SD-WAN vs MPLS: Explaining the Trade-Offs in English

The decision between SD-WAN and MPLS is one of the most common network architecture conversations happening in enterprise IT today. As a network engineer, you need to not only understand the technical trade-offs but explain them clearly to clients, managers, and non-technical stakeholders in English. This guide covers the vocabulary, explanation patterns, and phrases you need for both technical and business-level conversations.

The Core Technology Explained

What is MPLS?

MPLS (Multiprotocol Label Switching) is a private networking technology that routes traffic along pre-determined paths called label-switched paths (LSPs). Instead of making independent routing decisions at each hop, MPLS routers forward packets based on short labels attached at the network edge.

Key characteristics of MPLS:

Private network — traffic travels over the service provider’s dedicated infrastructure, not the public internet
Guaranteed QoS — traffic classes are defined and maintained end-to-end
Predictable latency — because paths are pre-configured and dedicated
High cost — bandwidth is expensive because the infrastructure is dedicated and provisioned in advance
Slow provisioning — adding a new site may take weeks or months

“Our MPLS circuit to the Frankfurt office has a committed SLA of 15ms latency and 99.99% uptime. The monthly cost is $4,200 for a 100Mbps link.”

What is SD-WAN?

SD-WAN (Software-Defined Wide Area Network) is a technology that uses software to manage and optimise traffic across multiple underlying transport connections — internet broadband, LTE, 4G, and even MPLS — as a unified network fabric.

Key characteristics of SD-WAN:

Transport-agnostic — runs over any combination of internet, LTE, MPLS, or dedicated circuits
Dynamic path selection — routes traffic in real time based on application policy, congestion, and link quality
Centralised management — all sites configured and monitored from a cloud-based controller
Lower cost — can replace or supplement expensive MPLS with cheaper broadband
Fast provisioning — new sites can be connected in hours or days
Internet-based — public internet exposure requires additional security measures (typically a cloud-hosted security stack)

“After deploying SD-WAN, we migrated four branch offices from MPLS to dual broadband connections. Monthly WAN costs dropped by 60% while maintaining application SLAs through dynamic path selection.”

Head-to-Head Comparison

Factor	MPLS	SD-WAN
Cost	High (dedicated bandwidth)	Low to medium (internet + overlay)
Reliability	Very high (provider SLA)	High (multi-link redundancy)
Latency	Predictable, low	Variable (depends on internet quality)
Security	Private by design	Requires encryption layer (IPSec/TLS)
QoS	Native, guaranteed	Application-aware, software-enforced
Provisioning speed	Weeks to months	Hours to days
Scalability	Limited, expensive per site	Highly scalable
Management	Per-device, manual	Centralised, policy-driven
Visibility	Limited	Deep per-application analytics

Vocabulary Reference

Transport and Connectivity

Underlay — the physical transport layer (the actual internet or MPLS circuits that carry packets) Overlay — the virtual network built on top of the underlay (SD-WAN creates an overlay network) Circuit — a dedicated connection between two points, as in an MPLS or leased line circuit Last mile — the connection from the service provider’s network to the customer’s premises Broadband — consumer or business-grade internet service (cable, DSL, fibre) LTE / 4G / 5G — cellular connection used as backup or primary WAN transport

Performance and Quality

Latency — the time it takes for a packet to travel from source to destination Jitter — variability in packet arrival times; critical for voice and video quality Packet loss — percentage of transmitted packets that do not arrive Throughput — actual data transfer rate achieved over a link SLA (Service Level Agreement) — contractual commitment to uptime, latency, and performance QoS (Quality of Service) — mechanisms that prioritise certain types of traffic

“Before migration, we measured 18ms average latency and 0.1% packet loss on the MPLS circuit. After SD-WAN with dual broadband, we measured 22ms and 0% packet loss thanks to packet duplication across both links.”

SD-WAN Specific Terms

Edge device / CPE (Customer Premises Equipment) — the SD-WAN appliance installed at the branch office Controller — the centralised SD-WAN management platform Fabric — the SD-WAN virtual overlay network connecting all sites Zero-touch provisioning (ZTP) — automatic device configuration without manual on-site setup Dynamic path selection — real-time rerouting of traffic based on measured link quality Application-aware routing — routing decisions based on the type of application (e.g., Salesforce over best path, backups over cheapest path) SASE (Secure Access Service Edge) — a converged architecture combining SD-WAN with cloud-hosted security services

MPLS Specific Terms

LSP (Label Switched Path) — the predetermined, label-guided path traffic follows through an MPLS network Provider edge (PE) router — the provider’s router at the network edge, connecting to your site MPLS VPN — a virtual private network service built on MPLS for customer traffic isolation Committed bandwidth — the guaranteed bandwidth included in the MPLS SLA Burst capacity — additional bandwidth above committed levels, available when provider network allows

How to Explain the Trade-Off to Stakeholders

To a technical audience:

“MPLS gives us deterministic performance — fixed latency, guaranteed QoS, private paths. SD-WAN trades that determinism for flexibility and cost reduction by running an encrypted overlay across commodity internet links and doing dynamic path selection based on real-time performance monitoring. For latency-sensitive apps like VoIP, we can send over MPLS or the best-performing broadband link depending on measured conditions. For bulk traffic, we route over the cheapest path.”

To a business audience:

“Right now we’re paying $8,000 a month for MPLS links to three branch offices. SD-WAN would let us replace those with two cheaper internet connections at each site — total monthly saving around $5,000 — while maintaining the same performance for your critical applications. The trade-off is that we lose the absolute guarantee of the private line, but we compensate with automatic failover and real-time traffic optimisation.”

Industries with strict regulatory requirements for traffic isolation (financial services, healthcare)
Latency-critical applications with hard SLA requirements (real-time trading, telemedicine)
Sites where reliable internet is unavailable
Environments where security team prohibits any internet-connected transport

Organisation scaling rapidly with many branch sites
Significant WAN cost reduction is a priority
Cloud application usage is high (SD-WAN integrates better with SaaS/IaaS)
Agile provisioning speed is required (mergers, acquisitions, temporary sites)

Common Phrases for WAN Discussions

Situation	Phrase
Recommending SD-WAN	”Given the cost profile and cloud-first direction, I’d recommend an SD-WAN overlay with dual broadband as primary transport.”
Explaining MPLS value	”For the trading floor systems, I’d retain MPLS — the private path and SLA justify the cost for latency-sensitive workloads.”
Migration risk	”The migration risk is manageable if we run MPLS and SD-WAN in parallel during the transition period.”
Discussing SLA	”Our current MPLS SLA guarantees 99.99% uptime — that’s approximately 52 minutes of allowed downtime per year.”
Answering security concern	”SD-WAN traffic is encrypted end-to-end with IPSec — functionally equivalent to private transport from a confidentiality standpoint.”

Practice

Strengthen your networking vocabulary with the Networking Advanced exercise set and explore the full Network Engineer learning path.