When it comes to cloud applications – and every business uses them – SaaS rules. CRM, ERP, HCM, UCaaS, productivity, and even desktops – these are just a few within the myriad of SaaS choices used by the workforce of today’s modern organization. What these apps have in common is that they’re beleaguered by a sub-optimal experience provided by a sub-optimal network. Long waits for Salesforce data to load, page timeouts while booking travel, or talking through a presentation and being two slides ahead of everyone else. We’ve all been there.

So, why aren’t networks up to the task, you might ask? Well, to get to the cloud, network technologies such as MPLS and the good old public Internet inherently impede a good user experience due to the nature of their design: multiple hops, multiple providers, and a fundamental lack of control for IT. Enter SD-WAN and what it can do to provide a better experience for SaaS.

Breakout to the cloud is a first step

SD-WAN allows organizations to breakout SaaS and Internet traffic to avoid being backhauled to a data center, adding latency. You can address security through built-in or additive firewall capabilities on the branch appliance or even a cloud-based Secure Web Gateway. However, because SD-WAN cannot be co-located within a SaaS platform, some capabilities like link bonding and failover, traffic steering, and application prioritization are not available in basic branch breakout. Along with a lack of visibility, this leaves IT in the dark. Those capabilities could be used if running on IaaS, however SaaS generally operates on its own clouds (even Microsoft Office 365 is distinct from Azure as is G Suite from Google Cloud Platform).

Gateway to the cloud gets closer

What about setting up SD-WAN in a cloud edge or gateway to get to SaaS? This approach can mitigate last mile challenges with some path conditioning and resiliency but requires either IT teams deploy and manage their own “kit”, have it handled by a service provider, or just direct traffic to the gateway and leave it up to the equipment vendor. In each of these scenarios, the middle mile – connecting a gateway in Sydney to a SaaS cloud in San Francisco, for example remains in question. And by the way, this is where the majority of path latency and variation of it occurs.

Commonly, this network middle mile has to be stitched together by the customer or an SP. An alternative would be to trust that the equipment vendor providing the gateway service has set up high-performance connectivity between PoPs and that they are in proximity of the right SaaS clouds.

Direct to the cloud meets as a service

What if you could engineer a network that combines the best of an end-to-end SD-WAN while connecting to SaaS…and with a managed middle mile? Here’s what it would look like:

1. Your organization has access to thousands of SaaS platforms and hundreds of cloud providers, through a service offered from your SD-WAN vendor via a subscription bundle or add-on.
2. Your network team gets single-click provisioning through a cloud-based orchestration service.
3. You leverage a private, enterprise-grade Layer 2 middle mile (no Internet, no MPLS) with global PoPs and a 99.99% performance guarantee.

Now this may be simplifying matters but that was the intent. Of course, to maintain an always-on experience and to complete the solution, last mile resiliency with sub-second failover, link bonding, and monitoring are also important considerations. And let’s not ignore bi-directional QoS and traffic steering for those business-critical apps like voice and video.

If you’re tasked with building out a network to support SaaS growth in your organization, then evaluating such a solution would be worthwhile.

For more information and to learn about how the new Citrix SD-WAN Cloud Direct Service can help you engineer fast SaaS, come talk to us and check out our PoC during ONUG Fall 2019 in New York, October 16th – 17^th. You can also learn more by visiting https://www.citrix.com/products/citrix-sd-wan/.