SD-WAN over MPLS: A Comprehensive Performance Analysis and Security with Insights into the Future of SD-WAN
Abdellah Tahenni, Fatiha Merazka
TL;DR
This paper evaluates the deployment of SD-WAN over MPLS at the Housing Bank in Algeria using FortiGate as the SD-WAN appliance. It compares SD-WAN over MPLS to traditional MPLS and direct Internet access across performance metrics and security capabilities, demonstrating improved bandwidth, latency, jitter, packet loss, throughput, and QoS. It also details the security integration, outlining built-in SD-WAN protections and the added safeguards when combined with MPLS, while acknowledging risks from increased complexity and visibility challenges. The analysis highlights cost savings, performance enhancements, and security benefits, and discusses future directions including SASE, AI/ML integration, and cloud/5G convergence, offering strategic guidance for organizations considering SD-WAN adoption.
Abstract
Software-defined wide area network (SD-WAN) enhances network traffic management, while Multiprotocol Label Switching (MPLS) offers efficient data transmission. This paper analyzes SD-WAN over MPLS in the Housing Bank, a major Algerian financial institution. We deploy FortiGate for the SD-WAN solution, comparing it to traditional MPLS and direct internet access across metrics like bandwidth, latency, jitter, packet loss, throughput, and quality of service (QoS). Security measures include encryption, firewall, intrusion prevention, web filtering, antivirus, and addressing threats like spoofing, DoS attacks, and unauthorized access. We explore future trends such as SASE architecture, AI/ML integration, and emerging transport methods. SD-WAN over MPLS proves advantageous, offering enhanced performance, security, and flexibility. Recommendations include ongoing performance monitoring and research.