The recent explosion in the number of employees working from home has put cloud services back in the spotlight as an essential tool to facilitate remote working.
While cloud-based applications can offer significant benefits, there are also challenges around moving applications to the cloud. Even with major hyper-scale platforms like Amazon Web Services and Azure now available locally, if your business’s network is insufficient to handle the increase in traffic, then latency, downtime, security and privacy concerns can come to the fore.
Resilience and availability of the future WAN is critical for businesses. It is crucial for organisations to take a fresh look at how they manage their wide area networks (WAN) and consider how they will future-proof them to improve network performance and address security vulnerabilities.
SD-WAN is a powerful tool to ensuring a resilient WAN
Software-defined wide area network (SD-WAN) is an overlay management technology that provides businesses with dramatically increased visibility and control. It simultaneously increases network agility and flexibility, allowing organisations to consume last mile services from multiple carriers, ultimately simplifying these relationships. This of course increases competition, thereby lowering the cost and risk to business.
While many of the benefits of technologies like SD-WAN are well known (as outlined in our eBook), there are a few important considerations facing organisations when considering their future WAN and selecting SD-WAN vendors.
The key is to:
- Understand your environment;
- Map the flow of traffic;
- Identify security checkpoints and risks; and
- Decide on your preferred end-state.
With this mapped out, comparing products to best suit your business is a little more straightforward.
While our process has been outlined in a bit more detail in a previous article: Choosing an SD-WAN solution that complements your business, the most important considerations are as follows:
Integrated security of most SD-WAN product consists of at least a stateful packet inspection (SPI) layer 7 firewall. When looking at combining unified threat management (UTM) features with SD-WAN in a single product, you will probably lose a lot of WAN traffic management functionality. Separating these services will come at a cost, but will provide you with the best of both worlds. Moving your internet security as well as your application security to a cloud service is also a very good option. This will allow for a “always-on” service, consumed through an “as a service” model, as well as reducing the on-site hardware footprint. It is important to partner with a vendor that offers flexibility at the WAN edge. Citrix SD-WAN is one vendor that offers particularly good flexibility at the WAN edge as outlined in this article: Security options to protect resources at the WAN Edge.
2. Commercial construct
In the current economic climate, businesses are unlikely to fund large capex requirements. Our recommendation is to rather consider vendors like Citrix, which offer a subscription-based offering via their MSP partners like Intelys Telecom, which deliver SD-WAN as a service on a rental model. This not only alleviates the heavy capex burden of the transition to a new technology, but also ensures you have access to the necessary skills, resources and experience to manage your implementation. It is also important to understand the Customer Provider Edge (CPE) flexibility and deployment options of your chosen SD-WAN vendor and its ability to act as a CPE replacement as this further strengthens the business case, over and above the savings generated on the last mile links.
At Intelys Telecom, we work with our clients to understand current versus future WAN costs and work towards using the savings generated on the WAN to subsidise the SD-WAN investment. A business case is delivered as part of our network assessment, which articulates a detailed project ROI for your CFO.
3. SD-WAN vendor integration into the ecosystem
One of the key considerations is to understand how you will integrate your current or future ecosystem. The world is moving fast, and you need to ensure that your chosen vendor provides the flexibility for you to integrate into multiple third parties.
Citrix SD-WAN offers excellent flexibility through its partner ecosystem. This includes automated provisioning of cloud onramp or instances with all the major cloud providers, where you can seamlessly extend your SD-WAN fabric into the cloud with a few clicks, ie, Microsoft Hub to Hub. Citrix SD-WAN also offers automated integration and provisioning of a variety of key third-party security services, including Checkpoint, Palo Alto and Zscaler.
4. Traffic management
While a session-based technology might be adequate for some organisations, our recommendation is to maximise uptime by considering a per packet-based technology. With Citrix SD-WAN, traffic is managed either “per session” or “per packet”. The latter provides more control over your traffic. This includes failover in milliseconds without interrupting sessions, real-time traffic packet duplication over multiple WAN links, as well as instantaneous route changes based on link load and performance. “Per session” options are fine when using stable, SLA-backed WAN connectivity and when load or user experience is not an issue.
Entrust Intelys and Citrix to define your WAN of the future
The transition to SD-WAN creates an opportunity to work with an SD-WAN managed service provider (MSP) as opposed to your incumbent ISP or network provider. MSPs are generally niche and focused, and typically deliver SD-WAN as a service. Working with an MSP like Intelys Telecom ensures that your organisation has access to the necessary skills, resources and experience to manage your implementation. Our robust approach ensures a smooth transition, minimising any associated risk and downtime for your business.
In partnership with Citrix SD-WAN, Intelys can deliver a robust SD-WAN as a service to future-proof your network for the cloud revolution. For further information, please download our eBook and complete the survey to win a prize.
Social media links