Network Transformation Strategy

How to Migrate From MPLS to SD-WAN $1,999,999.900

AC +/- % ÷
The benefits of SD-WAN are well known, but the transition from MPLS is often unclear. What
specific steps should you consider when migrating from a traditional MPLS network to SD-WAN?
7 8 9 ×
This plan should help. It identifies the issues and options you’ll need to consider when evolving
your network. Gathered are insights from SD-WAN adopters, industry best practices, and our own
4 5 6 -
experiences helping hundreds of enterprises transform their networks.

The plan is divided into five phases: 1 2 3 +

0 . =
1 Migrate locations from MPLS to SD-WAN
Data Traffic

2 Reevaluate your branch security strategy

MPLS

3 Connect the cloud to the SD-WAN

4 Optimize the mobile experience

5 Determine the right SD-WAN management model

1 Migrate locations from MPLS to SD-WAN
Reducing MPLS bandwidth costs and improving agility are often the initial objectives of network transformation initiatives.
Shifting to Internet-based SD-WAN addresses those challenges. To ease that transition, follow these five steps.

Step 1 Step 2 Step 3 Step 4 Step 5

Categorize Your Select the Right Last Decide on Your Engineer End- Procure Your
Locations Mile Middle Mile to-End Network Services
Start your MPLS migration by With sites categorized, map their Whereas the last mile faces Architecture With last and middle mile services
grouping locations by their requirements onto last-mile and challenges of availability and identified, you’re able to determine
Combine middle and last miles
requirements for availability, packet middle-mile service characteristics. packet loss, the sheer length of whether to keep procurement in-
to deliver MPLS-like quality with
loss, and cost. Matching the service quality of MPLS the middle mile makes latency and house or outsource to a last-mile
Internet-like price and agility.
circuits is possible, but requires predictability the major issues. For aggregator who will manage the full
In dealing with hundreds of
understanding where problems those who want to avoid carrier procurement process using specific
customers, Cato Networks has
occur on the Internet and how to lockin, there are two middle mile partnering providers or ISPs around
found that MPLS connections
address them using the magic of choices — the unpredictable public the globe.
can be effectively replaced by a
multipathing. Internet and SLA-backed, global
combination of DIA and broadband
managed backbones.
services in the last mile and a
private backbone in the middle Outsource
mile.

80 100
DIA
40 120

Inhouse
0 140

SPEED
Broadband

Network at the Speed of NOW

How to Migrate From MPLS to SD-WAN Migration 2
2 Transform Branch Security
It’s true that SD-WAN can be adopted without changing a company’s security architecture. But it’s
also true that security operations can be made more effective and efficient when reevaluated in the
context of a WAN transformation initiative.

Step 1 Step 2

Understand the Decide on Your

Problems of Centralizing Approach to Branch
Security with SD-WAN Security
Branch office users require Internet and The current best practice is to eliminate
cloud access — that’s a given. Where you backhaul and provide direct Internet
inspect branch traffic and enforce security breakout at branch locations. Security
policies is the question. Centralizing security becomes a necessity, either by distributing
made security operations more manageable network security appliances across branch
and scalable but adds latency in a cloud- offices or by moving network security into
and Internet-centric organizations the cloud.

Network at the Speed of NOW

How to Migrate From MPLS to SD-WAN Migration 3
3 Connect the Cloud to the SD-WAN
With enterprise resources and applications moving to the cloud, connecting cloud datacenters
(IaaS) or cloud applications (SaaS) to the SD-WAN is only a matter of time. Significant differences
separate how easily and effectively SD-WAN architectures integrate with the cloud.

Step 1 Step 2

Identify the Value of Evaluate the Suitability

Connecting the Cloud to of SD-WAN Solutions for
SD-WAN Connecting to the Cloud
By connecting cloud resources to SD- Key considerations when evaluating SD-WAN
WAN, organizations can reduce the latency suitability for connecting to the cloud involve
and packet loss users experience when deployment difficulty, routing and network
accessing the cloud and, in general, improve optimization, and securing cloud resources.
the user experience. Bringing cloud traffic
onto the SD-WAN also increases IT visibility
into enterprise traffic patterns and extends
security policies to public cloud applications,
such as Dropbox.

Network at the Speed of NOW

How to Migrate From MPLS to SD-WAN Migration 4
4 Optimize the Mobile Experience
As organizations rethink their WAN, they have the opportunity
to easily address another pain point facing networking teams
— mobile access. Mobile performance is undermined in part
by backhauling traffic; security risks are introduced by giving
mobile users unrestricted network access.

To address these problems, look for SD-WAN solutions where

mobile users can connect to any SD-WAN node in order to
access the enterprise network. And with mobile traffic on SD-
WAN, IT gains a “single pane of glass” into all enterprise traffic
plus the ability to define a single set of security policies for all
users regardless of location.

Network at the Speed of NOW

How to Migrate From MPLS to SD-WAN Migration 5
5 Determine the Right SD-WAN Management Model
Having identified the scope and considerations of WAN transformation, you’re in a position to evaluate SD-WAN options. There
are two ways of implementing SD-WAN, appliances or services. There are four ways of managing SD-WAN solutions — do-it-
yourself (DIY), fully managed, self-service and co-managed. The approaches differ in the degree of responsibility enterprises
and service providers assume for continuous monitoring, infrastructure maintenance, and change management. The four
management models are:

Do-it-yourself (DIY) Fully Managed Services Self-service Co-managed Services

Has long been the approach enterprises The traditional management approach Is very similar to how enterprises manage Split the responsibility for managing the
chose when purchasing and deploying for infrastructure services where the their instances in cloud datacenter services network between the enterprise and the
appliances themselves. The enterprise provider is fully responsible for all aspects such as Amazon AWS. With self-service, service provider. The enterprise can make
assumes the responsibility for the ongoing of this service. For example, with a fully enterprises fully control their SD-WAN, MACs for SD-WAN services but generally not
monitoring of the SD-WAN, any SD-WAN managed MPLS service, providers monitors making any MACs themselves. Both the security-related changes, such as updating
changes, and maintaining the underlying the customer’s MPLS implementation enterprise and the provider continuously security policies or other non-connectivity
infrastructure, such as the SD-WAN (continuous monitoring), maintain the monitor the enterprise’s SD-WAN instance. aspects of the service. The enterprise is also
appliances, routers, or data centers. underlying MPLS switches and connecting The provider, though, is solely responsible forced to pay a premium, as the provider must
capacity (infrastructure maintenance), for managing the infrastructure shared handle continuous monitoring. The provider
and fulfill any MAC requests (change among its customers. is once again responsible for infrastructure
management). maintenance.

Network at the Speed of NOW

How to Migrate From MPLS to SD-WAN Migration 6
The Cato Approach
Cato, the cloud-native carrier, provides the only secure managed SD-WAN
service built with the global reach, self-service, and agility of the cloud. Cato
replaces MPLS and multiple networking and security point solutions with
a converged WAN transformation platform built for the digital business.
Using Cato, customers easily migrate from MPLS to SD-WAN, improve
global connectivity to on-premises and cloud applications, enable secure
branch Internet access everywhere, and securely and optimally integrate
cloud datacenters and mobile users into the network.

To learn more visit our website at

www.CatoNetworks.com
or contact us for a short and enlightening demo

Contact us