SD-WAN implementation that brought 40% savings on WAN operational costs
When the efficiency of the company’s applications and employees rely on network connectivity in their professional activities, a reliable and fast network between the company’s locations is fundamental for each organization.
Now, WAN and Internet links in each location are 5 to 10 times faster than before the migration to SD-WAN. This increase in available bandwidth is inversely proportional to the links’ cost, which has decreased by around 40%.
Marcin Jaźwiec, Pfeifer & Langen Polska, IT Manager
One of the largest sugar manufacturers in Europe, Pfeifer & Langen Polska S.A., was struggling with low application performance, insufficient backups duration, and poor Internet access quality when its wide area network (WAN) was based on slow MPLS IP VPN links. Despite the slow link rates, the costs of the WAN services were high.
Therefore, our goal was to increase the reliability of the network, improve the quality of connections, and become independent from expensive operators who did not allow the client to directly view the parameters of the links used.
The difficulty was the fact that due to the 24/7 production, all implementation works were to be designed so as not to affect the continuity of the WAN network operation, and thus the continuity of production.
Customer
Services
Products
5-10 times faster links
Operational costs were reduced by 40%
A central management point – vManage
Independence of telecom operators
Efficient backup process
Issue visibility
After a detailed analysis of the client’s requirements and challenges, we proposed migrating the existing network to the SD-WAN solution, which is the implementation of the SDN – Software Defined Networking concept.
It was a bold move because SD-WAN is a completely new approach to wide-area networks. However, there were strong arguments behind the step.
In SD-WAN solutions, we are talking about separating the logic layer from the management layer (Control Plane and Data Plane) while ensuring strong data encryption algorithms.
Software-defined WAN enables data transport based on traffic policies defined within the organization, and not imposed by the service provider, as in the case of MPLS.
In addition, the SD-WAN network allows the use of multiple links in parallel, and thus the use of bandwidth that the organization pays for anyway.
Some may consider that only the provider’s provision of classic QoS (based on DSCP) on the entire dedicated link is a guarantee of traffic quality. There is something about it. SD-WAN comes from a different premise.
Namely, SD-WAN uses multiple connections to the Internet and determines the requirements and preferred paths for each application. If the quality of a specific path is degraded and its parameters fall below the assumed level, traffic from the application is redirected to the next available path. This approach to ensuring the quality of work with end-to-end applications is called Quality of Experience.
It is worth mentioning that the quality, bandwidth and availability of modern Internet connections is better than ever and meets the high requirements of most companies regarding the quality of the wide area network. In addition, thanks to the Overlay layer, SD-WAN can use various links and transmission types, and thus is not limited to one telecommunications operator.
The entire infrastructure is managed by central controllers, thanks to which devices are configured in accordance with established policies, secured, and routing is consistent within the entire SD-WAN structure.
Organizations are increasingly looking towards cloud solutions. For this reason, it is worth using solutions that ensure the connection of the corporate network with the cloud environment. SD-WAN allows you to be ready for the cloud with vEdge routers that can be used as virtual instances within the cloud provider’s infrastructure, thus connecting SD-WAN and cloud services.
One of Pfeifer & Langen’s stated goals was to maintain WAN continuity during the transition to SD-WAN. It was the starting point for the migration process. To ensure the most gentle transition to the new network, we planned the migration for as many as 3 months, during which we added new Internet connections from the new provider in individual locations. At the same time, we made sure to maintain both old and new tracks and avoid loops.
The dynamic protocol in the WAN locations between the MPLS CE routers and the client’s core devices was EIGRP.
Cisco SD-WAN (formerly Viptela) supports OSPF and BGP on the VPN side. Due to the scalability and pace of convergence, we chose OSPF as the new Interior Gateway Protocol. The new protocol had to be introduced while we still supported current communication over MPLS.
The migration assumed the provisioning of Cisco vEdge and cEdge C1100 cloud routers, their integration within the existing topology and configuration without generating interruptions.
We used Cisco ASA Firepower security to secure local connections to the Internet. Each local ASA was then a primary Internet Gateway for a local site. In the event of a failure, traffic was to be redirected through a central SD-WAN location. For this purpose, we configured a traffic filtering policy between OSPF and OMP (Overlay Management Protocol) in SD-WAN as the central policy.
After migrating all locations, we made sure that the network works as intended, devices are visible in the vManage console, and the quality of application traffic has increased.
SD-WAN gave us flexibility and arguments in negotiations with service providers. When a provider does not meet our expectations, we can look for an alternate one, without impacting the WAN infrastructure, because SD-WAN is a network completely managed by us, and it is independent of service providers.
Marcin Jaźwiec, Pfeifer & Langen Polska, IT Manager
Get in touch with our engineers for an online consultation to analyze your technical environment and use cases.
Marcin Biały
Advisory Architect, Grandmetric
CCSI#35269