Co-managed SD-WAN: IT decision makers are leaning in but how do you get the best of both worlds?
The need for a virtual workforce is forcing many leaders to rethink their IT operations, and for SD-WAN adopters this has many considering more managed and co-managed services. But why does the work-from-anywhere strategy require more support, and what’s the difference between a managed SD-WAN service and a co-managed service? This article explores SD-WAN management in response to the pandemic, showing you how to use co-managed models to get the best of both worlds.
IT is being restructured under the pressures of remote work
The COVID-19 pandemic is having a significant impact on IT departments. An increased number of help requests coming from employees at home must be addressed. Secure remote access and VPNs now need to be cost effective and reliable for the long term. Security is a bigger and more urgent issue with remote employees connecting at-home devices.
Ultimately, today’s work-from-anywhere model is stimulating a restructuring of IT operations that is changing the way business gets done. This is particularly the case as IT leaders implement SD-WAN to assist with their work-from-home strategy.
SD-WAN offers advantages such as applying SD-branch approaches to the virtual workforce and easing the IT burdens of remote connectivity, security, and performance for bandwidth-hungry video conferencing applications. But SD-WAN isn’t a plug-and-play technology–it requires ongoing updates and management. Under the new pressures of remote work, IT leaders are thinking long and hard about who should take on the responsibilities required with any deployment. That’s because SD-WAN can entail:
- broadband service procurement, link procurement and installation
- 24/7 service monitoring and optimization with ongoing policy management
- hardware updates and upgrades
- service troubleshooting and training for the IT team
- security, which requires more resources and specialized knowledge
Companies are leaning more heavily on SD-WAN services
Leaders are more cognizant of the fact that SD-WAN benefits shouldn’t outstrip the experts needed to administer it. Cost savings can be eroded when complexity and ongoing management adds too heavily to the ROI equation.
Those that have in-house expertise are naturally immune, as they are more likely to have the required resources available. These companies were largely the early adopters of the do-it-yourself (DIY) solutions, where devices were installed without regard for service guarantees and SLAs. But this is not the case for everyone. Today, remote workers or even branch offices typically lack the needed knowledge, expertise, and resources for ongoing operational management. This also helps explain why the tables are now turning.
Two dynamics are coming together. SD-WAN is reaching mainstream adoption where enterprises are more dependent on providers for assistance. Meanwhile, IT teams are busy serving the new needs of the enterprise–COVID-19. All of this makes IT leaders opt for more service packages. Survey data from major analyst firms demonstrate this recent tipping of the scales.
- Nemertes Research shows adoption of managed services rose from 8% in 2017 to 49.5% in 2020 — check out the infographic
- Other results from the IDG 2020 SD-WAN Market Trends survey show that 75% of SD-WAN users are using a managed or co-managed model.
- Research from Omdia shows 98% of SD-WAN adopters are using external parties at least somewhere along their journey, with 59% of them asking providers to help manage security, 53% asking for help managing network policies, and 46% asking for help with solution access, design, and installation. Watch the Omdia webinar “Digital Transformation Outlook”
In making the choice to adopt a managed service, most IT leaders are reluctant to outsource SD-WAN completely–only desiring selective service, according to Omdia. Providers have responded, adding co-managed services to their portfolios. Here’s what this “middle” option means for IT leaders, and how to get the best of this hybrid model.
Can you really have the best of both worlds? Co-managed “gotchas”
It helps to first explain, what is co-managed SD-WAN? A co-managed model is a shared responsibility arrangement, creating balance where businesses benefit from distancing themselves from the administration and complexity while still retaining control over the network service. Advances in SD-WAN specifically allow for this balance, namely centralized management capabilities, cloud-based SDWaaS (SD-WAN as a Service), and online consoles. As a turnkey alternative to the DIY approach, this model decreases the burdens of SD-WAN setup and network performance management without eradicating the client’s loss of control–all at an extra cost of course. (See a direct comparison of solutions in the chart at the end of this article.)
In shared models, companies no longer face the binary choice between a fully managed service and DIY, where cost and control have traditionally been pitted against each other. Thus, the co-managed decision may feel like a no-brainer. However, truly getting the best of both worlds takes careful consideration in the areas of agility, flexibility, and security. Buyer beware.
Your network freedom depends on their solution flexibility
Beware of SD-WAN providers that simply add a high price tag for their service–when in fact–that service only limits your IT freedom. These services might lock you into specific networks, connectivity types, and internet service providers. In today’s fast-paced, fast-changing world, IT leaders favor more flexibility and choice. Ask these questions:
- Transport agnostic: Can you mix and match network connectivity types, including public internet (broadband), direct internet access, wireless or 5G, and private SD-network service?
- ISP agnostic: Which last mile internet services providers (ISPs) can you work with? Are you limited to only the SD-WAN provider’s list or can you bring your own broadband?
- Network agnostic: Can you work with your own existing private/MPLS network, overlaying SD-WAN and public internet services on top, in an “over the top” strategy? Some “in-net” solutions require the client to tie the SD-WAN functionality to the provider’s own network backbone or service cloud, which potentially limits your design options. With in-net solutions, the provider’s network acts as the foundational platform for your capabilities, so you should explore the underlying architecture. Platforms standardized on software-defined infrastructures will allow for more agility and flexibility.
Your speed-of-change rides on their responsiveness
Understand specifically what service controls you have and which tasks require a service ticket. Tickets can take days or weeks, slowing your speed-to-change. Your provider’s mean time to responsiveness is critical, as are on-demand service controls and real-time performance visibility for each individual application. Ensure you have direct control over the services you change the most, and understand who will serve requirements that fall outside your control and how fast they can execute.
- Does the provider own and operate their own NOC 24/7 or do they outsource?
- How will you be able to track and view the progress of any tickets?
- Are the controls your IT team will use all the same controls the provider’s NOC uses?
- Do you have access to all those controls or only a portion of them?
- Do you have visibility of elements you can’t directly control?
- How does the provider measure customer service and what is their customer experience reputation?
Your security simplicity also depends on their capabilities
Security is now part of the SD-WAN infrastructure with firewalls as embedded features and a variety of ancillary security functions built into today’s solutions. This can be extremely valuable for companies seeking to reduce IT complexity, outsource, and reduce the security “noise” of firewall alert management. When every organization wants to leverage the cost benefits of the public internet, firewalls are must–which in turn make unified threat management and SOC response teams a requirement as well. Evaluate your provider’s security maturity and how they will help you expand your coverage. Take into consideration these security functions:
- Next-gen firewalls, cloud firewalls (Firewall as a service FWaaS) and your options when it comes to putting firewalls on-premise or in the cloud
- Cloud security, cloud workload protection, and Cloud access security broker (CASB)
- Network visibility including identity-based WAN analytics and shadow IT discovery
- Secure web gateways
- SOC services for unified threat management and incident response
- Security analytics available inside the SD-WAN management portal
At the end of the day, a co-managed model is a great way to modernize legacy IT infrastructure, gaining the advantages while still freeing your IT resources. A detailed, pragmatic approach is required when it comes to understanding who does what and how your partner is set up to execute on your needs. Masergy’s co-managed SD-WAN service model helps explain how to succeed with shared responsibilities.
Fully Managed vs. Co-Managed: Who does what?
While specifics may vary across providers, here’s the approach Masergy takes.
|Fully Managed Solution: Provider does it all, but you still get some control||Co-managed Solution: Shared responsibilities|
|Configuration||Provider||Client: You customize standard firewall rules and other security policy configurations using the portal|
|Network management and monitoring||Provider||Provider: End-to-end management and monitoring is provided, but the service may vary when public internet connectivity is deployed
• When clients bring their own ISPs for connectivity (using an “over the top” solution), then Masergy manages and monitors the SD-WAN equipment only
• When clients use Masergy-provided ISPs for connectivity, Masergy provides end-to-end management and monitoring
|Policy management: Business policy, firewall policy, security profiles||Provider and/or Client: Portal allows client to make on-demand modifications, alternatively client can call Masergy NOC||Client: You customize standard configurations using the portal and manage them on an ongoing basis|
|Incident resolution||Provider: All break-fix performed by Masergy NOC||Shared: Clients are responsible for any break/fix related to Layers 4-7 of the OSI network model while Masergy is responsible for Layers 1-3|
|Moves, adds, changes, deletes (MACDs)||Provider and/or Client: Portal allows client to make on-demand modifications, alternatively client can call Masergy NOC||Shared: Client is responsible for all MACDs pertaining to Layers 4-7 of the OSI network model while Masergy is responsible for Layers 1-3|
Interested in learning more about SD-WAN?
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.
How does Cloud Access Security Broker (CASB) fit into the SASE paradigm?
CASB serves as of one of SASE’s fundamental purposes. Here’s how it works within a SASE framework to mitigate security risks.
SASE from Masergy: Best-of-breed technologies, broad choices, and security that goes beyond SASE
Here’s a look at Masergy’s approach to SASE, the enhancements we have made, and how we’re leaning into network-security convergence.
Masergy Strengthens Its SD-WAN Secure Solution with Deeper SASE Capabilities
Masergy, the software-defined network and cloud platform for the digital enterprise, announced that it is strengthening its SD-WAN Secure solution to offer Secure Access Service Edge (SASE) capabilities
Masergy Receives Frost & Sullivan Technology Innovation Leadership Award for Managed SD-WAN Solution with AIOps
Masergy Named Most Innovative Managed SD-WAN Service Provider by Frost & Sullivan
What lies beyond SASE?
Do SASE solutions reach far enough? Here’s a look at what’s inside the SASE framework today, and where it could go in the future.
The permanency of remote healthcare calls for UCaaS + SD‑WAN + Security
Healthcare IT leaders are reducing the complexity of digital transformation by addressing UC, the network, and security in one unified strategy.
Can I skip SD-WAN and jump straight to SASE?
Want to switch from SD-WAN to SASE midstream? These RFP questions can help you roll your IT modernization project into a larger investment.
The future of the network is autonomous: WFH strategies prepare for self-driving networks
While IT leaders are enabling the remote workforce, they are also building an autonomous network. Leverage your investments today for innovation tomorrow.
What are the benefits of SASE?
Why do businesses need SASE and more importantly does it help with work from home? Here’s how SASE solutions deliver real value.
Masergy Launches SD-WAN Work From Anywhere Solutions
Masergy Launches SD-WAN Work From Anywhere Solutions, which extend the value of Masergy SD-WAN Secure to Home and Mobile Users
How do you tease out the differences in SASE solutions? Tech stacks set providers apart
Planning a move toward SASE? Here are three ways to make apples-to-apples comparisons, teasing out the differences in solutions.
SASE from Fortinet & Masergy: Converging best-of-breed network and security solutions recognized by Gartner
SASE is consolidating best-of-breed technologies into one cloud service, and it’s here where the Masergy-Fortinet offering stands above the rest.
Is there more than one way to SASE? Cloud separates two strategies, schools of thought
Are firewalls becoming a dividing line between SASE strategies? Why some IT leaders choose a cloud-managed approach over a cloud-native one.
Is SASE real or just a concept?
When it comes to SASE validity, there are lots of opinions. Here’s a look from all sides and tips for how to evaluate SASE architecture.
Masergy Named Most Innovative Managed SD-WAN Service Provider by Frost & Sullivan
Masergy Announces Zenith Partner of the Year Awards
Why are there so many different interpretations of SASE?
Ask people what SASE is and you’ll likely get 10 answers. While the newness of SASE is a factor in the confusion, here’s what SASE is and what it’s not.
Masergy SD-WAN wins Leading Lights 2020 Award for Most Innovative SD-WAN Service
Masergy releases 2020 SD-WAN Market Trends Report
IDG study finds SD-WAN as key enabler for working from anywhere
Data shows remote work has triggered a modernization of business operations and the network. Explore the highlights from the new IDG study.
The business case for Masergy’s new SD-WAN Secure solutions
Masergy’s new SD-WAN portfolio gives companies of every size unrivaled application performance along with more flexibility and choice.
Masergy launches new Partner Program for accelerated SD-WAN market
Masergy launches SD-WAN enhancements: More options and trailblazing SLAs meet the needs of any transforming business
Masergy expands its SD-WAN portfolio offering the broadest choice, flexibility, and built-in SASE
Masergy announces the SD‑WAN industry’s most competitive Service Level Agreements
Work-from-Anywhere Study: ZK Research webinar explores IT trends and SD-WAN urgency
ZK Research data shows IT spending is up, and the value of the network has increased. Don’t miss the latest SD-WAN strategies in this online event.
Oldcastle infrastructure selects Masergy SD-WAN to build high-availability network for digital transformation
SD-orchestration: SD-WAN and application performance management
SD-WAN has redefined network management, and how you deploy it can impact success. Get the six elements of SD-orchestration and key considerations.
WAN automation: Why SD‑WAN is only step one and what’s needed to reach full autonomy
Networks are on their way to becoming “self-driving.” Understand the current state of networking automation and what’s needed to reach full autonomy.
Elements of SD-WAN & SASE platforms: Differentiators, characteristics and the hidden secret
SD-WAN solutions are now platforms, but what does that mean? Moreover, what differentiates platforms from solution sets? Here’s the hidden secret.
5G and fixed wireless: Where does it fit in your SD-WAN connectivity strategy?
With SD-WAN’s many connectivity options, when do you deploy 4G and 5G links and when should you avoid them? Here’s how Masergy advises its clients.
COVID-19 is changing how IT thinks about MPLS: What networks and leaders need now
The idea of converting all your private network connections into public ones is being challenged. Attitudes are shifting. Here’s what it shows us.
What digital transformation looks like now: Omdia webinar has the outlook for Europe
Research from European enterprises surveyed as the pandemic lockdown began helps IT leaders identify new trends and what businesses need now.
Extending secure SD-WAN to secure SD-Branch: The convergence of WAN and LAN at the edge
SD-WAN is giving way for terms like SD-Branch. Understand the benefits and how SD-Branch is addressing security challenges at the network edge.
Network security and automation: Why you need user identity analytics now
Here’s a guide to understanding the value of user identity analytics and why these details are increasingly important for security today and network automation tomorrow.
Advancing SD-WAN security and control, Masergy introduces identity-based WAN analytics
SD-WAN management portals typically track only IP traffic for entire sites, but Masergy’s SD-WAN gives you per-user analytics as a standard offering.
The autonomous enterprise: Building your digital vision
Masergy's CTO, Chris MacFarland, teaches you how to reach the milestone of true autonomy. This article originally appeared in Forbes.
The impact of COVID-19 on corporate networks: VPN connections skyrocket, increasing by 676%
See how Masergy’s network is changing in light of Coronavirus. Get tips for fast VPNs and understand shifts in digital transformation priorities.
COVID-19: Prioritizing health & safety
Learn how Masergy is acting with urgency to protect employees, clients, and business continuity. We explain how Masergy helps clients respond and how he virtualized the company.
Masergy wins Stevie® award for Sales & Customer Service
20 things you didn’t know about Masergy
With 20 years of history, Masergy is full of fun factoids. Explore the pioneering moments, pivotal transformations, and tales from the startup days.
4-time Visionary: Gartner positions Masergy as Visionary in 2020 Magic Quadrant for Network Services, Global
Get a free copy of Gartner's report. Learn how Masergy pioneered software-defined networks and is building the autonomous networks of tomorrow.
How SD-WAN is converging network, security and AI
Many technologies are uniting under SD-WAN. Learn what’s changed and why new additions are starting to look like autonomous networking.
Masergy celebrates 20 years of success marked by service excellence and early SD-WAN innovation
Masergy’s biggest innovation milestones
2020 marks Masergy’s 20th anniversary. The celebration starts with our top innovation landmarks and where we’re going next.
Small beginnings, big impact: Terry Traina reflects on Masergy’s legacy
In celebration of Masergy’s 20th anniversary, we’re honoring our greatest leaders and key players. Here’s the story of Terry Traina, Masergy’s Chief Digital Officer.
Scrappy startup delivers leading network performance: Mark McCann explains Masergy’s early innovation
Masergy AIOps wins 2020 BIG Innovation award
Harnessing the power of AIOps: Paving the way to autonomous networking
AIOps puts a virtual network engineer on your team, but it’s also paving the way for autonomous networking. Get the requirements and four next steps.
Fortinet & Masergy: The security-driven approach to SD-WAN
Here’s a fully managed SD-WAN solution that helps organizations truly transform the WAN edge with a security-driven approach.
Shadow IT: Getting the visibility you need
Think you only have 30-40 apps running on your network? It’s probably more like 900+. Here’s a quick guide to handling the blind spots of shadow IT.