Enterprise WAN: Your applications are finally calling the shots

In all your time running a WAN, how much of it have you truly controlled - not just managed or configured?

If your network relies on carrier-provisioned Multiprotocol Label Switching (MPLS) circuits, routing decisions constrained by someone else's hardware and SLAs you have no real power to enforce, your actual level of control is probably lower than you think.

For years, that lack of control was a structural reality of the job, but the balance of power is changing.

Control first shifted from carriers to enterprises, then from enterprises to cloud platforms. Now, it's moving again - this time to the application itself.

AI-driven workloads demand low latency, consistent performance and real-time responsiveness. As a result, the WAN can no longer exist primarily to provide connectivity; it must also adapt dynamically to the needs of the applications it supports, and you need to recognize what this means for your network.

ALSO READ → Your network is now at the center of the AI conversation

What did we gain from a 40-year struggle for control?

When it comes to the enterprise WAN, everything is centered on three factors: performance, cost and control.

In the earliest days of networking, leased lines delivered great performance but were so expensive that they could not realistically be scaled. The carrier built it and controlled it, and you just wrote the checks.

In the 1990s, frame relay and asynchronous transfer mode brought costs down by enabling shared infrastructure. However, the fundamental dynamic was the same. The carrier still owned the routing and dictated the performance. You were just a tenant on someone else's property.

Then MPLS came along and gave network leaders exactly what they wanted: predictable performance, traffic engineering and ironclad SLAs. For industries like financial services, it was transformative.

But strip away the fancy technology, and nothing had really changed behind the scenes. The control problem remained.

SD-WAN: When organizations took back the wheel

The turning point came down to one simple question: As regular internet bandwidth got faster and more reliable, did we still need MPLS for everything?

Software-defined WAN (SD-WAN) didn't replace the underlying transport layer, which remained largely the same. It completely changed the control layer above it. For the first time, you could steer your own traffic based on application performance, cost and business policies. The carrier no longer called the shots.

Secure access service edge (SASE) soon followed, combining the routing freedom of SD-WAN with cloud-delivered security. Gone were the days of traffic detouring through centralized data centers. The control you had over your network routing now applied to your security, too.

The enterprise era of WAN had arrived - but it didn't last as long as we expected.

The third shift: Hyperscalers in the spotlight

While organizations were celebrating their newfound control over the network, a structural shift was happening in the background. Applications moved to the cloud, and the heavy-duty infrastructure needed to reach them went with them.

Amazon Web Services, Microsoft and Google have built some of the world's biggest private networks. Their fiber-optic setups rival anything the traditional carriers have. In many enterprise architectures, your traffic just takes the public internet to the nearest cloud on-ramp and then rides the hyperscaler's backbone the rest of the way.

As a result, MPLS is no longer the default setting. In some environments, it's becoming optional; in others, it's gone already. The balance of power has shifted again. It didn't go back to the carriers, but it didn't stay with you, either. It moved to the cloud providers, making it important to understand how much of your network experience now depends on these providers' networks.

Where the overlay model reaches its limit

Most enterprise networks are now in a hybrid state. You've got SD-WAN, increasing SASE adoption, internet-first access and traffic bouncing between cloud and carrier backbones. But underneath all this architecture lies a performance problem that software alone can't fix.

Today's WAN runs on "best effort" networking. That's adequate for software as a service (SaaS) and general web traffic, but throw AI, financial trading or real-time data replication at it, and the cracks immediately start to show.

These workloads need absolute predictability. When latency spikes or the connection gets jittery, the impact goes far beyond a poor user experience. It threatens the synchronization, resilience and throughput of the workload itself.

If you're running high-performance environments, settling for a best-effort network creates a bottleneck holding your entire architecture back.

What comes next: Control moves to the application

The next handoff is the biggest one yet: Control is moving directly to the application.

Within the NTT Group, we're driving this shift with the All-Photonics Network (APN). Instead of building another overlay, APN upgrades the underlying physical transport layer itself. By eliminating the constant, lag-inducing conversions between optical and electrical signals, we're making the underlying network programmable, efficient and predictable.

The payoff is significant. Instead of applications adapting to the limitations of the network, the network adapts to the needs of the application. Workloads can communicate their requirements - latency, bandwidth, resilience and security - and the network can be configured accordingly. This means heavy-duty AI workloads, financial trading platforms and real-time data pipelines get a network custom-built for their precise requirements in real time, rather than relying on best-effort routing optimized after the fact.

For high-performance setups, this ends the ongoing cycle of WAN optimization. We're moving to guaranteed performance, and it's a practical reality you need to start planning for today.

ALSO READ → When networks hit the speed of light: Why photonics is the next big shift

4 WAN architecture decisions that matter right now

Decades of WAN evolution all point to four realities for network leaders:

1. The software overlay can't save you

We've spent a decade innovating above the transport layer. That works great for basic SaaS applications, but for AI and high-performance data, the real constraint is found underneath the overlay. If you aren't upgrading the transport layer, your architecture review is incomplete.

2. Consider the implications of vendor lock-in

SASE simplifies things, but it's a double-edged sword. It can also create a new form of dependency, when your entire network strategy becomes too tightly coupled to one vendor's roadmap. You need to decide where standardization makes sense and where you must keep your flexibility.

3. Waiting creates architectural debt

AI doesn't run on best-effort networks. GPU clusters and real-time data pipelines demand absolute predictability. Build your network strategy alongside your AI strategy or risk spending years retrofitting your network around problems you could have avoided.

4. Humans can't run this alone anymore

A multivendor environment spanning network, security and cloud generates telemetry data at a speed and scale that manual IT operations cannot handle. The future of WAN is about deploying agentic infrastructure that can automatically turn data into real-time fixes for performance and security.

What will your next move be?

You don't just want to give your WAN a facelift. It's about deciding who controls your network, cloud and security, and designing an architecture that delivers in real time for your most demanding applications.

At NTT DATA, we help you take back that control. With multivendor expertise spanning Cisco, Palo Alto Networks, Zscaler, Netskope and more, we design, deploy and manage your secure edge and cloud environment end to end, helping you take back architectural control by connecting applications to advanced transport, APN-enabled capabilities and agentic operations.

Are you ready to take charge of your own architecture, or will you wait until those decisions are made for you?

WHAT TO DO NEXT

Explore NTT DATA's Secure Networking Solutions to see how we transform enterprise connectivity on campus, WAN and cloud networks.

Mark Palmer

Global Vice President: Network Tower at NTT DATA

Mark Palmer is Global Vice President: Network Tower at NTT DATA. He leads growth and innovation across the networking segment and has extensive experience in global markets, network technologies and go-to-market transformation, including leadership roles at Cisco, where he helped drive $5 billion in recurring revenue growth and the modernization of campus and data center networking. Mark has also led global specialist sales teams and technology consulting strategy initiatives.