Contact Us

Using SD-WAN to Overcome Hybrid Cloud Challenges


Legacy applications, running on timeworn networks and hardware, are usually less effective and secure than up-to-date solutions. They may be unreliable and no longer supported by the original vendor or manufacturer. As many network servers, equipment, applications, databases, and business‑critical software and hardware get closer to their “end of life,” we are seeing enterprises moving these elements from on-premises data center solutions to the cloud.

Depending upon the type of application or service, the shift to Software as a Service (SaaS) applications makes sense given they are feature-rich, widely available, generally cost advantageous, and come with significantly cheaper compute and storage solutions. However, while SaaS is useful for driving business productivity, exponential growth in these SaaS and private cloud applications bring security concerns that are like those associated with the traditional on‑premises network infrastructure.

Public and private cloud services, such as Infrastructure as a Service (IaaS) and SaaS, are also gaining traction as enterprises trade capital expenses for operating expenses (CAPEX for OPEX). These services offer flexibility and scalability. A hybrid cloud solution – with applications deployed both on premises and multiple private clouds – is the most popular approach for enterprises today.

Yet hybrid deployments result in sub-optimal routing practices, such as hairpinning all traffic through the corporate data center, and cause network delays. This is due the conventional router on a Wide Area Network (WAN) being designed to support creation of a Virtual Private Network within the data center architecture, and not being built to support native cloud or hybrid architectures. The delay caused by hairpinning traffic via backhaul can impair application performance, resulting in poor user experiences and lower productivity.

There are some other common challenges enterprises face, including those related to:

  • Extending a distributed WAN with multiple branches to support a hybrid cloud architecture.
  • Protecting IaaS/SaaS traffic over the public Internet.

The only way to deploy a hybrid model with a distributed network and overcome these challenges is with a Software Defined Wide Area Network (SD-WAN). SD-WAN intelligently and dynamically routes traffic based on protocols defined by service type and application priority. That means SD-WAN can choose the best path in real time for mission critical traffic, while less critical traffic travels a different path.

With SD-WAN’s ability to manage branch-to-cloud and branch-to-HQ connectivity, the hairpinning of traffic through a data center is eliminated. Most advanced SD-WAN platforms also support dynamic multi-tunneling to virtual instances on a private cloud to ensure protection and reduce security complexity. Additionally, SD-WAN securely connects enterprise branch sites over any transport, including by Multi‑Protocol Label Switching (MPLS), Internet, or LTE. Centralized orchestration systems enable enterprises to extend their branch WAN to cloud services without any major architectural redesigning.

In the case of SaaS applications (e.g., Office 365, Salesforce, Atlassian, RingCentral), Direct-to-Internet (DIA) access often wreaks havoc with traditional WAN transport. This is seen in packet loss, high jitter, latency, and varying bandwidth availability. Depending on the type of application, these impairments can affect not only application performance, but also productivity and potentially revenue.

One solution is to build geographically distributed Internet breakpoints and optimize traffic until it reaches these Internet Points of Presence (PoPs). Historically, most WAN impairments occur at the last mile. By building a tunnel to local Internet PoPs and exchanges, SD‑WAN protection extends throughout the network. Again, this strategy prevents hairpinning of traffic and added latency.

Progressive SD-WAN vendors, like Hughes, work closely with cloud providers to improve connectivity. For enterprises moving to or operating in a hybrid model, the right SD-WAN solution will deliver simplified connectivity, increased flexibility and greater performance, regardless of how many branches or cloud providers are in the network.