TeleGeography's Official Blog

How SD-WAN Helped Autodesk Hit Cloud Security, Efficiency, and Cost Goals

Written by Mike Bisaha | Aug 21, 2017 12:51:00 PM

Autodesk, a 130-location multi-national software company, relies on the cloud to support many applications. This requires connectivity to the Azure, Office 365, and Amazon web services.

Until recently, all Autodesk locations relied on MPLS connectivity to a company data center.

But the company has been shifting to a software defined WAN (SD-WAN) approach that will eventually move much of the traffic to and from the cloud to a direct internet connection from each company location, while retaining MPLS connectivity. (SD-WAN enables individual applications to dynamically shift from one connection to another based on network conditions and the application’s performance requirements.)

Autodesk already has deployed SD-WAN to several locations, where the company has seen cost savings of 82 percent and a 600 percent capacity increase, explained Autodesk Vice President of Information Technology Prakash Kota, in a presentation at WAN Summit San Jose.

In his presentation, Kota discussed the needs that SD-WAN will address for Autodesk and offered advice to other IT decision-makers about SD-WAN deployment challenges.

Why SD-WAN?

Autodesk’s decision to adopt subscription-based SD-WAN from Cloudgenix was driven, in part, by a separate decision to combine five data centers into one, which would have created connectivity challenges for locations connected to one of the data centers targeted for phase-out. Another consideration was that the company does frequent acquisitions, and getting MPLS connectivity to new locations in a timely fashion can often be challenging.

The need to support a burgeoning number of devices also played a role in shaping the SD-WAN strategy.

While the number of employees and contingent workers Autodesk must support has remained stable at around 12,000, the number of devices the company must support has grown to at least twice that number–about 25,000 to 30,000 by Kota’s estimate. By reducing connectivity costs, SD-WAN was viewed as a means of efficiently meeting growing bandwidth demands. While MPLS costs an average of $6,000 per year for a 1-10 Mbps connection, internet connectivity costs an average of $1,000 per year for faster 10-100 Mbps connectivity, Kota noted.

Security concerns are often what drive companies to route traffic from all locations through a central data center. But Autodesk is eliminating this need by deploying a virtualized, centrally managed security solution.

SD-WAN also was seen as a means of more effectively managing traffic in this environment because Cloudgenix offers application-specific service-level agreements and provides tools to manage traffic at the application level, said Kota. Detailed monitoring information is critical to determining the appropriate response to performance issues, Kota said. Among other features, Cloudgenix provides detailed data on application response times, measured every 10 seconds.

“From that you see how to respond,” said Kota. “As an engineer, you can come back and see what’s going on.”

Overall, “the focus was not to be cheaper,” he added. Kota’s take is that “when you’re faster and better, you will be cheaper” and that has proven to be true for Autodesk.

The single biggest factor that drove Autodesk toward an SD-WAN solution, however, was security. As Kota put it, “How not to be constrained by security was the biggest goal.”

Security concerns are often what drive companies to route traffic from all locations through a central data center. But Autodesk is eliminating this need by deploying a virtualized, centrally managed security solution. “The network architecture makes it simple for us to deploy,” Kota said.

Deployment Challenges

As with any new technology, deploying SD-WAN entailed some challenges for Autodesk, but Kota took several steps that helped minimize their impact.

One critical element to Autodesk’s successful SD-WAN deployment was for Kota’s team to engage with the company’s procurement group early in the process. Contracts with various internet service providers can take time to negotiate, Kota noted.

Another of Kota’s recommendations is to start slowly. “Learning is a big element of it,” he said–and when addressing the inevitable challenges of the initial rollout, it’s better to learn in a contained environment with a relatively small number of locations.

For an SD-WAN implementation on the scale of Autodesk’s, he cautions against having a single individual responsible for all locations. “One guy shouldn’t do it all,” he said.

Some challenges may be cultural. Kota noted, for example, that an IT department deploying SD-WAN may find some detractors on staff who cannot be persuaded that SD-WAN will be successful. If these people cannot be brought on board in short order, they “need to leave the bus,” Kota observed.

Getting staff on board is important in supporting another of Kota’s recommendations. For an SD-WAN implementation on the scale of Autodesk’s, he cautions against having a single individual responsible for all locations.

“One guy shouldn’t do it all,” he said.

Instead, he recommends creating multiple teams, each with a dedicated project manager (or what Autodesk terms “service planners”) to coordinate all the players involved, from internet service providers to the SD-WAN vendor, to the company’s internal teams.

Lessons Learned

Lessons learned about SD-WAN from Autodesk’s experience include:

1. An SD-WAN approach using both direct internet and MPLS connectivity can save costs and improve performance in comparison with an MPLS-only approach that routes all traffic through a central data center. SD-WAN is particularly valuable when an organization relies heavily on cloud offerings. Autodesk boosted bandwidth 600 percent and saw an 82 percent cost savings from the shift.

2. Security concerns that previously drove the data center-centric approach can be addressed by using a virtualized security solution.

3. Multi-location organizations that are implementing SD-WAN should start slowly, engage with the organization’s procurement department early in the process, ensure all IT employees have a positive attitude toward the shift, and spread responsibility for converting individual locations to dedicated teams rather than centralizing control in a single person.