Multiprotocol Label Switching (MPLS) has been widely deployed across commercial and government networks over the past 25 years. However, the time has come for many organizations to consider evolving their networks from MPLS to SD-WAN for cost-savings, agility and scalability, especially when considering cloud deployments and increasing demand for heightened network security.
MPLS Amid a Changing Enterprise Environment
While many assume that encryption or additional security measures aren’t necessary with MPLS, today’s enterprise environment differs dramatically from that of 25 years ago. In the late 1990s, remote workers, cloud-based applications, and software as a service (SaaS) didn’t exist (or at least not in their current form!). Operations and technologies have moved far beyond what MPLS was designed to support, and workarounds to its limitations often inject performance inefficiencies and other security challenges. Not only have technologies evolved, security practices and protocols have, too.
Because MPLS depends on predetermined routes that need to be designed and provisioned by knowledgeable network engineers, deploying or even making changes to the network calls for significant expertise and effort. As a result, any small change to the MPLS network and its security requires coordination between telecom operators and IT teams. If that doesn’t happen, security vulnerabilities can be exposed, and overall risk levels rise.
Unfortunately, applying cloud security to MPLS doesn’t solve the issue. One of the advantages of MPLS is its efficient point-to-point architecture. By forcing an MPLS network to route to a cloud security provider, traffic flows outside the network, adding extra destinations (hops) and latency into the path; all negating point-to-point efficiencies.
Similarly, Zero Trust Network Access (ZTNA) or two-factor authentication must be validated elsewhere, like at a data center or Cloud Access Security Broker (CASB), again nullifying the advantages of an MPLS network. Here too, this routing of traffic outside the point-to-point MPLS network requires extra steps (or hops) and increases network complexity and latency—in many cases, to a greater degree than in an IP-based network optimized for this type of multi-hop approach. Consequently, MPLS networks underperform compared to IP-based networks when connecting remote users and cloud services. They also run counter to efforts by Hughes and other industry leaders to simplify networks and make them more flexible and agile.
A Hybrid Approach to the MPLS-to-SD-WAN Transition
Given the challenges of securely connecting remote users and cloud services via MPLS and its higher costs, does it make strategic sense for an enterprise to transition away from its MPLS network? Eventually, yes. For the short term, however, many organizations will choose a hybrid approach with a combination of MPLS and broadband.
A Software-Defined Wide Area Network (SD-WAN) is transport agnostic and can be deployed to manage multiple types of connections, including MPLS, broadband, LTE and others. Further, SD-WAN is designed to allow centralized management, allowing network policies to be easily applied across all WAN devices, creating network agility and simplifying operations. It supports applications hosted in data centers, public and private clouds, and SaaS services like Salesforce.com, Workday, Office 365 and Dropbox. SD-WAN routes application traffic over the best path in real time, improving user experiences.
Succeeding with a hybrid strategy hinges on understanding how and where to leverage the MPLS network’s advantages versus the cloud-enabled SD-WAN solution’s benefits. For example, an organization may choose MPLS to connect multiple data centers or to support applications and traffic volume served exclusively from one data center, while using SD-WAN to serve branch location traffic going to the internet or cloud services more efficiently. This is ideal for sectors such as healthcare and banking, which will likely always have justification for private circuits. Of course, organizations that don’t require the advantages of MPLS can move confidently to a lower cost, more agile, and more capable SD-WAN network.
Eventually, MPLS usage will shrink as SD-WAN capabilities fill the gaps. In fact, we already see this across our customers. But there’s no pressing need to choose SD-WAN over MPLS or to view it as an either/or proposition. MPLS will be with us for many more years. The key action is to assess your network needs, determine whether a hybrid approach fits, and develop a strategy for which sites and technologies should be supported by MPLS and which are better suited to SD-WAN. Then, as technology evolves and MPLS becomes less critical, your enterprise will be firmly positioned on the path to digital transformation.
For more information about MPLS and SD-WAN, download our eBook here.