First, and perhaps most simply, the increase in utilization of applications from SaaS providers as well as the move of internal apps to public clouds fundamentally changed the traffic flow for the enterprise. No longer is there really a need for users to be pulled back through a DC over a costly leased private circuit. They can access these applications over the Internet directly to the cloud app.

Second, the environment expanded rapidly. No longer was there only one DC to secure and a set of users connecting in an office or in a retail store to the corporate network. Now there was a data center (private cloud), at least one, if not many, public clouds hosting data or applications, usually more than one software application delivered as a service (think Salesforce.com, Office365) and users bringing two or more devices to work. Wow, what a lot to manage – and, more importantly, secure.

And last, once you can figure out a way to secure all this, how do you ensure, across all that complexity, that the user experience that drove this transformation to begin with can be delivered?

It is all about the users

To address these challenges, the traditional Wide Area Network architecture must change. This is where Software-Defined WAN (SD-WAN) presents a great opportunity for businesses. To understand why, it is important to understand that the core of SD-WAN is to bring centralized software control to the WAN. As with other software transitions, this has the powerful impact of bringing comprehensive visibility and control into a single pane of glass, so to speak. That single-pane-of-glass concept is not only good for users who configure, deploy and manage the WAN, but it also means that the infrastructure itself can understand and react dynamically to the conditions it interprets. So what?

Deployment goes much, much faster. That branch that used to take months to get up and running? Lead time is now down to weeks or days. This includes sending and plugging in physical hardware. Are you running a virtual environment? Is your router already in the branch? Are you using LTE? Now we can deploy in hours. When you transition from box-by-box, site-by-site configuration to a define-once, deploy-everywhere model, things simply go remarkably faster. The benefits of this are not just for deployments but hold true for the regular configuration changes and new service deployments that are more integral to day-to-day operations.

You can easily configure the WAN to support the shifting traffic patterns – whether it is enabling your users to get directly to those SaaS applications without consuming costly leased bandwidth or segmenting your R&D traffic from your general corporate users.

Even more exciting, combining the software control with deep analytics (think machine learning and artificial intelligence) enables the WAN to dynamically adapt to conditions that it observes. Historically, we were fairly constrained to link failure as the trigger to change a path. Today we can ask a ton of new questions and take action. Is a path simply degraded or not good enough to make that video call a good experience? Reroute to a higher-performing link or reduce non-critical traffic to improve the quality. Do you want to change the policy to prioritize a new application or type of traffic? Configure once and deploy instantly. Is Office365 running slowly (even though the network is working fine)? Move the user to a closer Microsoft point of presence or a different application instance that is higher performing. All dynamically, all without user intervention. This means happy, productive users.

Perhaps most importantly, security improves – and will improve dramatically if you choose to converge security capabilities into SD-WAN. As with any manual environment, that traditional box-by-box, link-by-link approach to deployment and configuration means user error and inconsistency. A simple slip of the finger on a port configuration can cause performance problems or open security holes. Moving to a software control plane means that policies are consistently deployed without the risk of error. Bringing security capabilities like application aware firewall, URL filtering, intrusion protection and more into that same software control plane brings an even greater asset to an organization to solve the security challenges introduced by the expansion of devices, locations and routes and link types that SD-WAN enables. Software enables us to bring truly advanced threat protection to the expanded attack surface.

There is a lot of hype surrounding digital transformation. As companies look to go digital, however, they need to understand that their network is the foundation of their digital future. A weak one will see their digital efforts crumble as they face increasing demands and are not capable of delivering the experience users expect or providing the security that they need. A strong one, on the other hand, will not only help to meet those demands and enable them to build and scale rapidly, but will also ensure that both sides of the double-edged digital transformation sword are working to their benefit.