How Leading MSPs Stay Resilient with Multiple SD-WAN Solutions

Redundancy of connections and redundancy of routes to a colocation and/or cloud app are good strategies. Then shouldn’t vendor redundancy be a good strategy, as well?

5 Min Read
Two roads leading out into the distance

We all read the news, and often learn about the latest customer data breach at any given retail chain and how it impacts its reputation and business. It seems like every month there’s a newsworthy breach that impacts consumers. What the news outlets won’t tell you is that, last year alone, 50% of retailers experienced a breach. With each breach, more sensitive data is released into the dark web.

Data and transaction security are not the only concerns retailers have. When the internet goes down at a retail store, customer experience and confidence suffer, the brand suffers, and present and future revenue take a hit. Profitability also gets impacted during these “brownouts” because of the potential for credit card fraud (i.e., spooling). Although downtimes do not make it into the news, failover connectivity–whether it is via a dual broadband link to different internet service providers (ISPs) or via cellular links–is a needed add-on to any IT deployment at a branch location. In today’s hybrid network environments, redundancy is key.

Imagine an MSP being contracted by a Quick Service Restaurant chain to manage its network of branches nationwide. Let’s assume it is a hybrid network and that SD-WAN plays a major role to reduce cost and improve service agility. How important would you think network availability is to this client? In the event of blackouts or brownouts caused by its ISP’s failing infrastructure, the business looks up to its MSP to provide the network resilience and business continuity needed not just to avoid losing revenue, but to preserve an optimal customer experience.

With a cellular failover link or two, MSPs almost guarantee that a client’s location will always have access to the internet to transact and communicate. However, beyond the firewall lies other hurdles to network resilience and availability. Examples are hardware single points of failure, power issues, construction (Backhoe Bob), bad weather and, yes, animal-caused damage. These are considered small risks when it comes to leveraging technology to solve the issue, but combined they present a bigger challenge to risk-tolerance.

Meshing virtual private network (VPN) tunnels site-to-site (branch-to-branch) with Auto VPN can improve resilience by ensuring that secure connectivity, to a given colocation, is always possible. It serves as a second layer of network resilience geared toward delivering the best service possible to the MSP’s client. The first layer is to ensure access to the internet at the branch. The second layer is to make sure that critical business services are always attainable via a secure link.

How does an MSP deliver that level of service? It makes sure it works closely with a network security vendor that delivers the SD-WAN edge device and multi-tenant platform that allows for the visibility and control of clients’ branch networks. To stay competitive these days, just managing a firewall on premise won’t cut it. SD-Branch solutions go beyond the managed firewall service and leverage SD-WAN architectures to deliver content-filtered Wi-Fi, switching and cellular failover connectivity, among other services. Being able to offer next-gen firewall services, internal vulnerability scans and Payment Card Industry Data Security Standard (PCI DSS) compliance assistance often makes a big difference in the eyes of the client.

Is it a good idea to work with only one vendor? Wouldn’t make sense to have more than one vendor? Or is platform standardization the best practice?

Redundancy of connections and redundancy of routes to a colocation and/or cloud app are good strategies. Then shouldn’t vendor redundancy be a good strategy, as well? A single vendor could be a single point of failure! Some airlines operate both Airbus and Boeing airplanes, while others standardize to a single make. Training two separate teams with two distinct platforms to offer similar services is not an appealing proposition at first, but when you think twice about it, it makes sense: It offers advantages to the MSP. It would require training a second team on a second multi-tenant platform, but the advantages are many.

With two SD-WAN vendors:

  • MSPs can negotiate better terms.

  • MSPs can offer options to their clients.

  • MSPs can design networks with dual vendors, based on use cases (for example, one vendor for large branches and another vendor for small branches and IoT applications).

  • No single point of failure:

    • A major hit to a vendor’s brand reputation due to a major bug, vulnerability or service failure won’t prevent the MSP from selling and managing a similar, but likely better solution.

    • If one vendor gets acquired and its multi-tenant platform is replaced by the acquirer’s, the MSP will still be able to offer and manage the solution of the second vendor while the affected team is retrained.

The moral of the story for MSPs is: It pays not to put all of your eggs in one basket. Diversify access to the internet at the branches to ensure always-on connectivity. Diversify routes to the colocation and cloud services with site-to-site VPN meshing to ensure secure connectivity to the critical business apps. Diversify vendors to minimize risk and offer alternatives. Risk reduction requires layered redundancies. If you were an airline, you wouldn’t want to fly a fleet of only Boeing 737 Max these days, would you?

The Netsurion Partner Program is a game changer, designed specifically to empower VARs, sales agents and MSP/MSSP organizations to meet the growing connectivity demands of customers, while generating new revenue streams without the risk of additional overhead costs.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like