Networks | SD WAN
The race to digital transformation means businesses are embracing greater numbers of ‘as a service’ platforms and moving systems into the cloud. But can their networks handle it?
The problem is that the traditional WAN was never designed for the explosion of WAN traffic that typically comes with digital transformation. And that impairs application performance for users.
With everyone now so dependent on cloud-based services like Office 365, Google Drive, or Slack, what’s needed is a flexible and easy-to-manage network that delivers bandwidth efficiently and exactly where it’s needed – when it matters most.
So that no matter what services users consume via the internet – voice, video, data – they are always able to work fluidly and in a safe and secure way.
Which is why, to ensure maximum productivity in the digital age, organisations are taking advantage of a new approach – the software-defined wide-area network or SD-WAN.
The need for a modern networking approach
Back in the day, the traditional hub-and-spoke WAN architecture was the go-to for IT, voice and data networking infrastructure for organisations that needed to deliver connectivity between branch locations and the head office.
Relying on multiprotocol label switching (MPLS) to manage voice, video and data traffic across the network, the traditional WAN links multiple local area networks (LANs) to connect office buildings to remote data centres and access email, database, and file servers. Today, however, these services are delivered via cloud SaaS platforms like Gmail or Office 365, or virtual services run in the public or private cloud. And that creates a problem because the traditional WAN is dependent on data centres.
Without local cloud access, traffic has to be back-hauled through the centralised data centre, creating performance issues and lags. But that’s not the only issue. To assure bandwidth for business critical applications, IT teams either have to invest in expensive MPLS circuits and/or less reliable broadband connections. Plus, keeping up with rapidly evolving new connectivity demands – or adding new branch offices -takes significant time, effort, and additional hardware.
As key business services and applications move out of the data centre and into the cloud, SD WANs offer the direct, reliable and agile connectivity that’s needed to meet fast-changing needs.
Getting agile – making the move to SD-WAN
Ideal for the demands of latency-sensitive and bandwidth-heavy applications that place increased demands on corporate networks, SD-WANs can be considerably less expensive and easier to manage than legacy MPLS and VPN networks.
With SD-WAN, companies can customise which access technologies, carriers, hardware, and other network components best meet their needs, instantly scale up services, and define the optimum path for key applications.
In other words, SD-WAN gives organisations the capabilities they need to operate at ‘cloud speed’ and manage an ever increasing number of technologies, platforms, systems, and network models.
It’s a nimble architecture that delivers multiple benefits: greater network control and automation, segmented security policies, and increased security measures that are simple to deploy.
What is SD-WAN?
Delivering connectivity across multiple communication channels and the entire corporate application portfolio from a single centrally managed console, SD-WAN acts as a software overlay for the underlying connectivity, whatever type or service is selected.
Designed to fully support applications hosted in on-premise data centres, public or private clouds and SaaS services like Office 365, Salesforce.com and Dropbox, an SD-WAN enables organisations to securely and intelligently direct traffic over the WAN and the most suitable path.
In other words, SD WAN simplifies how organisations:
- Move workloads to any cloud, consume cloud-hosted applications or enable new services in remote locations
- Reduce WAN costs without compromising security
- Deploy WANs, so that new revenue generating services can be deployed in minutes, not months
- Deploy any type of connectivity – utilise MPLS, 4G/5G, LTE and more
- Initiate add-on network services – like WAN optimisation, wireless LAN & security
- Adopt new users and devices at speed
- Optimise the end-user experience with predictable application response
What about security?
Securing the organisation’s growing universe of roaming users, devices and software-as-a-service apps without adding complexity or reducing end-user performance will be a top priority. Because as security shifts to the cloud, tried-and tested perimeter-based models will struggle to keep up with an entirely new set of security needs.
Protecting users wherever they work and whatever service they use from a variety of threats, including malware infections, phishing attacks, denial-of-service attacks, and unauthorised access will be a complex proposition.
So it’s vital to ensure the SD-WAN solution selected has security built in – not bolted on. Ideally, seek out solutions that make it easy to deploy the right security in the right place from a single dashboard.
For end-to-end protection, only consider solutions that enable you to:
- orchestrate and enforce end-to-end segmentation spanning the WAN-LAN-Data centre and the LAN-WAN-Cloud to protect the business against data exfiltration and insider threats
- centrally configure security policies and push these to 1000s of nodes across the network
- transform routers into advanced multi layered security devices with an application-aware enterprise firewall, IPS, URL filter and continuous DNS monitoring
But to truly enable secure access to cloud applications and protect mobile users, regardless of what devices they are using, more and more organisations are now moving to a SASE security model.
Secure Access Service Edge (SASE)
According to Gartner, SASE is a solution that offers “comprehensive WAN capabilities with comprehensive network security functions to support the dynamic secure access needs of digital enterprises.”
In other words, traditional connectivity and security models that used to focus on the centralised data centre now need to shift to focusing on the identity of the user and device. And that’s exactly what SASE does. So, instead of focusing on a secure perimeter, SASE focuses on entities such as users, and pushes security as close to these entities as possible. It’s an approach that intelligently optimises connections to cloud applications and addresses the new reality of users and applications being so widely distributed.
The SD-WAN is a key component of the SASE model that makes it possible to consolidate numerous networking and security functions into a single integrated cloud service, so that organisations can:
- reduce costs and complexity
- provide centralised orchestration and real-time application optimisation
- secure seamless access for users
- enable more secure remote and mobile access
- restrict access based on user, device, and application identity
- improve security by applying consistent policy
- boost the effectiveness of security strategies with centralised management.
Make your WAN work smarter with our Managed SD-WAN Services
Your network bandwidth is in high demand. Cloud computing, collaboration tools and mobility services all have a huge impact on WAN performance. Latency and bottlenecks threaten to slow your network to a crawl. And everyone from the C-suite to customers and shareholders wants you to speed things up. If this sounds all too familiar, Managed SD-WAN can help.
With our wide-ranging networking solutions and decades of experience and thought leadership, we’re the right partner to help you put it to work for you.
Work with us to build your personalized managed SD-WAN network solution.
5 Things to consider before deploying SD-WAN
Prior to deploying a SD-WAN solution, it’s important to think about current and future connectivity and security needs.
Consider everything from what applications are running on the network, where these are located (SaaS, data centre, IaaS), how much bandwidth is being used, and how much of the current infrastructure can be reused or repurposed.
Traditional edge security is changing as companies transition to cloud networking, so it will be essential to consider how security features are deployed and configured for optimised protection and uptime.
Investigate what local, national and international connectivity will be required and where potential issues could arise as a result of latency delays as traffic moves from ISP to ISP.
Think about future needs:
New advancements like IoT, AI-based interactions with customers, intelligent beacons and smart stores may change the rules of the game as far as delivering the right security policies and Quality of Service (QoS) across service categories is concerned.
The right partner, who can help your organisations realise its goals