Register Interest
IP EXPOCyber SecurityDeveloperAI and AnalyticsIoTBlockchain

Why it’s time to retire traditional routers at the branch

Monday 24 September 2018

Organisations often find that their employees complain that Salesforce.com – or Office365, Workday or any of myriad SaaS (Software-as-a-Service) apps – is more responsive from home than from the branch office. This is not least because conventional router-centric WAN architectures typically backhaul all SaaS and IaaS (Infrastructure-as-a-Service) traffic to the data centre for more advanced security verification than is typically affordable at branch sites.

Backhaul, which is usually based on expensive MPLS (multiprotocol label switching) transports often limited in bandwidth, adds latency that robs performance from SaaS applications and IaaS services. As a result, employees become frustrated with the quality of experience and may avoid working in the branch office altogether. And worse yet, impaired worker productivity often results higher operational costs and even reduced revenue.

To deliver the highest and most consistent SaaS and IaaS performance possible, why not connect users directly to these cloud services over the internet from the branch? Why not send that traffic in high speed broadband links that are often less expensive than leased line MPLS services? The challenge with doing so is overcoming the reliability and security concerns inherent with using internet services for enterprise applications. With an advanced, business-driven SD-WAN, this is now possible:

Reliability: Internet services are prone to periods where packet loss and latency can exceed acceptable thresholds (brownout) that can impair SaaS and IaaS performance. However, by using two or more broadband services, preferably from alternate providers but at least diversely routed, this challenge can be addressed. If one service experiences a brownout, a business-driven SD-WAN that continuously monitors packet loss and latency can automatically re-direct traffic to the “best performing” link, maintaining high SaaS and IaaS performance to deliver the highest quality of experience for the user. When the impaired service recovers, it automatically becomes available again to the WAN transport bandwidth pool.

Security: Not all web apps are created equal. Therefore, the SD-WAN platform must include the ability to centrally define and enforce granular application-specific security policies. A centrally defined policy might specify that trusted SaaS apps like Salesforce, O365, Workday, Box and Dropbox can be automatically directed to internet services from the branch since enterprises can confidently rely on the security measures these applications inherently support. But for recreational or unknown web-bound traffic, the policy might dictate more advanced security screening. An advanced, application-aware SD-WAN solution can intelligently and automatically steer this traffic to either cloud-based security services or to next-generation firewalls and IDS/IPS services back at headquarters through drag and drop service chaining within the orchestrator.

The SD-WAN platform must also keep pace with constantly changing IP address tables utilised by popular SaaS applications, such as Office 365, Salesforce.com, Box and others. These updates must be captured, and distributed daily and automatically to all sites, similar to the updates for virus protection signatures on a laptop. Basic SD-WAN solutions that require manual re-programming of IP (internet protocol) addresses or that rely on third-party signature libraries on a device-by-device basis simply cannot keep up.

Ultimately, if users are complaining about sub-par application performance, whether SaaS, IaaS or data centre-hosted apps, it’s time to move beyond conventional routers and deploy a business-driven SD-WAN.

Simon Pamplin, EMEA Technical Sales Director at Silver Peak

If you’d like to hear more about the advantages of SD-WAN, please visit the Silver Peak stand at IP EXPO Europe – HH12.

Digital Transformation Europe EXPO 9-10 October 2019

Register Interest

IP EXPO takes place on 9-10 October 2019 at ExCeL London. This unmissable event is your one stop shop for digital transformation and covers every vertical you need to consider for successful implementation. Including network and hardware, cybersecurity, developer community, AI and analytics, IoT and Blockchain.