How SD-WAN Improves Multi-Site Connectivity in Australia
Why Is Multi-Site Connectivity So Difficult in Australia?
Australia presents networking challenges that few other countries share. A retail chain with stores in Sydney, Darwin, and rural Tasmania is dealing with a continent-spanning network where the available infrastructure varies dramatically from site to site. What works in a Melbourne CBD office building simply does not exist in a regional town 200 kilometres inland.
According to the ACCC's Communications Monitoring Report (2024), there are over 1.3 million active business-grade broadband services in Australia — but the technology mix varies enormously. In metropolitan areas, businesses can access fibre-to-the-premises (FTTP) and Ethernet with symmetrical speeds up to 1 Gbps. In regional areas, many sites are limited to fibre-to-the-node (FTTN) with maximum speeds of 50-100 Mbps downstream and just 20 Mbps upstream.
This variability creates a fundamental problem for traditional WAN architectures. MPLS requires consistent, carrier-grade infrastructure at every site. SD-WAN, by contrast, is designed to work with whatever connectivity is available — and make it perform reliably.
What Makes Australian Multi-Site Networking Unique?
The tyranny of distance
Australia is the sixth-largest country by land area, with a population concentrated along the eastern and southern coasts. A business with offices in Perth and Brisbane has sites separated by over 4,300 kilometres. Latency between these cities is typically 50-70ms on public internet paths — manageable for most applications, but enough to make traditional hub-and-spoke architectures impractical for real-time workloads.
SD-WAN addresses this by enabling direct site-to-site connectivity without backhauling traffic through a central data centre. A Perth branch connecting to a Brisbane branch can use the most direct internet path available, rather than routing through a Sydney hub.
NBN technology lottery
The National Broadband Network is not a single technology — it is a patchwork of seven different access technologies, each with different performance characteristics. Two business sites in the same suburb can have completely different NBN technology types.
| NBN Technology | Typical Download | Typical Upload | Availability |
|---|---|---|---|
| FTTP (Fibre to the Premises) | Up to 1 Gbps | Up to 400 Mbps | ~18% of premises |
| FTTC (Fibre to the Curb) | Up to 250 Mbps | Up to 100 Mbps | ~12% of premises |
| HFC (Hybrid Fibre Coaxial) | Up to 250 Mbps | Up to 25 Mbps | ~28% of premises |
| FTTN (Fibre to the Node) | Up to 100 Mbps | Up to 40 Mbps | ~24% of premises |
| Fixed Wireless | Up to 75 Mbps | Up to 10 Mbps | ~8% of premises |
| Satellite (Sky Muster) | Up to 25 Mbps | Up to 5 Mbps | ~3% of premises |
Source: NBN Co Corporate Plan 2024
For a business with 30 sites across Australia, this means the network design must accommodate wildly different capacity and performance profiles at each location. A one-size-fits-all approach simply does not work.
Carrier coverage gaps
No single Australian carrier provides optimal coverage and pricing at every location. Telstra has the broadest geographic reach but commands premium pricing. Aussie Broadband offers competitive business-grade NBN services with strong service levels. AAPT/VOCUS excels in Ethernet and fibre services in metropolitan and major regional centres. Choosing one carrier for all sites means either overpaying at some locations or accepting suboptimal service at others.
How Does SD-WAN Solve These Challenges?
Transport-agnostic connectivity
SD-WAN treats every available connection as a usable transport link. A CBD office might connect via two diverse fibre Ethernet services. A regional branch might use an FTTN NBN connection plus a 4G/5G mobile broadband backup. A remote site might rely on fixed wireless and satellite. The SD-WAN overlay normalises all of these into a consistent, managed network — applying the same security policies, QoS rules, and monitoring regardless of the underlying technology.
This transport-agnostic approach means businesses can deploy to any Australian location where there is any form of internet connectivity. The 2024 ACCC report confirms that 99.7% of Australian premises now have access to at least one fixed broadband technology, and mobile coverage extends to 98.8% of the population.
Multi-carrier underlay
SD-WAN enables genuine carrier diversity at every site. Rather than being locked into a single provider, each location can use the best available carriers for that specific address. In practice, this means:
- Metropolitan sites: Dual Ethernet from different carriers (e.g., Aussie Broadband fibre + AAPT/VOCUS Ethernet) plus 4G backup
- Regional sites: Business NBN from one carrier plus 4G/5G from another carrier, potentially with a third fixed wireless option
- Remote sites: Whatever fixed broadband is available plus Starlink or NBN Sky Muster, with 4G as a fallback
At PCONNECT, our wholesale agreements with Aussie Broadband, AAPT/VOCUS, and Telstra allow us to select the optimal carrier mix for each site based on availability, performance, and cost — rather than forcing every site onto the same provider.
Application-aware traffic steering
Not all applications have the same network requirements. Voice and video conferencing need low latency and minimal jitter. Email and file transfers need throughput but can tolerate latency. Web browsing sits somewhere in between.
SD-WAN classifies traffic by application and steers it to the most appropriate link. On a site with a 100 Mbps fibre connection and a 50 Mbps 4G backup, the SD-WAN might route Microsoft Teams calls over the fibre link (lower latency) while sending large file downloads over the 4G link (freeing up fibre bandwidth for real-time traffic).
Fortinet FortiGate SD-WAN identifies over 3,000 applications natively and can create granular policies for each. This means a network administrator can define, from a central console, that all voice traffic across all 50 sites must prefer the lowest-latency link, while backup replication traffic should use the cheapest available path.
Centralised management across all sites
Managing network configuration, security policies, and firmware updates across dozens of sites traditionally required either on-site visits or complex remote access arrangements. With SD-WAN orchestrated through a platform like FortiManager, every site is managed from a single console.
A policy change — say, blocking a newly identified malicious domain — can be pushed to all sites simultaneously. A new site can be provisioned by pre-configuring the appliance centrally and shipping it for plug-and-play installation. The Fortinet zero-touch provisioning process means a non-technical staff member at a new site can simply connect the appliance to power and internet, and it automatically contacts the central controller to download its configuration.
What Does a Typical Multi-Site SD-WAN Deployment Look Like?
Consider an Australian logistics company with 40 sites: a head office in Sydney, state offices in each capital city, and 32 depot locations in regional towns across eastern Australia.
Before SD-WAN
- Head office and state offices connected via 50 Mbps MPLS circuits ($2,000/month each)
- Regional depots on standalone NBN with site-to-site VPN ($200/month each, but unreliable and unmanaged)
- Cloud applications backhauled through Sydney data centre
- No centralised visibility or policy management
- Total monthly WAN cost: approximately $22,400
After SD-WAN
- Head office: Dual 1 Gbps Ethernet (diverse carriers) + 5G backup, FortiGate 200F
- State offices: 200 Mbps Ethernet + 100 Mbps NBN + 4G backup, FortiGate 100F
- Regional depots: Business NBN + 4G backup, FortiGate 60F
- All sites connected via SD-WAN overlay with centralised FortiManager
- Direct cloud breakout for Microsoft 365 and line-of-business SaaS applications
- Total monthly WAN cost: approximately $14,800
The result: 34% cost reduction, 4x average bandwidth increase, consistent security across all sites, and full visibility through a single management portal.
How Do You Handle Sites with Poor Connectivity?
This is one of the most common questions Australian businesses ask. The reality is that some sites will never have access to high-speed fibre. But SD-WAN is specifically designed to make the most of limited connectivity.
Techniques include:
- WAN optimisation — deduplication, compression, and caching reduce the amount of data that needs to traverse the WAN
- Application prioritisation — ensuring critical applications get bandwidth first, with non-essential traffic shaped or deferred
- Link bonding — combining two modest connections (e.g., 25 Mbps FTTN + 20 Mbps 4G) into a single logical link with 45 Mbps aggregate capacity
- Local internet breakout — web browsing and cloud application traffic exits locally rather than consuming the inter-site WAN
For genuinely remote sites, technologies like Starlink (now commercially available across mainland Australia at $139/month with typical speeds of 50-200 Mbps) can be incorporated into the SD-WAN fabric as an additional transport link.
Frequently Asked Questions
How many sites do we need before SD-WAN makes sense?
SD-WAN delivers value from as few as two sites, but the business case becomes compelling at three or more locations. The centralised management, consistent security, and carrier diversity benefits scale linearly — a 50-site deployment is managed with the same console and policies as a 5-site deployment.
Can SD-WAN work in areas with only NBN Fixed Wireless or satellite?
Yes. SD-WAN is transport-agnostic and will work across any IP-based connection, including NBN Fixed Wireless, satellite, and mobile broadband. Performance will be constrained by the underlying link speeds, but SD-WAN's traffic prioritisation and optimisation features ensure the available bandwidth is used as effectively as possible.
What happens when we open a new site?
With a managed SD-WAN service, provisioning a new site typically takes 5-15 business days. The SD-WAN appliance is pre-configured centrally and shipped to the site. Once connected to power and internet, it automatically establishes secure tunnels to all other sites and downloads its policies from FortiManager. There is no need for a network engineer to visit the site.
How does SD-WAN handle the latency between Perth and eastern states?
SD-WAN cannot reduce the physical distance between Perth and the eastern seaboard, but it can ensure traffic takes the most efficient path. Direct site-to-site SD-WAN tunnels avoid unnecessary hops through centralised hubs. For latency-sensitive applications, the SD-WAN continuously monitors path quality and selects the link with the lowest latency. Perth-to-Sydney latency on well-provisioned internet links is typically 55-65ms — well within the acceptable range for voice, video, and most business applications.
Do all sites need the same SD-WAN hardware?
No. Fortinet offers a range of FortiGate appliances scaled to different site sizes. A head office might use a FortiGate 200F or 400F with high throughput and port density, while a small branch office uses a FortiGate 40F or 60F. All models run the same FortiOS operating system and are managed through the same FortiManager console, ensuring consistent policy enforcement regardless of the hardware at each site.