What are the Pros and Cons of SD-WAN?
The balance between these factors depends on your organisation's existing WAN infrastructure, site count, and security requirements. Use the Netify SD-WAN marketplace to compare vendor proposals side by side before committing to a platform.
| Pros | Cons |
| - 50-70% cost reduction vs MPLS | - Performance depends on internet quality |
| - Deploy new sites in days (not months) | - Security requires SASE/SSE add-on for most vendors |
| - Application-aware traffic management | - Vendor lock-in risk (proprietary overlays) |
| - Built-in redundancy (multi-link) | - Complexity managing multiple underlay ISPs |
| - Cloud-native connectivity (direct breakout) | - Hidden licensing costs for advanced features |
| - Centralised visibility and control | - Requires network team reskilling |
| - Transport-agnostic (broadband, 4G, MPLS) | - Rural UK broadband quality limitations |
Looking to build your SD-WAN RFI? Why not give the Netify free SD-WAN RFI builder a go today?
The buzz around WAN technologies
If you’ve been working in the industry for a period of time, you’ll remember how MPLS was labeled (forgive the pun) as the savior of networking, replacing IPSec, Frame Relay and ATM networking.
On the subject of marketing hype, I’ll refrain from mentioning the service provider in question, but I recall a particular ‘large telco’ pushing MPLS as a serious alternative to their Frame and ATM network. Unfortunately, for their customers, the providers MPLS network consisted of nothing more than a single Provider Edge (PE) located in London.
The lesson? Forcing service provider transparency when dealing with hype was important back then as it is today.
Have a search on ‘death of MPLS' for multiple examples of hype from certain providers pushing a single technology.
Is there confusion around the benefits of SD-WAN?
It looks very much as if the industry has forgotten the original vision of SD-WAN services. An application based technology with the ability to interface with whatever connection type is required for a given need. While there are SD-WAN providers pursuing the original vision, the majority are pushing SD-WAN as the Internet VPN version 2.
The main reason why the marketing of cost reduction is so prevalent surrounds the use of low-cost Internet connectivity. At a high level, the thought process encompasses leveraging the lowest cost Internet provider in any given area with SD-WAN technology sorting out any connectivity problems.
The laws of physics apply, and even with clever packet inspection and prioritisation, traffic must still receive good latency and jitter in order to perform well for the long term.
The majority of Network Union clients operate hybrid networks; ensuring the right technology applies vs. specific requirements. The needs of most corporate WAN services do not meet one particular technology; many are made up of layer 3 MPLS, layer 2 VPLS / VLL, simple IPSec VPN and of course, SD-WAN.
True Software deployments can terminate ANY connectivity type.
How does QoS compare, SD-WAN vs. MPLS?
When deploying missing critical, delay sensitive services there is a need to offer your business peers the confidence that the said services will perform. SD-WAN services meet the need to service applications via granular identification of traffic (think packet inspection) with the ability to sense network conditions.
The SD-WAN traffic treatment feature set has evolved the capability of standard Layer 3 MPLS QoS which normally offers the following service provider configuration.
- EF - Expedited Forwarding
- AF - Assured Forwarding
- Be - Best Effort
However, the fundamental benefit of private MPLS and VPLS remains: End to End QoS across tail circuit and network provider infrastructure.
And this is perhaps why most networks end up as a hybrid of WAN connectivity. Where core high performance office to office network connectivity is required, end to end QoS provided by MPLS is perhaps the optimum route. However, for smaller branch offices or remote users, SD-WAN offers up the ability to make the most of whatever connection is presented.
The QoS discussion is further complicated when dealing with the Global Enterprise. In many instances, Global connectivity is often on the borderline of the required latency for Voice and Video. Therefore, adopting a provider agnostic SD-WAN approach or even using a single public IP backbone may not provide the required infrastructure to confidently support delay sensitive traffic.
With the above said, many Enterprises are adopting single Internet providers with the confidence that the ISP network is well scaled and engineered. We would keep an open mind, every design is different and should be based on transparency of provider infrastructure performance.
The Pros and Cons of SD-WAN Security
The lines are becoming a little blurred on this subject of SD-WAN vs. any connectivity type or services due to the necessity to support both public and private Cloud infrastructure on public and private networks.
Security is becoming the most discussed topic at almost all of our workshops and customer meetings regardless of WAN type. The reason is fairly straight forward, cybercrime is here and growing in sophistication thus creating a serious potential impact on businesses.
DDOS (Distributed Denial of Service) is becoming ever more sophisticated with IP enabled devices high jacked due to their low onboard security.
Where once MPLS was deemed private and therefore no added security was required, today we’re seeing the deployment of devices such as Meraki (with an SD-WAN feature set) to terminate the edge of both public and private connections.
Overall, private WAN services clearly offer an edge when discussing security as the network is ‘virtually private’ but today there is almost no secure network. Our advice is to budget for both security advice and the best possible feature set to protect your enterprise against threats.
The major pro for SD-WAN is in the sophistication of the single deployment security platform which offers up variable protection vs. connection type and location. As an example, a user working abroad from a coffee shop via their BYoD(Bring Your own Device) will adhere to policies which are more stringent vs. the user based in the office location.
SD-WAN in a Virtualised world?
Direct access to cloud connectivity isn’t quite supported by every vendor.. just yet.
However, we are approaching a world where software feature sets are available as virtualised instances. It is almost the default option to move services to cloud infrastructure but today we are still in the mode of providing hardware-based devices for HQ and large branch office infrastructure. Perhaps in 10 or 20 years, we’ll see a global wireless network where companies no longer wait for physical 100Mbps or 1Gbps Ethernet but simply consume as required.
One of the pros for SD-WAN is the ‘software based’ element which is very much in line with both current and future thinking. There are vendors offering cloud based virtualised networking services accessible via an application - there’s not only a clear cost benefit but the approach is right in line with the original SDN (Software Defined Networking)
I cannot underestimate the pros of SD-WAN virtual instances. Of course, cost and management are up there in terms of benefits but so is provider migration. The majority of customer frustration and dissatisfaction with their service provider surrounds managed services.
How does SD-WAN help?
If your connectivity is based on public Internet there is no need to change your service provider, you simply move your virtualised SD-WAN instance to the new software WAN provider of choice. No longer do you need to migrate your MPLS circuit away with your managed service, your business is positioned to only remove the element which isn’t working.
One of the reasons why companies choose not to move service provider is directly attributed to the issue of moving physical circuits and hardware. SD-WAN removes the majority of these provider migration issues.
The ability to achieve ease of migration is dependent on using public Internet connectivity.
To conclude - Evolution of the WAN
The Pros of SD-WAN are very much in the arena of single device or cloud instance to support whatever connectivity your business requires. Whether users are location at the HQ or staff are working from home / wireless coffee shop, SD-WAN will support from a security perspective and has the capability to identify your connectivity performance. The result, where possible, provides an operating environment for even the lowliest service.
Further Pros include granular local QoS together with networking feature sets that are growing in sophistication driven by software based production and design methodologies.
The cost savings are driven by largely by leveraging low cost ISP connectivity on a UK or Global basis. The recommendation (at least our thought process demands this) is to use a single ISP backbone for key HQ and branch office connectivity to ensure the best possible latency and jitter resulting in acceptable data performance.
Where single ISP reach isn’t possible, multiple backbones are clearly the second choice but careful examination of SLA performance is critical.
As with every networking technology, SD-WAN does have Pros and Cons. The service should form a component of your WAN depending on specific requirements. In most instances, networking is rarely one single solution. With this said, SD-WAN looks to be attempting a take-over to become the key component of hybrid networking.
There is no doubt, Cloud, Unified Comms (think SIP and VoIP), Security, Remote Access, BYoD all demand careful consideration. To further compound the challenge, IT teams are being asked to save money at the same time as delivering automated, on-demand application delivery.
One thing is for sure, SD-WAN accomplishes business objectives by bundling capability into a single device or virtualised instance. The technology is fundamentally designed to offer a complete end to end solution for the WAN.
As new applications are deployed, the centralised policies which exist are designed to provide not only the appropriate traffic treatment (QoS) but also security and user profile restrictions. The overall benefit is to reduce network complexity in a world where applications are actually becoming ever more sophisticated.
The Internet is perhaps the main 'discussed topic' when considering SD-WAN services as we’re all conditioned to expect variable performance.
However, to re-iterate again, using a single ISP backbone is a vastly different proposition compared to multiple ISP connectivity. With this in mind, readers are advised to consider providers offering single backbone infrastructure.
Robert Sturt is a leading expert in SD-WAN and enterprise network solutions with extensive experience in telecommunications and network infrastructure. As a Forbes Business Council member and contributor to TechTarget, he provides strategic insights on network transformation and digital connectivity solutions. His expertise spans SD-WAN implementation, network security, and enterprise digital transformation initiatives.
Fact-checked by: Harry Yelland - Cybersecurity Writer, Netify
Frequently Asked Questions
What are the advantages of SD-WAN?
- Cost reduction: Replacing MPLS with broadband underlay typically reduces WAN spend by 50-70%, with organisations running 10 or more sites seeing the strongest savings.
- Rapid deployment: Zero-touch provisioning means new sites can go live in days rather than the weeks or months required for MPLS circuit provisioning.
- Application-aware routing: SD-WAN identifies and prioritises traffic by application type, ensuring business-critical tools such as Microsoft Teams and SAP receive preferential treatment over lower-priority traffic.
- Transport agnosticism: A single SD-WAN overlay can bond and manage diverse underlay connections including broadband, 4G/5G, MPLS, and satellite, giving organisations flexibility in how they source connectivity.
- Centralised management: A cloud-based controller provides a single pane of glass for policy deployment, visibility, and troubleshooting across all sites, reducing the operational burden on network teams.
What are the disadvantages of SD-WAN?
- Internet dependency: Most SD-WAN deployments rely on public internet as the primary underlay, which means end-to-end QoS cannot be guaranteed in the way it can with private MPLS circuits.
- Security gaps: Standalone SD-WAN does not provide enterprise-grade security; organisations typically need to add a SASE or SSE layer for firewall-as-a-service, CASB, and Zero Trust network access.
- Vendor lock-in: Proprietary overlay protocols and management planes make it difficult to switch vendors mid-contract, and not all vendors support multi-vendor interoperability.
- Hidden costs: Licensing for advanced features such as application intelligence, cloud gateways, and security add-ons can significantly increase the total cost of ownership beyond the base platform price.
- Reskilling requirements: Teams accustomed to managing traditional MPLS and router-based networks need training on SD-WAN platforms, overlay networking concepts, and cloud integration patterns.
Is SD-WAN worth it?
For most UK organisations with 3 or more sites, SD-WAN delivers meaningful cost savings and operational improvements. Netify marketplace data shows that organisations with 10 or more sites typically save 30-50% on WAN costs after migrating from MPLS to SD-WAN. However, savings depend on current MPLS contract terms and available broadband infrastructure at each site.