Streamline Your Network with SD-WAN

In our ever faster moving world of interconnectivity of everything and the all-encompassing digitalization and automation of workflows and business processes, we expect IT networks to follow suit. However, traditional networks are increasingly struggling to meet these expectations. Their complexity demands a considerable level of expert knowledge and effort to integrate new devices or locations, which makes changes to networks a costly and time-consuming exercise for businesses of all sizes.

As a result, there has been a major revolution in the way enterprise networks are set-up, rolled-out, and managed. What used to be manual tasks of the initial deployment, configuration and the ongoing maintenance of a network have largely been replaced by highly automated processes that put even the most complex and widespread networks into operation with just a few clicks of the mouse.

The digital world in a smartphone.

A New Concept

The magic behind this is called software-defined networking (SDN). It is a concept where a central software solution – often cloud-based – eliminates the need for manual configuration by providing highly automated network provisioning. SDN, therefore, can help businesses to save costs and become considerably more agile – a key element in staying competitive. Today, SDN comes in many different flavors: for wide-area networks (SD-WAN), for local-area networks (SD-LAN) and Wi-Fi (SD-WLAN).

Businesses will certainly benefit most from deploying SDN across the entire network, including their gateways, routers, switches and WLAN access points. However, only partial deployments of software-defined technologies – such as in the WAN, LAN or WLAN – also bring a genuine boost to productivity and agility, while simultaneously cutting operational costs to a minimum.

The most obvious example is wide-area networking (WAN), in particular in organizations with numerous offices and locations, which may even be spread around the world. No wonder that analyst firms like IDC expect the SD-WAN market to virtually explode over the next few years.

What makes the Difference

To begin with, a classical wide-area network (WAN) is defined as a geographically distributed private telecommunications network that (inter)connects multiple local-area networks (LANs). Within a company or enterprise, a WAN can consist of connections to the company’s headquarters, its dedicated branch offices, server-hosting facilities, and connections to their cloud service providers as well as to other facilities belonging to the company.

Conventional WANs make use of either multiprotocol label switching (MPLS) or virtual private networks (VPN). While the first is a rather expensive – yet very reliable – service provided by telcos, the much cheaper and flexible VPNs can be either run by the companies themselves, or by trusted IT service partners.

But VPNs have a downside: their complexity: The installation, configuration, and monitoring of classical VPNs requires a dedicated team of IT admins, who have to configure and manage all of the devices – be they distributed VPN routers or central-site gateways – either manually or with the help of management tools.

SD-WAN brings the benefits of these two worlds together – and puts additional cherries on top. It combines the reliability of MPLS networks with the financial advantages of VPNs using cheap landline or mobile connections – further adding ease-of-use, agility, visibility and an extra layer of security and control.

SD-WAN, therefore, allows IT administrators to either replace costly MPLS infrastructures – so shifting data transmission to cheaper Internet connections such as DSL or fiber – or to significantly optimize existing VPN infrastructures. The flexible nature of an SD-WAN also enables organizations to reduce resource over-provisioning and eliminate travel costs for on-site technicians, which in turn can further reduce operational WAN costs (OPEX).

However, cost savings are certainly not the only value proposition of SD-WAN.

A Long List of Benefits

The traditional way of configuring a VPN, with its demanding security architectures and multi-site nature, is time consuming and error prone. With SD-WAN, VPNs are set-up and managed centrally and independently of time and location with just of few clicks of the mouse – allowing organizations to erase geographic boundaries and to make changes to their VPNs whenever they want.

New offices, for example, are added to the WAN in an instant without the need of an on-site technician. All it takes is to ship the required router to the location and plug it in – a task that can be done by just about anyone having the time. The router auto-discovers itself on the network, downloads the configuration and becomes instantly operational by zero-touch deployment. A considerable plus to agility.

SD-WANs, though, also bring more security. Firstly, they allow even the most complex scenarios (e. g. with network virtualization and back-up scenarios) to be rolled-out without error-prone human intervention – thus eliminating one of the most crucial security threats. In addition, they lay the foundation for 24/7 monitoring of the entire VPN, ensuring highest-possible availability and transparency.

This is achieved by separating management (control plane) and data (data plane). The control plane is outsourced to a cloud-based software system which ensures 24/7 monitoring as well as central access and adjustment via device information and availability of the connections. Network errors and their respective causes are quickly detected and can proactively and immediately be taken care of. This means that the status of all managed devices is monitored at all times and even local configuration changes are logged historically – and thus thoroughly documented.

With SD-WAN, the monitoring and management of networks and its traffic shifts from physical devices to an application. This is why SDN technology can demonstrate its full potential in terms of flexibility and agility. The intelligence is abstracted to a virtual overlay. This ensures secure separation of private and public WAN connections, for instance.


While SD-WAN in itself is a highly compelling technology, it is important to take a closer look at the nature of an SD-WAN solution before making a choice.

Contrary to most vendors on the market, LANCOM has chosen a very specific approach to SDN. Firstly, we have integrated SD-WAN, SD-LAN and SD-WLAN into a single cloud platform. The LANCOM Management Cloud (LMC) is the world’s first hyper-integrated network management solution, allowing organizations to benefit from SDN functionalities across the entire network if they wish – even including complex VLAN architectures spanning all locations and devices (routers, gateways, switches, access points).


Secondly, we stick to our mantra of giving our customers choice and of protecting their investments: With one and the same hardware basis, they can either follow the traditional VPN path or move to SD-WAN instead. This allows organizations to choose whether they want to follow the route to a software-defined world now, or at some later stage in the future. No matter how they decide: they do not run the risk of losing costly investments in hardware. Even hundreds of thousands of routers currently in the field can be made “cloud-ready”. All it takes is a simple software update.

Thirdly, we take IT security and data protection concerns very seriously. While the public version of the LANCOM Management Cloud is hosted in a data center based in Germany, businesses – and also system integrators – may also choose to run their own, private instance of the LMC in their own data centers.

More information on our SD-WAN approach and the LANCOM Management Cloud can be found on the LANCOM website:

No Comments Yet

Leave a Reply

Your email address will not be published. Required fields are marked *

When you leave a comment, the system automatically stores the following data:

    • your name or your pseudonym (mandatory information / will be published)
    • your e-mail address (mandatory / will not be published)
    • your IP address (the IP address will be deleted automatically after 60 days)
    • date and time of the comment submitted
    • a website (optional)
    • your comment text and personal data contained therein
    • I also agree that all personal data entered together with my IP address will only be checked and stored by the Akismet spam filter in the USA for the purpose of spam prevention. Further information on Akismet and revocation options can be found here.