September 21, 2020

What is SD-WAN?

Software-Defined WAN (SD-WAN) is a networking technology that seamlessly connects branch offices, HQs cloud and data centers over broadband internet rather than MPLS leased lines.

What is SD-WAN?

Software Defined WAN (SD-WAN) is a new way to manage and optimise a Wide Area Network (WAN) or simply put, a new way to deliver secure business broadband internet connections, enabling global connections from HQ to branch offices, mobile and remote workers or staff working from home.

SD-WAN addresses the changing use of enterprise networks, away from centralised offices designed for all users to be in the office all the time, with a few remote workers, towards the growing trend of cloud computing and remote working. It is more flexible than MPLS (expensive leased line internet connections), and better at supporting a distributed and mobile remote workforce, it is also more reliable, scalable and secure than VPN-based WAN links.

As SD-WAN is an evolving category, there are a variety of vendor implementations, some which very basic repackaging of traditional WAN solutions, border-line marketing hype, adopting the term, without truly delivering on the promise of SD-WAN, and others are next-generation, blurring the role of traditional WAN security and MPLS over a broadband internet connection.

A good implementation offers a secure, feature rich alternative to MPLS or leased lines, with convergence of optimised routing to accelerate cloud traffic, replace standalone point devices like Firewalls, IPS, Anti-malware, URL filtering, WAN load balancers, and VPN devices. Delivering value-added services over the wire. What this means is, organisations no longer require maintenance of firewalls and other security items, as the security is maintained centrally throughout all connections and quality of service is greater than or equal to leased line at a fraction of the cost.

SD-WAN is implemented as a network of SD-WAN appliances connected by encrypted tunnels. Each SD-WAN appliance is connected to a set of network services, which can be a mix of multiple ISPs and existing MPLS, with monitoring of the current availability and performance of each of connection. Network traffic reaching an SD-WAN appliance is classified based upon application and prioritised using a set of centrally-managed priorities, before being sent out over the best available network link via dynamic path selection.

Simple SD-WAN Topology

SD-WAN makes it possible to replace MPLS, which is not only expensive, but lacks the real-time single-point of view and control for applications, connections, users, and security. SD-WAN allows security functionality to be distributed to the network edge, making it unnecessary to send all traffic through the enterprise datacenter for scanning before forwarding it to cloud services, a practice that degrades latency and performance. This is a significant change for organisations used to backhauling all internet traffic to the data center to apply global security and filtering policies.

By converging networking and security functionality, an SD-WAN can eliminate the need to deploy expensive point security products at branch locations. An SD-WAN with a large network of globally-distributed points-of-presence (PoPs) can provide high-performance, secure networking with centralized management and visibility.

ICG Asia SD-WAN PoPs

What is SD-WAN

A History of SD-WAN

Software-defined WAN (SD-WAN) brings the abstraction of software-defined networking (SDN) to the WAN; however, it is only the latest in a series of transformations of WAN.

The very first stage of WAN, in the 1980s, used point-to-point (PPP) lines to connect different LANs. The price and efficiency of these connections were improved with the introduction of Frame Relay in the early 1990s. Instead of requiring a direct PPP connection between each pair of communicating parties, Frame Relay allowed connection to a “cloud” from a service provider, allowing shared last-mile link bandwidth and the use of less expensive router hardware.

The next stage was the introduction of Multiprotocol Label Switching (MPLS), which provided an IP-based means of carrying voice, video, and data on the same network. MPLS provides dependable network connections protected by SLAs but is expensive and slow to provision.

In 2013, SD-WAN emerged, showing the potential to be a viable and cost-effective alternative to MPLS – making it the logical next step in WAN technology. By abstracting away the entire network layer and routing traffic based upon a collection of centrally defined and managed policies, SD-WAN is able to optimize routing and prioritization of various types of application traffic. The flexibility provided by SD-WAN also allows it to better meet the needs of cloud and mobile users. As this type of use is becoming more common, it is unsurprising that many organizations are anticipated to adopt SD-WAN.

Learn more about the history of SD-WAN

The Evolution of SD-WAN

SD-WAN 1.0: Hungry for bandwidth

The first stage of SD-WAN evolution was focused on solving the issues of availability and last-mile bandwidth. New MPLS links are expensive and slow to provision, and the use of an Internet backup meant that the backup was only used in the case of an outage. Using link-bonding, an SD-WAN predecessor could combine multiple different types of connections at the link level, improving last-mile bandwidth.

SD-WAN 2.0: The rise of SD-WAN startups

The limitation of link bonding is that it only improved last-mile performance. Achieving improved performance throughout the WAN required routing awareness throughout the path. Early SD-WAN solutions offered virtualization failover/failback and application-aware routing. With application-aware routing, SD-WAN could move away from being fully reliant on MPLS links and optimally route traffic based upon the application type.

SD-WAN 3.0: Reaching out

The latest stage of SD-WAN evolution focuses on going beyond networking branch locations. As organizations increasingly move resources to the cloud, SD-WAN provides a solution for securely connecting these cloud deployments to the enterprise WAN.

Learn more about the evolution of SD-WAN

How does SD-WAN work?

Software-defined WAN (SD-WAN) is designed to solve many of the challenges associated with traditional WAN design. SD-WAN abstracts away the details of the networking layer, allowing the WAN to use a variety of different connection types interchangeably, including LTE, MPLS, and broadband Internet.  This abstraction can improve network bandwidth, performance, and redundancy and enables centralized management and orchestration.

SD-WAN works by creating a network of SD-WAN appliances connected by encrypted tunnels. Each site on the WAN has its own SD-WAN appliance, and all traffic flows through that appliance. Since all appliances are centrally managed, consistent networking policies can be enforced throughout the organization. When traffic enters an SD-WAN appliance, the appliance determines the type of application traffic and routes it to its destination based upon existing policies and the availability and performance of different network links.

Traditional SD-WAN is hardly perfect. Many SD-WANs do not include integrated security, so each branch location must deploy its own standalone security products. SD-WAN also includes the deployment of an SD-WAN appliance at each endpoint, which makes it difficult or impossible to use it for cloud and mobile traffic. Finally, SD-WAN often relies upon public Internet service, which can cause reliability concerns.  However, many of these problems are solved with secure access service edge (SASE) platforms.

How SD-WAN Works

Learn more about how SD-WAN works

SD-WAN Benefits

Designed to provide an alternative to traditional MPLS-based WAN, Software-defined WAN (SD-WAN) provides organizations with five major benefits when compared to MPLS.

Reduced WAN costs

MPLS bandwidth is expensive, and it can take weeks or months to provision a new MPLS link, compared to days with SD-WAN. Both in cost of operation and in lost business opportunity, MPLS is inferior to SD-WAN.

Enhanced WAN performance

MPLS is very effective at routing traffic between two static locations, but the growth of the cloud makes this less useful to businesses. SD-WAN’s policy-based routing allows traffic to be optimally sent through the network based upon the needs of the underlying application, resulting in increased application performance and better end user experience than traditional WAN architecture.

Improved WAN agility

SD-WAN also provides much more agile networking than MPLS. With SD-WAN architecture, the network layer is abstracted away, allowing the use of a variety of different transport mechanisms throughout the WAN.

Simplified WAN management

With MPLS, an organization may need to deploy a variety of standalone appliances to manage WAN optimization and security. With secure SD-WAN, these operations can be centralized, allowing organizations to scalably manage growing networks.

Increased WAN availability

Finally, SD-WAN technology can provide dramatic redundancy and availability improvements over MPLS. With MPLS, adding redundant links can be expensive. SD-WAN, on the other hand, can route traffic over a different transport mechanism in the case of an outage.

Learn more about how SD-WAN benefits digital transformation

How to connect multiple offices

WAN connections to branch offices have a variety of different constraints: they must be secure, reliable, affordable, and offer enterprise-level network performance. Several different solutions exist, but many of them have their issues.

A common solution to connecting branch locations is the use of VPNs over the public Internet. While these can provide the security that an organization may require, they are often difficult to set up and may not meet the organization’s needs. Mobile VPN clients are non-existent or clunky, and physical VPN appliances can be time-consuming to deploy and may not meet the needs of a mobile workforce. The dependence of VPN upon the public Internet means that VPNs may also not provide the reliability that the enterprise requires.

While MPLS provides more reliable, high-performance network connections, MPLS connections are slow to deploy, and MPLS bandwidth is expensive. The technology is also ill-suited to mobile and cloud users and lacks built-in security.

Cloud-based software-defined WAN (SD-WAN) provides a solution to the challenges of branch networking. Cloud-based points-of-presence (PoPs) connected by layer-1 network connections backed by SLAs provide high-performance, reliable, and affordable networking. The network of cloud-based PoPs makes it possible for users to connect from anywhere with minimal latency, and an integrated security stack provides security throughout the network.

Learn more about how to connect multiple branch offices

SD-WAN security

MPLS and appliance-based software-defined WAN (SD-WAN) can both provide an organization with the networking capabilities needed for a WAN. However, they often have significant security shortcomings. MPLS lacks any encryption of its circuits, and both MPLS and appliance-based SD-WAN may have no built-in security. As a result, many organizations using these systems deploy standalone security appliances at each location to provide the necessary cybersecurity protections.

However, this approach to WAN security can be complex, unscalable, and expensive since each new location requires another set of security appliances. Each of these appliances must be individually purchased, configured, monitored, and managed, which creates significant costs throughout their lifetimes. This approach also does not work for the cloud and mobile, where security appliances cannot be deployed on-site.

Cloud-based SD-WAN provides a solution to this problem. By placing points-of-presence (PoPs) in the cloud, they can achieve global coverage, allowing users to connect via a nearby PoP and use the SD-WAN with minimal latency impacts. These PoPs can also have integrated security functionality, removing the need to deploy standalone appliances at each location and enabling centralized networking and security visibility across the enterprise WAN. Networking and security integration can also improve performance since networking and security appliances can be optimized to interoperate with one another.

Learn more about the challenges of SD-WAN security

SD-WAN vs. MPLS vs. public internet

As global organizations become more common, the need to connect geographically-distributed LANs via a WAN becomes extremely important. In order to compete effectively, organizations need access to stable, high-performance WAN at an affordable price. Three options exist for providing this: the public Internet, MPLS, and software-defined WAN (SD-WAN).

The first option for an enterprise is to route internal traffic over the public Internet. The two primary advantages of this approach are quick setup and relatively low costs since broadband Internet is widely accessible and typically affordable. However, these advantages come at the cost of unstable performance, volatile latency, and a lack of end-to-end management.

MPLS is designed to provide high-performance and reliable network connections backed by SLAs guaranteeing latency, packet delivery, and availability. However, these high-performance connections are expensive and extremely slow to deploy (taking weeks or months). MPLS connections are also ill-suited to cloud computing since traffic must be pulled back to a centralized access point before being sent out to its destination.

SD-WAN provides the best of both worlds by abstracting away the details of the network infrastructure. By choosing the optimal route from a collection of public Internet connections and MPLS links, SD-WAN can balance performance and cost on a per-application basis. Cloud-based SD-WAN provides additional benefits, including integrated security, support for mobile and cloud users, and predictable latency and packet loss.

SD-WAN vs. MPLS vs. public internet

Learn more about SD-WAN vs. MPLS vs. broadband public internet

MPLS Alternative

MPLS, a common choice for enterprises that need high-speed, reliable network connections, provides guaranteed availability, packet loss, and latency backed by SLAs.

Yet while the technology is indeed mature and built for the enterprise, it also has its disadvantages. The guaranteed features of MPLS mean that MPLS bandwidth is expensive, not to mention that changing MPLS connections is difficult as new connections can take weeks or months to deploy. This affects the ability to set up new branch locations, expand bandwidth at existing locations, and other network changes.

Software-defined WAN (SD-WAN) is designed to provide an alternative to MPLS that addresses these challenges. SD-WAN, which consists of a network of SD-WAN appliances that are connected via tunnels over multiple transport media, abstracts away the network layer and optimally routes traffic over a variety of different data services depending on the type of application traffic. As a result, it can reduce the cost of networking and allows rapid deployment.

And yet, SD-WAN is not a perfect solution. Its reliance upon existing communications links means that MPLS may still be needed for certain applications, and SD-WAN appliances often do not have security built-in by default. Addressing these issues, and expanding coverage to mobile and cloud users, requires cloud-based SD-WAN.

When it comes to sizing your MPLS alternative, there can be a lot of confusion about "what you pay for" and "what you get". For example a 100Mbps MPLS line may only achieve 80Mbps effective bandwidth and a 1Gbps broadband connection may only achieve 250-500Mbps effective bandwidth. You can test your current internet speed with the ICG Asia internet speed test.

Learn more about MPLS alternatives

SD-WAN redundancy vs MPLS redundancy

Redundancy is vital for the enterprise WAN. Network outages are a leading cause of downtime, so redundant network connections are needed to minimize downtime. Software-defined WAN (SD-WAN) is a viable alternative to MPLS for enterprise WAN, but reliability and redundancy can be an issue. However, if implemented properly, SD-WAN can offer better redundancy than MPLS.

MPLS is well-known for its middle-mile reliability. However, the same level of reliability is often not attainable for last-mile connections. MPLS bandwidth is expensive, so the price of last-mile redundancy can be prohibitive. As a result, downtime can be easily caused by events that terminate this last-mile connection. Last-mile redundancy requires dual-homed connections that are routed in different ways to different providers. Typically, MPLS network offers active-passive redundancy with failover based upon route or DNS convergence.

SD-WAN is designed to abstract away the network layer and allow traffic to be routed over multiple connections. Therefore, all SD-WAN connections are in active use at all times, with real-time availability and performance monitoring. This not only improves the bandwidth and reliability of WAN connectivity but also enables active-active redundancy. In the case of an outage in one transport method, data can seamlessly be routed via an alternative connection. Thus, in addition to providing high middle-mile redundancy, SD-WAN can also provide better last-mile redundancy than MPLS.

Learn more about SD-WAN vs. MPLS redundancy

SD-WAN vs VPN: How Do They Compare?

Redundancy is vital for the enterprise WAN. Network outages are a leading cause of downtime, so redundant network connections are needed to minimize downtime. Software-defined WAN (SD-WAN) is a viable alternative to MPLS for enterprise WAN, but reliability and redundancy can be an issue. However, if implemented properly, SD-WAN can offer better redundancy than MPLS.

MPLS is well-known for its middle-mile reliability. However, the same level of reliability is often not attainable for last-mile connections. MPLS bandwidth is expensive, so the price of last-mile redundancy can be prohibitive. As a result, downtime can be easily caused by events that terminate this last-mile connection. Last-mile redundancy requires dual-homed connections that are routed in different ways to different providers. Typically, MPLS offers active-passive redundancy with failover based upon route or DNS convergence.

SD-WAN is designed to abstract away the network layer and allow traffic to be routed over a variety of different connections. Therefore, all SD-WAN connections are in active use at all times, with real-time availability and performance monitoring. This not only improves the bandwidth and reliability of WAN connection but also enables active-active redundancy. In the case of an outage in one transport method, data can seamlessly be routed via an alternative connection. Thus, in addition to providing high middle-mile redundancy, SD-WAN can also provide better last-mile redundancy than MPLS.

SD-WAN vs VPN: How Do They Compare?

Learn more about SD-WAN vs. VPN comparison

SD-WAN as a Service

SD-WAN as a Service extends the core capabilities of traditional SD-WAN. It converges the WAN edge, a global backbone and a full network security stack into a unified cloud-native platform. Known as SASE (or the Secure Access Service Edge) it is built to optimally connect and secure all enterprise resources; physical locations, cloud datacenters, and the mobile workforce. By integrating SD-WAN into SASE, enterprises can gradually transform their WAN to address the full WAN transformation journey, without deploying multiple point solutions.

Learn more about SD-WAN as a Service

Last Mile Constraints

MPLS is well-known for middle-mile reliability; however, the same is not true for last-mile. The cost of MPLS bandwidth often makes deploying redundant last-mile connections cost-prohibitive, leading organizations to seek alternative solutions.

Two early methods for dealing with the last-mile reliability problem are the use of a backup Internet connection and link-bonding. While a backup Internet connection can help to deal with MPLS outages, the failover process is slow and often results in a loss of current connections. Link-bonding attempted to solve the problem of last-mile reliability by aggregating multiple different last-mile transport services. While this positively impacted last-mile bandwidth and reliability, it did nothing to help the middle-mile.

Software-defined WAN (SD-WAN) takes the concept of link-bonding a step further. By abstracting away the network details, SD-WAN is able to present a range of transport options as a single pipe to an application and perform traffic routing behind the scenes.

This allows SD-WAN to provide numerous advantages for an enterprise WAN. The last mile can be optimized using policy-based routing, hybrid WAN support, active/active links, packet loss mitigation, and QoS (upstream and downstream). With cloud-based SD-WAN, where the middle mile is composed of private Tier-1 backbones, it is also possible to perform middle-mile optimization, allowing SD-WAN to compete with MPLS with regard to middle-mile network reliability and performance.

Learn more about last mile constraints for SD-WAN

Use Cases

MPLS migration to SD-WAN

ICG Asia enables customers to move away from expensive, rigid, and capacity-constrained MPLS networks to a combination of high-capacity broadband Internet links. Using ICG Asia SD-WAN edge appliances, customers boost usable capacity and improve resiliency at a lower cost per megabit. Customers with a global footprint, leverage ICG Asia’s affordable global private backbone to replace global MPLS and the unpredictable Internet. The ICG Asia SD-WAN solution optimizes performance and maximizes the throughput to on-premises and cloud applications.

Optimized Global Connectivity

ICG Asia SD-WAN uses a global private backbone with built-in WAN and cloud optimization to deliver an SLA-backed, predictable, and high-performance network experience everywhere. Customers who suffer from high latency and network inconsistency across their global locations use ICG Asia to deliver a great user experience when accessing on-premises and cloud applications.

Secure Branch Office Internet Access

ICG Asia provides a complete network security stack built into the SD-WAN solution. By connecting all branch locations to ICG Asia's secure SD-WAN, all traffic, both Internet-bound and WAN, is fully protected by ICG Asia’s enterprise-grade, cloud-based security services. There is no need to backhaul Internet traffic to a data center or a regional hub, deploy branch network security appliances, or procure stand-alone cloud security solutions.

Cloud Acceleration and Control

ICG Asia provides seamless acceleration of cloud traffic by routing all traffic from all edges to the ICG Asia PoP closest to the cloud data center. Because ICG Asia PoPs share the data center footprint of major cloud providers, the latency between ICG Asia and these providers is essentially zero. Cloud application access optimization requires just a single application level rule that determines where cloud application traffic should egress the ICG Asia SD-WAN. There is no need to install cloud appliances or setup hubs to reduce latency to the cloud or SaaS Cloud Apps.

Mobile Security and Optimization

ICG Asia extends global networking and security capabilities down to a single user’s laptop, smartphone, or tablet. Mobile and remote users are no longer treated like second-class citizens of your network and security infrastructure. Using a ICG Asia Client, or clientless browser access, users dynamically connect to the closest ICG Asia PoP, and their traffic is optimally routed over the ICG Asia global private backbone to on-premises or cloud applications. ICG Asia’s security-as-a-service stack protects users against threats everywhere and enforces application access control. Unlike legacy VPN, the ICG Asia SD-WAN solution scales globally to support 24×7 access for the entire workforce, creating a viable business continuity plan for working from home.

Working from Home

ICG Asia seamlessly supports work-from-home for all employees, all the time. Customers rapidly connect their on-premises and cloud data centers to ICG Asia's SD-WAN and enable self-service provisioning of Clients to all users who require work-from-home or remote access. Unlike legacy VPN and SDP products that can’t scale to support the entire business, ICG Asia’s global and cloud-scale platform is built to optimize traffic to all applications with a global private backbone, and continuously inspect traffic for threats and access control with the converged security stack.

Global Enterprises

ICG Asia makes global connectivity affordable, reliable, and agile. Our global SLA-backed private backbone provides a consistent user experience at a fraction of the cost of legacy MPLS, and natively extends to cloud data centers, cloud applications and mobile users. With over 50 points of presence all over the world from the US to Europe, Asia Pacific and South East Asia, you can now achieve a secure global connectivity that meets your business needs within minutes. ICG Asia’s security stack ensures the same enterprise-grade security is applied for all branches, users, and applications – everywhere.

Regional Enterprises

ICG Asia gets your entire enterprise network connected and secured through a single cloud service. Whether it's across Australia, New Zealand, China, Indonesia, Malaysia, Philippines, Singapore, Thailand, Vietnam, Japan or Korea. Our edge SD-WAN and Security-as-a-Service help IT teams build reliable business networks across the region with ease. ICG Asia helps you make the most of your Internet last mile by automatically building the WAN full mesh, enforcing QoS and path selection based on application and user awareness, optimizing access to cloud resources, making VPN users integral parts of your network, and enforcing the same enterprise-grade security on all locations, users, and applications. ICG Asia SD-WAN can be managed by your IT team and ICG Asia as a managed service provider via a single, user-friendly, web-based application.

Cloud-based Management

ICG Asia SD-WAN services enable enterprise IT to access detailed, real-time and historical, network analytics and security events through a cloud-based management application. All policies including security, routing, and quality of service, can be directly configured by your IT team or ICG Asia as a managed service. As a cloud service, ICG Asia requires no customer involvement in updating or upgrading the underlying infrastructure, saving IT teams, precious resources previously needed for network management of multiple point solutions.

Managed Service

Customers who prefer “hands off” management, including plug-and-play pre-provisioned appliances for zero-touch deployments, monitoring of last-mile links, defining policy configurations, and monitoring the network for pervasive security threats. As a cloud service, ICG Asia maintains the SD-WAN platform and all of its components, saving IT teams precious resources previously needed for maintaining multiple point solutions.

Get started with SD-WAN

ICG Asia's SD-WAN service can be activated instantly to remote users and cloud data centers, with on-site deployments within 48-hours to almost anywhere in the world. Delivered as-a-service, replacing existing Routers, Firewalls, IPS, Load Balancers, URL Filtering, and VPN appliances. Reduce the cost of MPLS by ~50%. Improve internet speed. Optimize applications like Office 365, Teams, Zoom, and SAP. Remove the technical debt of procuring, managing, and securing the network.

Get started with a free proof of concept (PoC) today by live chat or WhatsApp.

Have time for a coffee?

Face to face or over Zoom, we are here to help you.
Sharing insights and solving IT challenges.
We make "IT" possible.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Read more
You might also be interested in...
Gartner Report 2021 Strategic Roadmap for SASE Convergence
Gartner Report 2021 Strategic Roadmap for SASE Convergence

April 20, 2021

Digitalization, work-from-anywhere, and cloud computing have accelerated SASE offerings to address the need for secure and optimized access, anytime, anywhere, and on any device.
Industry 4.0 – Talking About a Revolution
Industry 4.0 – Talking About a Revolution

March 15, 2021

Industry 4.0 represents the next phase of innovation in production processes, merging traditional systems with new digital technologies (IoT, AI, big data, AR, robotics, M2M, real-time analytics, and so on), facilitating automation, agility, and efficiency to create a world of smart manufacturing.
SASE vs. SD-WAN: Achieving Cloud-Native WAN Security
SASE vs. SD-WAN: Achieving Cloud-Native WAN Security

February 8, 2021

For several years now, the network evolution spotlight has been on SD-WAN, and rightfully so. SD-WAN provides big advancements in connecting branch locations into central data centers in a cost-effective manner. It is the networking equivalent of a killer application that allows companies to use a variety of transport mechanisms besides MPLS and to steer traffic according to business priorities.
Why Remote Work and Legacy Security Architectures Don’t Mix
Why Remote Work and Legacy Security Architectures Don’t Mix

January 25, 2021

Last week, Cato Networks announced the results of the 5th annual IT survey, The Future of Enterprise Networking and Security: Are You Ready for the Next Leap. It was a massive undertaking that saw 2,376 participants from across the globe provide detailed insights into how their organizations responded to the COVID-19 crisis, their plans for 2021, and what they think about secure access service edge (SASE).
SD-WAN or SASE: Choose a platform rather than a product
SD-WAN or SASE: Choose a platform rather than a product

January 12, 2021

As enterprises set out to modernize their networks, SD-WAN has become a key networking technology for connecting offices. But with COVID-19, users transitioned to work at home, not in the office.
Connecting Hybrid Clouds with SD-WAN in a Snap
Connecting Hybrid Clouds with SD-WAN in a Snap

December 7, 2020

How to integrate hybrid clouds and multi-clouds with SD-WAN in 5 minutes or less.
Thought SD-WAN Was What You Needed to Transform your Network? Think Again.
Thought SD-WAN Was What You Needed to Transform your Network? Think Again.

November 9, 2020

Since its premier over a decade ago, SD-WAN was adopted by enterprises as the go-to-technology for preparing their network for the digital transformation.
Rethinking Enterprise Remote Access VPN Solutions: Designing Scalable VPN Connectivity
Rethinking Enterprise Remote Access VPN Solutions: Designing Scalable VPN Connectivity

November 2, 2020

The global pandemic has forced many organizations around the world to send their workers home to support social distancing mandates. The process happened suddenly – almost overnight – giving companies little time to prepare for so many people to work remotely. To keep business functioning as best as possible, enterprises need to provide secure remote connectivity to the corporate network and cloud-based resources for their remote workers.
Secure Remote Work: Deploying Zero Trust Access
Secure Remote Work: Deploying Zero Trust Access

October 12, 2020

The global pandemic has forced knowledge workers to move out of their offices en masse to the isolated environment of their homes. Most will return to the office at some point, even if only part-time, as companies adjust to social distancing measures meant to keep employees safe.
How much does SD-WAN cost?
How much does SD-WAN cost?

October 6, 2020

Calculating the cost of SD-WAN can be complicated, especially when it comes to CAPEX vs OPEX and ambiguous ROIs. With so many vendors promising massive savings over MPLS internet connections, SD-WAN is currently been touted as one of the hottest categories in networking today. Take a closer look at the costs, considerations, potential savings and leverage the SD-WAN calculator to estimate your organisations SD-WAN cost.
Considerations for a branch office firewall
Considerations for a branch office firewall

October 5, 2020

Organisations looking for a branch office firewall upgrade, refresh or deploying firewalls to new sites, need to consider multiple different elements. Let's walk through all of the major factors to consider for a branch firewall and why organisations should consider SD-WAN, and more recently Secure Access Service Edge (SASE) as part of their next-generation of branch network security.
What is STaaS?
What is STaaS?

September 22, 2020

Storage as a service (STaaS) is a managed service model for purchasing data storage based on consumption, where a company only pays for what they use, typically on a per-GB per-month basis.
What is SD-WAN?
What is SD-WAN?

September 21, 2020

Software-Defined WAN (SD-WAN) is a networking technology that seamlessly connects branch offices, HQs cloud and data centers over broadband internet rather than MPLS leased lines.
SD-WAN vs. VPN comparison
SD-WAN vs. VPN comparison

September 15, 2020

Internet-based VPN vs MPLS was the debate for some time, WAN technology has evolved in recent years. During that time, SD-WAN has emerged as an enterprise WAN connectivity solution that provides a combination of cost efficiency, agility, and cloud-friendliness that neither MPLS nor Internet-based VPN can match.
SD-WAN vs. MPLS vs. broadband public internet
SD-WAN vs. MPLS vs. broadband public internet

September 10, 2020

To meet the needs of a global enterprise, our network architectures need to evolve as well. Which architectural approach will best serve your needs — MPLS, public internet or cloud networks?
SD-WAN vs. MPLS: Choose the best WAN solution for you
SD-WAN vs. MPLS: Choose the best WAN solution for you

September 9, 2020

You've probably heard about SD-WAN and its promise to transform enterprise networking as we know it. And, by enterprise networking we mean the use of MPLS at the core of enterprise networks. So, to SD-WAN or to MPLS? Here is what you need to consider.
Alternatives to MPLS internet
Alternatives to MPLS internet

September 8, 2020

SD-WAN is looking to address the challenges of MPLS like cost, capacity, rigidity, and manageability.
Challenges of SD-WAN security
Challenges of SD-WAN security

September 6, 2020

A good starting point in explaining why cloud-native SD-WAN is so compelling from a security perspective is the shortcomings of two older WAN solutions: MPLS and appliance-based SD-WAN.
WAN Optimization in the SD-WAN Era
WAN Optimization in the SD-WAN Era

September 3, 2020

WAN optimization has been with us for a long time. Born alongside expensive and capacity constrained WAN connectivity, such as MPLS, WAN optimization appliances allowed organizations to squeeze more bandwidth out of thin pipes through compression, and prioritize traffic of loss-sensitive applications such as remote desktops.
History of SD-WAN
History of SD-WAN

August 28, 2020

Let's take a look at the history of WAN and as we journey from Point-to-Point, T1/T3, Frame Relay, to MPLS, and finally arrive at SD-WAN.
How to load balance multiple internet connections?
How to load balance multiple internet connections?

August 18, 2020

Internet load balancing or fail-over for multiple internet connections can seem like a tight rope walk, but it doesn't have to be. There are multiple ways to accomplish it, from point products to routers and firewalls. Let's take a look at the options and alternatives.
How does SD-WAN work?
How does SD-WAN work?

August 12, 2020

SD-WAN has quickly become the go-to technology for enterprises seeking to leverage the cloud and embrace digital transformation. Yet, much confusion still exists about what exactly is an SD-WAN, and how the technology works.
WAN Optimization vs. SD-WAN
WAN Optimization vs. SD-WAN

August 11, 2020

With the rising popularity of SD-WAN, there is a growing debate that WAN optimization is becoming obsolete. SD-WAN is gaining acceptance and for good reason. It creates an intelligent overlay of multiple transports on your WAN to efficiently and automatically route traffic over the most optimal path.
How to connect multiple branch offices?
How to connect multiple branch offices?

August 10, 2020

How do you connect multiple offices rapidly and affordably without sacrificing performance?
Last mile constraints for SD-WAN
Last mile constraints for SD-WAN

August 3, 2020

From pairing MPLS with a backup internet connection, to link-bonding for aggregate last-mile, SD-WAN introduces new ways to handle old problems, with policy-based routing, active/active links, packet loss mitigation, and quality of service (QoS).
Affordable MPLS Alternatives
Affordable MPLS Alternatives

July 28, 2020

After decades of use, enterprises are looking for MPLS alternatives. To be considered a viable alternative, a network must match MPLS’ service levels for predictability and consistency, while avoiding its pitfalls of cost, rigidity and capacity constraints.
SD-WAN vs. MPLS redundancy
SD-WAN vs. MPLS redundancy

July 23, 2020

How can SD-WAN deliver the same reliability and redundancy as MPLS when it uses the public Internet?
How does SD-WAN benefit digital transformation?
How does SD-WAN benefit digital transformation?

July 21, 2020

Digital transformation is all about agility. SD-WAN enables organisations to be more agile in multiple different ways. Such as the ability to rapidly stand-up a new site with secure internet and inter-office connectivity, without the need for additional security appliances, make policy changes across multiple sites on-the-fly, gain real-time visibility of users and connections, on-board new VPN users for remote work without worries license or connection limits.
The Trombone Effect
The Trombone Effect

July 3, 2020

The “Trombone Effect” occurs in a network architecture that forces a distributed organization to use a single secure exit point to the Internet. Simply put, network traffic from remote locations and mobile users is being backhauled to the corporate datacenter where it exits to the Internet through the corporate’s security appliances stack. Network responses then flow back through the same stack and travel from the data center to the remote user.
Evolution of SD-WAN
Evolution of SD-WAN

June 2, 2020

SD-WAN has become more than just a network for connecting locations. The rise of cloud, mobile, and business agility demands has required SD-WAN to become smarter by providing security, optimization, intelligence, and better reach. These changes in SD-WAN can be broken down into three phases, reflecting the ways that SD-WAN technologies have adapted over time to the demands of business requirements.