and reduced costs, it does attach a risk of putting all your eggs in one basket and makes looking at alternatives a very unwieldy task.

Some large telco providers have moved to offering SD-WAN services, with all the features and advantages that SD-WAN offers – automated traffic routing, visibility and troubleshooting capabilities. Unfortunately, customers can still be left frustrated with the slow and cumbersome change processes they need to follow to get anything implemented. Using a large telco to deliver and manage an SD-WAN network overlayed over an MPLS backbone will just introduce more complexity and reduced benefits.

4. A phased approach with Secure Access Service Edge (SASE) architecture

Moving to a new infrastructure is never an easy process. However, the SASE (Secure Access Service Edge) architecture provides a framework in which you can take a phased approach to implementing a new WAN infrastructure at a pace to suit your business, whether you are migrating from MPLS or have just embraced SD-WAN and are looking to improve application visibility, security and simplify operations and support.  For global organisations especially, SLA-backed private backbones (such as Cato Cloud) provide affordable, reliable and agile alternatives to services offered by telco providers. SASE is definitely worth considering in your move to a new WAN architecture.