SD-WAN 3.0: Powering future-ready enterprise networks

As enterprises navigate the evolving landscape of connectivity, traditional SD-WAN architectures are no longer enough. Enter SD-WAN 3.0 — a smarter, cloud-native, AI-powered evolution that blends observability, zero-trust security, digital twins, and outcome-driven orchestration. Leading this shift is Andrew Winney, General Manager and Global Head of SASE Business at Tata Communications, who is steering the company’s global product management and innovation strategy across SD-WAN, SASE, and SSE portfolios.

In this insightful conversation with Voice&Data, he decodes why SD-WAN 3.0 is more than just a buzzword. He discusses the convergence of secure networking and cloud-delivered security, the growing role of GenAI in network operations, and how software-defined architectures are making security an intrinsic part of the architecture, not an afterthought. From digital twins to space-based WANs, he lays out a compelling vision for future-ready enterprise networks.

How is SD-WAN 3.0 different from earlier SD-WAN approaches, SASE, SSE, SWG, NDR, and ZTNA architectures?

SD-WAN 3.0 represents a point of convergence. As enterprises transition toward the second generation of SD-WAN, they must look beyond a simple evolution from SD-WAN 1.0 to 2.0. Two key characteristics define SD-WAN 3.0. First, it is SASE-first, as it unifies secure SD-WAN with cloud-delivered security solutions, including SWG, ZTNA, CASB, and DLP. As enterprises increasingly operate in a hybrid model of private applications and SaaS platforms, a comprehensive solution is necessary to ensure secure access and protect data assets. SD-WAN 3.0 is intelligent, self-optimising, and purpose-built to meet complex enterprise outcomes by leveraging the telemetry generated across these integrated technologies.

How does SD-WAN 3.0 achieve this?

This involves providing outcome-driven management by bringing in foundation technologies such as AI and Digital Twins, leveraging the telemetry generated by SDWAN platforms. As a result, with the convergence of these technologies, SD-WAN 3.0 provides a cohesive and adaptive framework, offering zero-trust security, real-time visibility, and enhanced user experiences. It does not replace these architectures; it harmonises them. Importantly, enterprises are recognising the need for this shift. According to a recent report, 74% of organisations plan to increase investments in SD-WAN over the next 12–24 months, signalling a clear move toward unified, intelligent architectures that harmonise security and performance, rather than layering them on.

Does SDN or increased software-defined networking reduce the bolted-on nature of security and make it more intrinsic?

Absolutely. Software-defined networking (SDN) enables a platform-based approach to secure networking, driven by unified orchestration and management. This represents a paradigm shift in the way network security is conceptualised—SDN becomes intrinsic rather than peripheral. It strengthens the overall security posture by allowing security policies to follow the data path, tied to identity and intent, thereby delivering secure access to both users and devices. In essence, SDN transforms security from a reactive defence mechanism into a proactive nervous system.

SD-WAN 3.0 provides a cohesive and adaptive framework, offering zero-trust security, real-time visibility, and enhanced user experiences.

Can you share examples that illustrate the advantages of SD-WAN 3.0?

In a recent network transformation for a global bank, we built a digital twin of the complex customer sites to ensure better availability and uptime. We validated the traffic policies and their interoperability with the existing ecosystem. This also enables us to proactively fine-tune policies and optimise performance, first time right, during production deployment.

For an Indian hospitality company, we successfully embedded AI and built capabilities that enabled them to proactively predict when to upgrade capacity and recommend application-aware routing policies, resulting in better utilisation and real-time traffic management.

How effective is SD-WAN 3.0 in areas such as uptime, performance optimisation, mid-mile and last-mile bandwidth, site availability, application-aware routing, failover strategies, and real-time traffic management?

SD-WAN 3.0 excels where complexity once stalled progress. For example, by building a digital twin of an enterprise WAN, we can ensure better uptime across the SD-WAN and SASE adoption journey. AI-driven insights recommend application-aware policies and capacity optimisation strategies that enable real-time traffic management and performance enhancement. Our unified network fabric allows for effective first-mile monitoring and troubleshooting of both mid-mile and last-mile bandwidth challenges.

How easy is it for telecommunications providers and enterprises to adopt SD-WAN 3.0, particularly if they have already invested in alternative solutions or operate legacy stacks?

Adopting SD-WAN 3.0 requires capability-building across orchestration, management, and data layers to ensure seamless customer journeys. As a communications technology provider, Tata Communications has developed these capabilities within our network fabric. For enterprises, adoption can be accelerated by working with strategic transformation partners. In fact, reassessing SD-WAN configurations with such partners—something only 33% of organisations currently undertake, according to research by Omdia and Tata Communications—has demonstrated significant improvements in outcomes.

74% of organisations plan to increase investments in SD-WAN in the next 12–24 months, signalling a clear move toward unified, intelligent architectures.

How critical are AI and observability in modern network security, especially considering Gartner’s prediction that 70% of network operations personnel will rely on generative AI for Day 2 SD-WAN management by 2027?

Gen AI and agentic AI technologies are reimagining the way we deliver managed security services for enterprises. It greatly simplified anomaly detection, policy automation, and root-cause analysis; AI infuses context, speed, and foresight. Observability, meanwhile, provides security teams with context, not just what happened, but also why, where, and what to do next. A recent Gartner report predicts that by 2027, 70% of network operations will rely on GenAI. This is not ambitious. It is conservative. If we want true resilience, we need to trust machines to manage complexity and empower humans to manage strategy.

Our AI and agentic AI-powered solutions automate fault diagnosis, with 85% of severity-one faults successfully diagnosed by the machine learning engine. This significantly reduces Mean Time to Recovery (MTTR) and enhances the customer experience.

What is your view on the SD-WAN-as-a-service model? Is it also applicable to SD-WAN 3.0?

With the increasing cloudification of networking functions, the as-a-service model is more relevant than ever. It is not merely a consumption model; it enables abstraction, agility, and outcome orientation. The true value of SD-WAN 3.0 lies not in the physical infrastructure but in its policies, intelligence, and integrations. When delivered as a service, SD-WAN 3.0 becomes continuously updated, scalable, and aligned with business needs. This is particularly effective for enterprises with distributed operations and lean IT teams who require network sophistication without operational burden.

Is it too early to assess the potential of space-based managed WAN?

It is early, but interest from enterprises is already growing. Space-based Wide Area Networks (WANs) powered by low-Earth orbit satellites, such as Starlink, are redefining the boundaries of ‘reachability’. Imagine disaster zones, remote mining sites, rural banking outposts, or maritime operations—these are now viable candidates for SD-WAN performance with sub-100 millisecond latency. SD-WAN’s ability to deploy application-aware policies across various access technologies, including MPLS, broadband, and 5G, means that space-based WANs will enhance resiliency and increase uptime across even the most remote environments.