VMware SD-WAN Cuts Costs, Accelerates Performance for Branch Office Connections

With the high-cost, traditional, router-based VPNs and MPLS connections used to connect VMware’s global remote offices impacting the bottom line, VMware IT needed a better, cost-efficient solution.

The challenge

As a major enterprise, VMware has global offices that need to be interconnected to deliver support for unified communications, disaster preparedness, and operational efficiencies. While state of the art when deployed, the traditional router-based WAN VPNs currently utilized as the connection backbone between offices (and headquarters) have proven prohibitively expensive relative to other operations due to the labor- intensive nature of updating configurations.

The solution

The answer came in the form of software-defined WAN (SD-WAN)—an improved approach to traditional WAN—made possible by the VMware SD-WAN by VeloCloud® solution. Traditional WAN routers and their architectures were designed for another era, one where mass adoption of cloud applications, services, and similar resources was not an issue. VMware SD-WAN was designed specifically to operate and support the cloud, enabling VMware’s offices to easily meet unceasing end-user demands while offering unprecedented flexibility and connectivity.

Take back the drawbacks

VMware SD-WAN eliminates the drawbacks inherent with traditional WAN. SD-WAN delivers brownout protection and link remediation, plus superior scalability and flexibility. CapEx-centric hardware, individual site-by-site management, and exclusive dependence on MPLS are no longer challenges. In addition, VMware SD-WAN is simple to deploy and maintain, whereas premises-based routers are exceedingly complex to install, upgrade, and maintain—as well as require a lot of handholding by highly trained, skilled, onsite technicians.

A truly different way of connecting

VMware IT replaced edge routers, increasing overall performance for end users with the proprietary VMware SD-WAN Dynamic Multipath Optimization (DMPO), and deployed a new WAN standard for branch offices by using the Internet alongside MPLS as an additional method of transport. Depending on demand and the circumstances of individual offices, several remote offices use only a single circuit rather than costly dual MPLS circuits.

Routers are unable to proactively optimize regular traffic before congestion becomes an issue, thereby ineffectively managing multi-service inbound quality of service (QoS). With VMware SD-WAN, IT team members simplified overly complex QoS policies and resolved previous QoS router issues.

Safe and sound

With VMware SD-WAN, intelligence moves from the data plane to the programmable control plane. This enables the architecture to be transport independent; operate across any combination of public or private circuits; and offer secure connectivity to enterprise data centers, cloud and edge compute, and software-as-a-service (SaaS) applications. Standards-based encryption (such as AES) provides secure connectivity over any type of transports, forming a highly secure cloud network. Devices are only granted access after authentication in the management plane and, if they fully adhere to assigned business policies, prevent a rogue player from infiltrating connections.

Start local, go global

Like any major infrastructure shift, VMware IT began its VMware SD-WAN implementation in phases, starting in October 2018, with the migration of the Chennai office in India. Three more offices in San Francisco, California; Colorado Springs, Colorado; and Coral Gables, Florida have since been deployed with SD-WAN, replacing existing edge and Internet routers for VMware SD-WAN Edges by VeloCloud.

In the San Francisco office, DMPO allowed automatic link monitoring; autodetection of which service provider was in use; and autoconfiguration of link characteristics, routing, and QoS settings. Enhanced QoS, via the business policy, optimized the application behavior that drives queuing, bandwidth utilization, link steering, and mitigation of network errors. Overall network performance was enhanced, and IT was able to eliminate the MPLS single point of failure. In addition, substantial cost savings were realized due to the replacement of the existing edge routers. After the deployment of VMware SD-WAN, VMware IT observed a 200 percent performance improvement as it could use both links using the DMPO feature.

Similar results were achieved in Colorado Springs. MPLS and Internet circuits were migrated to management by VMware SD-WAN rather than routers, improving network performance and eliminating the MPLS single point of failure. By taking advantage of this second site deployment, the team was able to utilize all three network overlays when communicating between two sites enabled with VMware SD-WAN. This offered additional performance improvements as well as better reliability, results that mirrored the San Francisco metrics.

A fourth pilot program in Coral Gables went live with VMware SD-WAN. During this maintenance, IT teams migrated Internet circuits to VMware SD-WAN and replaced two edge routers. This solution provides improved network performance and allows connectivity to VMware sites without using MPLS. VMware will also be able to use overlays when communicating with the San Francisco and Colorado Springs VMware SD-WAN sites, providing improved performance and reliability.

Always trust your pilot

Data and metrics demonstrated that the pilot programs have proven successful, solving the networking challenges posed by the legacy architecture. Results included:

  • The MPLS single point of failure was eliminated for Tier 2 sites.
  • DMPO and forward error correction (FEC) prevented packet loss and eliminated brownouts.
  • Upload and download speeds increased by 200 percent by sharing capacity on backup links.
  • Second site deployment enabled the utilization of all network overlays in a mesh when communicating between two sites enabled with VMware SD-WAN. This contributes to additional performance improvements as well as better reliability.
  • VMware SD-WAN addressed the single point of failure for sites with a single MPLS line.
  • VMware SD-WAN provided VMware internal connectivity for sites using broadband rather than MPLS.
  • DMPO allowed the use of all available WAN transports


Branch Office with VMware SD-WAN by VeloCloud

Branch Office without VMware SD-WAN by VeloCloud



Company Profile

VMware, a subsidiary of Dell Technologies, provides cloud computing and platform virtualization software and services. It was the first commercially successful company to virtualize the x86 architecture. Today, VMware software powers the world’s complex digital infrastructure. The company’s various offerings provide a dynamic and efficient digital foundation to more than 500,000 customers globally, aided by an ecosystem of 75,000 partners.

Company Name
Cloud Computing and Platform Virtualization Software and Services
Palo Alto, California
Key Challenges
  • Traditional WAN router infrastructure was expensive
  • Branch offices were suffering due to an inflexible and unscalable network that lacked MPLS

VMware SD-WAN by VeloCloud enables remote offices to experience faster connectivity performance, secure transmission, optimized QoS, and scalability and flexibility that enable future growth. VMware offices can now easily adapt to the increasing demands of cloud applications, services, and resources inherent in today’s enterprises.

Business Benefits
  • Enables optimized connectivity performance
  • Substantially reduces cost outlays, shifting the business from CapEx to OpEx
  • Enables remote office employees to share the same network experience as those in primary business offices
See Also
VMware SD-WAN Cuts Costs, Accelerates Performance for Branch Office Connections
Customer Case Study (PDF)


Slash bandwidth costs and deploy 10x faster.

Sign up for a free hands-on evaluation of VMware SD-WAN by VeloCloud™ and learn how to deploy branch offices in minutes, provide high quality UC experience, and lower bandwidth and hardware costs.

Ready to learn more?

Software-Defined WAN For Dummies


Your crash course in SD-WAN. This easy-to-read book gives you jargon-free best practices for Software-Defined Wide Area Networking. 

3 Steps to Deliver WAN to Remote Sites


Rockford Construction share a new architectural approach to end the unacceptable trade-offs between private links and public broadband Internet for remote sites and branch offices.

VMware SD-WAN by VeloCloud™ for Architecture, Engineering, and Construction


This solution brief for architecture, engineering, and construction companies details how VMware SD-WAN dramatically simplifies WAN for remote sites by moving the network to the Cloud.