11 December 2025

As UK enterprises grapple with hybrid work, rising cyber threats and an ever-expanding cloud footprint, the question keeps resurfacing: does SD-WAN still matter?

Hybrid work has changed the rules — but SD-WAN still holds the map

When hybrid work arrived, it didn’t gently knock. It kicked the door off the hinges, scattered the network diagrams, and told IT teams to reinvent security before lunch. The old days of predictable branch offices and tidy perimeters are long gone; in their place is a muddier, more fragmented landscape where users, apps and data live everywhere.

In this new reality, many predicted SD-WAN would fade away; but UK enterprise leaders argue the opposite.

Anthony Senter, ATOMNIA

“SD-WAN remains a foundational technology, providing the essential flexible and resilient connectivity every modern enterprise needs,” says Anthony Senter, CEO & Co-Founder of ATOMNIA. “Businesses increasingly ask for SASE, but many don’t realise that SASE simply combines secure access (SSE) with that same SD-WAN core. It’s that unified combination that supports the hybrid workforce’s demand for performance, security and reliability.”

That misunderstanding reflects a shift in the market: SD-WAN hasn’t disappeared, it has simply become the quiet partner in a larger solution.

Toby Sturridge, Senter’s co-founder, agrees, but adds that “SD-WAN’s value absolutely endures, but moving forward, it must be delivered as a commodity, built in, not bolted on and never charged as a premium. The power lies in integrating SD-WAN seamlessly within a scalable solution, so enterprises stop paying extra for the connectivity foundation and instead invest in next-generation protection and management.”

Mark Burski,
Digital Carbon

Mark Burski, Managing Director at Digital Carbon, says the pairing is not a competition but a co-dependency: “SD-WAN and SASE aren’t competing. SD-WAN provides the optimised transport layer — broadband, 4G/5G, satellite — and the orchestration that makes hybrid work usable. SASE takes that foundation and adds the cloud-delivered security services: next-gen firewalls, CASB, secure web gateways, ZTNA. Together, they create the unified edge architecture today’s remote and distributed organisations need.”

The security wakeup call: SD-WAN alone can’t fight today’s threats

As UK enterprises opened up their networks to remote workers, cybercriminals opened up their wallets. With ransomware, phishing, credential theft and cloud attacks all surging, organisations have learned the hard way that the perimeter now has more holes than a block of Swiss cheese.

“As the workforce becomes more dispersed and the attack surface expands, SD-WAN alone is not sufficient to address today’s cybersecurity challenges. Remote access, encrypted traffic, and cloud-based applications demand a zero-trust approach, deep traffic inspection, and unified policy enforcement. This is precisely where the SASE model comes in, providing a more comprehensive framework that integrates networking and security,” explains Eduardo Oliveira, CTO, MikroTik SD-WAN.
Indeed, SD-WAN strengthens the transport layer, but industry leaders are brutally honest about the limits of its defence.

Burski explains the divide: “SD-WAN delivers built-in firewalls, segmentation, encryption and IDS/IPS — excellent foundations for network-layer protection. But it’s not enough to defend against today’s complex, application-level threats. SASE adds advanced cloud-delivered capabilities — sandboxing, DLP, TLS inspection, threat intelligence — and applies them consistently no matter where users are working.”

It’s a security story IT teams know well: the tools we trusted for office-centric networks simply can’t cope with a world where the network is everywhere.

Leigh Walgate,
Nasstar

Leigh Walgate, Managing Director of Secure Networks at Nasstar, says the gap is often invisible until it becomes a headline: “SD-WAN focuses on protecting the boundaries of the corporate network and encrypting traffic over the internet. That’s valuable, but it doesn’t secure users, data or applications wherever they’re located. Modern threats don’t respect traditional perimeters. With cloud-hosted data and remote workers, people access applications directly over the internet, download files to personal devices and potentially expose corporate data through unmanaged channels.”

That’s why Zero Trust became more than a buzzword: it became a survival tactic.

“SASE enforces continuous verification of every user and every device, no matter where they are,” Walgate continues. “It delivers secure web filtering, CASB oversight, remote browser isolation and least-privilege access, so even if credentials are compromised, the attacker can’t move laterally. These are the vulnerabilities the NCSC warns UK businesses about, and they’re exactly the gaps SD-WAN alone cannot cover.”

Senter sees the industry shifting to a new mindset: “SD-WAN alone is no longer enough. The attack surface is expanding, and no single product provides comprehensive defence. SASE isn’t a security add-on, it’s a holistic framework that combines firewalling, CASB, ZTNA, SWG and data encryption into one cohesive model that protects remote teams wherever they are.”

The conclusion is clear: SD-WAN gets you connected; SASE keeps you protected.

Cost, agility and a very British connectivity market

Unlike the US, where MPLS pricing can induce nausea, the UK market is more forgiving. That creates a unique situation: SD-WAN adoption here isn’t purely about slashing costs: it’s about creating freedom.

Sturridge says the pricing debate is stuck in the past: “legacy views of SD-WAN as a premium alternative to MPLS are outdated. With solutions including SD-WAN as standard, organisations unlock real performance gains and often up to 50% cost savings compared with traditional MPLS, while reallocating budget to improve security. There’s no longer a trade-off between resilience, bandwidth and protection.”

But the biggest benefit isn’t pounds saved it’s hours saved, as Walgate explains: “in practice, the decision isn’t about MPLS versus the internet anymore. The internet is now the default for most requirements. The real savings come from simplified management and reduced licence sprawl when SD-WAN or SASE replace multiple point tools.”

And in a market with strong fibre competition, agile deployment matters more than ever.

“The business case for SD-WAN in the UK goes beyond headline reductions. The real value lies in agility: the ability to scale bandwidth, deploy new sites within minutes, support seasonal or project-based operations and avoid long-term circuit commitments. Even if the monthly savings are modest, the operational advantages are significant,” says Burski.

SD-WAN isn’t the cheapest tool in the box: but it’s often the smartest one.

The future is hybrid: SD-WAN behind the scenes, SASE up front

If UK enterprises have learned anything, it’s that no single connectivity model wins the argument. MPLS still has its fans, SD-WAN still carries the load, and SASE is becoming the new north star for secure access.

The reality? Most organisations will use all three in some capacity.

“Modern hybrid policies demand more than a single solution,” says Senter. “The strongest approach is a fully converged, device-less SASE solution, bridging SD-WAN, advanced security and next-gen access for offices and remote users alike. It removes the complexity and risk of legacy systems such as MPLS or VPN.”

“UK businesses should not view SD-WAN and SASE as competing technologies, but rather as complementary components of a hybrid approach. SD-WAN provides the intelligent connectivity backbone, while SASE layers on security and access controls for cloud and remote environments,” asserts Oliveira.

Walgate sees a pragmatic future: “many organisations will take a hybrid WAN approach, using SD-WAN and SSE alongside existing MPLS, then gradually reducing MPLS dependency as requirements evolve. There is no one-size-fits-all solution. What matters is aligning with the organisation’s digital transformation and Zero Trust journey.”

And Burski reinforces that hybrid isn’t temporary — it’s the blueprint: “for most UK organisations, the most effective approach is blended. Keep MPLS for workloads needing guaranteed performance, use SD-WAN overlays for agility, and extend secure access to remote workers via SASE gateways. Transformation usually starts with SD-WAN for visibility and optimisation, then SASE layers are added incrementally.”
In other words: the future network won’t pick sides: it will pick what works.

SD-WAN isn’t fading. It’s evolving

What emerges from every expert is a rare consensus: SD-WAN isn’t disappearing. It’s simply becoming the connective tissue inside something bigger, in an industry shift that is already underway.

“The trend is clear: SD-WAN is becoming a built-in component within advanced solutions such as SASE. Providers offering only SD-WAN will struggle as markets prioritise agility, convenience and deep security all in one platform,” notes Senter.

Sturridge says the roadmap goes beyond consolidation: “expect sharper integration with AI-driven threat detection, quantum-ready encryption and customer-specific controls. The future is simplification and fully managed services — so networking and security never constrain innovation.”

“SD-WAN isn’t being replaced; it’s evolving as the intelligent transport layer within SASE. As architectures mature, organisations want fewer vendors, simplified operations and consistent user experiences. SD-WAN provides the application-aware routing and path selection that SASE still depends on,” adds Walgate.
Burski, meanwhile, sums up the long game: “SD-WAN’s role is shifting from standalone product to the performance engine underpinning SASE. As the UK expands fibre and 5G, SD-WAN remains vital for site connectivity and resilience, while SASE provides the cloud-delivered security required for hybrid work. The transition will be gradual, not a sudden replacement.”

Is SD-WAN still relevant?

Absolutely — just not in the way it used to be. It’s no longer the headliner, because it has become the backbone. It’s the engine under SASE’s bonnet, powering the secure, hybrid, cloud-first networks UK enterprises depend on.