What is Multiprotocol Label Switching (MPLS)?
MPLS circuits are a common component of many organization’s IT infrastructure. In order to provide high-performance and reliable connectivity for critical application traffic, organizations lease dedicated links from their Internet Service Providers (ISPs).
Traffic flowing over MPLS links has a label attached to it providing important information about it, eliminating the need for routers to perform in-depth packet analysis to get the traffic to its destination. This enables the traffic to be routed over predefined links, eliminating some of the inefficiency of traditional Internet routing.
MPLS Pros and Cons
MPLS is widely used because of two major advantages:
- High Performance: MPLS circuits remove much of the complexity of routing traffic through the Internet. This enables them to provide higher performance than traffic reliant upon other routing schemes.
- Reliability: MPLS circuits are a special service with performance backed by SLAs. This ensures that traffic routed over these circuits is reliably transmitted to its destination.
However, MPLS is not a perfect networking solution. It also has a number of downsides to counterbalance its advantages:
- Centralization: Most MPLS connections are designed to send all traffic through a central hub en route to its destination. As organizations’ telework programs and cloud infrastructure grow, this causes significant network latency due to inefficient routing.
- Cost: MPLS bandwidth is designed to provide high performance, reliable network connectivity. However, this comes at a much higher price per bandwidth than a broadband Internet connection.
- Geographic Limitations: MPLS circuits are a service offered by an Internet Service Provider (ISP). If an MPLS provider is not available in a certain geographic region, then MPLS circuits cannot be used to send traffic there.
- Provisioning Delays: Provisioning MPLS circuits on a service provider’s network is a slow process. This makes it difficult for organizations using MPLS to adapt to sudden increases in their bandwidth requirements.
Introduction to SD-WAN
Considered the MPLS alternative, Software-defined WAN (SD-WAN) is a method for implementing a reliable, high-performance WAN. Instead of using dedicated circuits, SD-WAN optimizes traffic routing over multiple potential transport links.
An SD-WAN appliance is designed to be deployed at the border of an internal network and connected to multiple types of transport links (broadband Internet, mobile networks, MPLS circuits, etc.). From the perspective of the internal network, only a single networking option exists: the input to the SD-WAN appliance.
Once traffic reaches the SD-WAN appliance, the application generating the traffic is identified based upon known traffic protocols. This enables the appliance to apply application-specific routing and security rules. Based upon the requirements of the particular application (high reliability, low latency, etc.), predefined priorities (i.e. prioritizing video conference traffic over web browsing, etc.), and the current status of the available transport links, the SD-WAN appliance selects the optimal route for the traffic.
Can SD-WAN replace MPLS?
Yes! SD-WAN provides similar performance and reliability to a dedicated MPLS circuit. However, it accomplishes this by aggregating various transport media and optimizing traffic routing rather than relying upon predefined, dedicated links.
The differences between the SD-WAN and MPLS approaches to network connectivity can have a significant impact on the cost and flexibility of an organization’s WAN. SD-WAN can use relatively low-cost network links (i.e. broadband Internet) for most traffic while saving higher-performance, more reliable, and costlier options (such as MPLS circuits) for application traffic that requires this. This enables an organization to optimize its networking investment rather than wasting costly MPLS bandwidth on low-priority applications.
SD-WAN also increases the flexibility of an organization’s WAN compared to MPLS by removing the limitations of MPLS circuits. The ability to use any transport medium enables bandwidth to be expanded at need without the delays associated with MPLS circuit provisioning. Optimized routing enables traffic to be sent efficiently to its destination, not limited to the predefined MPLS circuit paths. Support for broadband Internet and mobile networks enables SD-WAN traffic to be routed anywhere, not only where an MPLS provider is available.
Selecting a WAN Solution
MPLS provides a number of advantages, but its high cost and low flexibility make it a poor choice for rapidly-evolving enterprise networks. SD-WAN is a popular MPLS alternative that provides organizations with a number of different benefits.
However, not all SD-WAN solutions are created equal. Like MPLS, SD-WAN is designed to be a networking solution with no integrated security. It is essential, when selecting an SD-WAN solution, to choose one with software-defined protection to complement its integrated software-defined networking functionality.
Check Point provides SD-WAN Security solutions that integrate with the leading SD-WAN solutions available. Contact us for more information and request a demo to see how Check Point can work with your chosen SD-WAN provider. For more information about how Check Point can provide secure, high-performance network connectivity to your cloud infrastructure, download this solution brief.
Feedback