Thursday, May 15, 2025
HomeTechBack Away From the (network) Edge: How cloud-based WAN Optimization can Finally...

Back Away From the (network) Edge: How cloud-based WAN Optimization can Finally Free Enterprises From MPLS

Published on

SIEM as a Service

Follow Us on Google News

For years, SD-WAN edge appliances have helped organizations optimize their WANs by balancing performance, traffic priorities, limited MPLS bandwidth, and cost. This balancing act, however, requires an edge appliance at each end of the traffic flow to prioritize, cache, deduplicate, and compress traffic.

With increasing use of cloud-based infrastructure, requiring an edge appliance in the cloud becomes a major headache. New SD-WAN as a Service (SDWaaS) solutions represent the next phase of WAN optimization and SD-WANs, providing SD-WAN as a cloud service that eliminates the need for costly MPLS bandwidth, and by extension, WAN optimization appliances.

MPLS links: reliable…and reliably expensive

 With their efficient routing and low packet loss, MPLS services have been the mainstay of enterprise WANs. Great for remote desktops and other loss-sensitive applications, MPLS services charge a premium for bandwidth. But as the bandwidth requirements for applications have grown and more bandwidth consumed by often non-critical Internet services, bandwidth costs have become an increasingly pressing issue for many enterprises.

- Advertisement - Google News

The big problem for MPLS services has been two-fold. One, the capacity or the rate of data that could be sent in a session across a global network. The interaction of distance and packet loss conspired to undermine throughput even when locations are connected by access services with large amounts of bandwidth.

WAN optimization devices provided some relief. Through the use of compression and data deduplication, WAN optimization devices made better use of the data that could be sent. And with application-layer proxying and caching, WAN optimization devices were able to minimize the effects of latency, which also helped improve TCP capacity and the user experience

WAN optimization no longer needed?

But as the WAN has changed there’s been increasingly less of a need for these capabilities. Content delivery networks (CDNs) and the distributed, geographically-redundant nature of major SaaS platforms have continued to push the data closer to the user. With the data closer, there are fewer hops and thus less latency, reducing the need for the latency-reduction techniques of WAN optimization.  Coupled with the use of large, inexpensive broadband pipes, available capacity grew, reducing the need for deduplication and compression.

The first-generation SD-WANs, implemented by edge appliances, overcome MPLS bandwidth problems by offloading MPLS services using broadband Internet access services. Routing non-critical application traffic across the Internet saved on MPLS bandwidth. Overall, the SD-WAN provided to be a great step forward in maximizing WAN usage.

But SD-WAN appliances ran into their own problems. As they required physical infrastructure to be installed on the network edge, SD-WAN appliances where inherently limited to improving only the performance and cost-effectiveness of traffic which stays entirely within the WAN.

Workflows which depend on cloud-based tools (e.g. Dropbox, Azure, Office 365, Google Apps) bump up against the reality that their data won’t be prioritized above anyone else’s.  And if cloud applications are to be optimized, appliances also need to be installed in the cloud, something that’s often difficult if not impossible.

SDWaaS: WAN optimization from above

The first-generation SD-WANs were designed to augment MPLS but they could never replace the service. They still relied on MPLS to carry latency- and loss-sensitive applications, particularly across global networks. Coupled with the fact that SD-WAN required devices to be installed in or near the cloud resources, it’s easy to see why SD-WAN has had to evolve.

The next-generation of SD-WAN, SD-WAN as a service (SDWaaS), do away with the dependency on a private MPLS backbone and provide a cloud-ready solution.

Here’s what makes these solutions work:

  • A global, SLA-backed backbone fed by multiple global Tier 1 IP transit providers which enables reliable and consistent worldwide connectivity at a more affordable price point. Now, branch locations can connect to each other and to central datacenters via the cloud and enjoy the bandwidth of the high-quality last-mile Internet, as well as the lower latencies and packet loss rates associated with MPLS. Throughput optimization (via TCP Proxy) occurs within the backbone, while application QoS prioritization and PBR takes place at the last-mile link to the cloud.
  • Several points of presence (PoPs) strategically placed to provide optimal egress to key cloud service infrastructures, such as Microsoft Azure, AWS, Office 365, and Dropbox. This greatly improves the performance of SaaS by minimizing the latency and packet loss.
  • A full network security stack integrated into the SDWaaS backbone. Since WAN connectivity and security are fully converged in the cloud, network security appliances such as IPS and next-generation firewalls don’t need to be deployed at each remote location to ensure secure direct Internet access.

SDWaaS solutions eliminate the need to backhaul WAN traffic to a central datacenter, thereby solving the problems like trombone routing and saturated MPLS links. Since the network edge effectively moves to the cloud, SD-WAN platforms reduce the complexity, risks, and cost for enterprise networks – all while achieving even better WAN optimization.

Latest articles

Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware

A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by...

TA406 Hackers Target Government Entities to Steal Login Credentials

The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni,...

Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files

Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect...

New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution

Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Chrome 137 Integrates Gemini Nano AI to Combat Tech Support Scams

Google has unveiled a groundbreaking defense mechanism in Chrome 137, integrating its on-device Gemini...

What Makes Cloudzy A Leading Choice For Cybersecurity VPS?

In today’s digital landscape, the importance of robust cybersecurity cannot be overstated. Businesses are...

Use CapCut PC to Show Big Ideas with Just Text and Effects

Are you a content creator, educator, or business professional who needs to convey grand...