SD-WAN – Network Availability Redefined

One of the new buzzes in IT is the concept of “Software-Defined”. We discussed Hyper-converged Infrastructure (HCI) i.e., software-defined storage in a previous article. Let’s now focus on another very important part of our infrastructure: The Wide Area Network (WAN).

Wide Area Network

Organizations typically need a WAN connection when they have multiple offices. Usually, a bank, an insurance company, a nationwide mart, a mining company, or even the government would need a WAN connection to ensure their IT infrastructure is centralized whilst providing the same level of services at all locations. Such organizations would usually contact a Service Provider to set-up the interconnection for all their offices or agencies. This provides a level of central control and security for the environment.

WAN Connections

Setting up WAN connections means the Service Provider must ensure they have Satellite, Radio, Copper, or Fiber connectivity to the location the customer wants to set up shop no matter how remote it is. This comes with some high infrastructure costs that they can recover as they get more customers over time.

We must highlight that the WAN connections or links usually come with an SLA (Service Level Agreement) which guarantees availability and some level of quality among other things. Organizations are then able to rely on these WAN services which eventually come at a relatively high cost. What makes it even more expensive is that to achieve higher levels of availability, some organizations have to get two WAN links per site and only use one at a time whilst paying for both.

The Internet Factor

With the internet becoming more and more available for home users at more remote locations through so many means i.e. Copper, Radio, 4G/5G, and even Fiber, WAN customers started wondering if they could use common/cheap broadband to provide interconnectivity between their sites. Well, this among other things is exactly what SD-WAN comes to address.

Software-Defined WAN

In a world where organizations are being hacked all the time, it would be very risky to pass an organization’s sensitive data over the wild internet. You may say “We can use GRE or DMVPN with IPSec” but that means you may have to ensure you have static Public IP Addresses at each location and you have to manage all these tunnels; wait, how are you going to handle QoS? And won’t you still waste one service provider link on each site? Let just say it is a more daunting task to achieve all the benefits using traditional technologies. The future is software-defined. Let’s discuss SD-WAN.

Easy Internet Connection

With SD-WAN, the devices have 4G/5G integrated modules while still being able to take your traditional copper or Fiber. They are built to connect using both Internet or WAN connection together, and they are smart enough to not send internet traffic to your head-office unless you want it so. This means you can now build a remote site with just one or two SIM cards. Too good to be true? Keep reading…

Active – Active

If your organization policies still do not allow you to use the Internet to transfer sensitive data, you can still use SD-WAN over the WAN as it was built from the ground up to support multiple uplink connection and share traffic across multiple connections based on your defined parameters (path selection with specified thresholds based on bandwidth, link quality and more). You get to use both links in an Active/Active set up with Failover and Failback capabilities.


You must have guessed it. A technology built for this must be pretty secured. Yes, SD-WAN comes with pre-built security features (IPSec, High level of encryption) to ensure your data is always secured and tunneled while traversing the Internet or the service provider network. Technically the SD-WAN appliances are mini-UTM (Unified Threat Manager) devices disseminated at each one of your locations, thus protecting your local users from the Internet and also encrypting data in-flight towards your head office. This is a cocktail of smart features.

Ease of Use

Obviously, with technologies becoming more complex, the manufacturer’s job is to make them easier to use and manage. SD-WAN vendors have done just that. You can usually set up an SD-WAN connection between two devices in a few clicks. Some of the most popular vendors such as Fortinet, Cisco Meraki, Palo-Alto, Sophos, etc. can make your experience enjoyable.

Well then, where is the catch?

We cannot offer you all these features without a catch, right? As much as all the features mentioned work seamlessly and as advertised, the SD-WAN technology comes with subscriptions on pretty much every appliance. This means recurring costs that must be paid every year. That notwithstanding you will make some savings on ISP cost by ditching all those expensive WAN Links. Besides, you will greatly benefit from the enhanced security and improved connectivity.


SD-WAN technology is packed with everything that we would expect from a software-defined technology, creating virtual circuits over the Internet, protecting that data, and being flexible enough to use any type of Internet connectivity. It is a running train and despite the subscription prices, you will have to join it one day or another. Better early enough to match your competition.

Next Step

Apotica deploys a large portfolio of Next-Generation technologies and is uniquely positioned to advise on the next steps to start your software-defined journey. You can request a free consultation here. To enquire about any equipment or software, call us on +233.54.431.5710 or write to

About Apotica

Apotica, headquartered in Accra, Ghana brings together the best information and communications technologies to help clients grow, compete and serve their customers better. Apotica is an ISO 27001 and 9001 Certified Organization.