SEARCH
1272 Bond Street, Naperville, IL 60563 630-505-7500
Network Services
Article originally by ATI partner Ken Presti, Research VP, AVANT Research & Analytics

Like everything in this world of technology, effective security needs to be baked in to virtually every value proposition put on the table. This is important to today’s enterprise technology buyers who evaluate different offerings and build the internal consensus to either accept or decline and offered solution.

According to AVANT’s State of Disruption Report, 74 percent of surveyed technology decision makers fear that a successful cyberattack could cost them their jobs. Fewer than half believed that their companies were well prepared to handle an attack and mitigate the results.

SD-WAN solutions typically include their own security protections, such as stateful firewall capabilities, site-to-site encryption, application policy control, segmentation for VLANs and split tunneling, and authentication between edge devices and the controller. How SD-WAN companies deliver security solutions varies widely, with some becoming security technology providers with their own technology and development as a core part of their SD-WAN value proposition, while others are partnering with market leaders to embed security solutions within their product. Most will interoperate effectively with third-party security tools and services, although some may interoperate better than others. Therefore, your current set up of firewalls and other security gear may not need to be displaced with the advent of SD-WAN, but it does make sense to review the technical notes of the specific SD-WAN company for their preferred recommendations.

The addition of new technologies and infrastructure almost always expands the attack surface. Thus, technology buyers as well as technology sellers need to be keenly aware of their level of exposure. This is especially true of companies leveraging local Internet breakout, rather than backhauling through a data center. As the data travels across the Internet, protections for layer 4 through layer 7 of the OSI stack will likely be necessary. Security technologies of particular focus should include next-generation firewall with intrusion prevention, web filtering, and DNS security. These, however, can become quite costly when being applied to a large number of remote facilities. Looking at the other side of the coin, it’s also true that a successful breach at a remote office can often be used as an effective bridgehead to gain access to central corporate resources.

“Security continues to be the number one concern that IT decision makers have when considering migration to SD-WAN,” said Ray Watson, Vice President of Innovation at Masergy. “This ultimately favors solutions which tightly integrate and support unified threat management as well as managed detection and response.”

According to AVANT’s Assessment Data, 54 percent of customers entering the SD-WAN decision discussion are uncertain of how to approach security, while 22 percent are planning to install a next-generation firewall at each site. Another 14 percent are planning to use a cloud-based firewall service. Those who are uncertain would be well advised to work closely with her Trusted Advisor to ascertain the best solution for their needs.

It’s also a good idea to more fully assess what types of data your company needs to store, and the duration of that storage. While some people believe that virtually all data is worth keeping, it’s also true that limiting stored data can vastly reduce your attack surface and, ultimately reduce security costs while increasing peace of mind. So many companies are taking a fresh look at what data deserves to be kept and what data should be discarded.

For more information on SD-WAN, download AVANT’s free 6-12 Report at https://goavant.net/sdwan-report.
0

Network Services
According to IDG Research , The SD-WAN market is expected to reach $8B by 2021. SD-WAN sales and implementations are growing. The report indicates that adoption rates increased from 35% to 54% over the past two years, with 90% of their respondents saying they are actively researching, piloting or about to upgrade to SD-WAN. And the reason for growth is to solve for a few business challenges, mainly: optimizing networks to support cloud technologies, simplifying network management and improving application performance which all, in turn, help deliver on a better customer experience.

In predictions for 2019, Gartner wrote that improving the customer experience will be a top business priority for companies as 2018 revealed little movement in the Customer Experience Index. They attribute CX Quality being flat due to poor CX management. As customer expectations increase, there is a lot of pressure for companies to improve operations and communications. From a technology standpoint, businesses are focusing on hybrid cloud services, network and application security and SD-WAN to drive improvement.

Under performing networks, with not enough bandwidth, latency issues, throughput, error rate and jitter can cost businesses in the form of lost productivity and negative customer experiences, all of which can negatively impact the bottom line. As MPLS contracts come up for renewals, analysts predict a decline in the number of new installations or price erosion on MPLS links as the number of SD-WAN implementations continue to grow. This is particularly true due to SD-WAN’s ability to route traffic with application priority and the additional benefits of augmenting the network with secondary and tertiary best effort connections.

Other driving forces of SD-WAN adoption:

Digital transformation initiatives, implementing cloud-based applications, doing more with big data, the increase in the mobile workforce, etc. Traditional WANs were not designed for cloud-based applications (the security requirements associated) and connectivity to cloud environments. MPLS networks, can’t deliver on bandwidth intensive applications on-demand.

Reductions: Companies want to reduce the number of physical devices built to support applications.

Options: Service provider options and managed SD-WAN offerings as well as various deployment options are plentiful and now based on how the business is structured and internal talent.

Edge Computing (the main element needed to enable IoT devices) Traffic can be automatically and intelligently managed from a central console with SD-WAN.

Speaking of IoT, connected devices produce a lot of data and require a lot more bandwidth, more than traditional MPLS can handle. SD-WAN allows for intelligent routing and prioritization of traffic so applications can run smoothly.

You can’t bring up IoT without 5G. And 5G, which will power IoT devices, requires SD-WAN as a complementary service, to intelligently direct traffic, distribute bandwidth and provide security at the edge of the network.

Enhanced security. Vendors including SD-WAN capabilities inside security appliances and vice versa like with Cisco unifying their security and SD-WAN products, make SD-WAN more attractive.

According to Network Computing, another trend driving SD-WAN adoption is the growing adoption of network monitoring or Network Performance Management and Diagnostics (NPMD) which provides visibility into performance and conditions of the underlying network– validating telco SLAs, accessing quality of paths and VPNs, providing visuals into connections, status as well as displaying SD-WAN views, site-to-site maps, public and private clouds, and applications.

Enhanced network routing. A concept still in infancy, but the idea is cloud-based controls/automation combined with intelligence derived from machine learning creates intent-based networking and policies that route application data and traffic on the fly.

0

Network Services
Before diving into network soup and getting a better grasp on how the various solutions work together, it is imperative to understand them individually.

What is SD-WAN?

Software-Defined Wide Area Network (SD-WAN) enables the dynamic routing of network traffic based on the current network status. Traditional branch routers are replaced with applications that evaluate and leverage various transport technologies based on their performance. This enables network administrators to route high priority traffic, such as video and voice, over MPLS links or a dedicated Internet access (DIA) connection—essentially any solution with an SLA attached, while the majority of their more standard traffic is routed to more cost-effective services, like broadband, DSL and wireless—basically any solution without an SLA attached.

SD-WAN can be deployed as either a hardware/software combination with WAN edge devices placed at the individual physical locations or as a solely software-based solution. Because each device is centrally managed, application-based routing policies (also referred to as performance-based routing) and security rules are created by WAN managers and can be updated real-time based on network requirements.

What is SDN?

Software-defined networking (SDN) is a type of dynamic networking architecture in which the control is separated from hardware and instead executed through the software; this is known as the separation of the data plane from the control plane.

In a traditional network architecture firmware is directing hardware where to forward the data packet upon its arrival at a switch or server and sends all the information to the same destination. SDN removes the control from the networking hardware’s firmware and instead gives it to the network administrator to direct network traffic from a central control console without changing the setting of individual switches. This, in turn, allows the administrator to change network rules, prioritizing as needed or even blocking specific packets. Because cloud computing has a multi-tenant architecture, SDN is important as it enables more agile and efficient control of traffic loads as well as the ability to scale both quickly and dynamically.

What is NFV?

Rather than relying on hardware, Network Functions Virtualization (NFV) uses virtualization technologies to manage core networking functions via software. Running on one or more virtual machines in addition to the hardware networking infrastructure, NFV manages specific network functions—both wired and wireless—like routers, switches, servers, and cloud computing systems. Other examples include firewall, load balancers, and WAN optimization.

What is VNF?

Although frequently used interchangeably with NFV, Virtual network functions (VNFs) move individual network functions from proprietary hardware to software that runs on agnostic hardware, ultimately leading to more agile networks. Individual VNFs are a primary component of an overall NFV architecture. Used by both businesses as well as network service providers, these tasks can include firewalls, caching, DNS (domain name system), or NAT (network address translation) and can be run as virtual machines.

VNFs can help increase network scalability and agility, while also enabling better use of network resources. Often referred to as the building blocks of SDN, VNFs can be linked together by a concept known as service chaining. Rather than services/network functions being installed manually, and each being configured with their proprietary hardware (which would require them to be cabled together manually to perform a dedicated sequence) VNF’s virtualize these functions, allowing new functions to be deployed as virtual machines quickly and efficiently. Since VNF’s replace physical hardware, they reduce power consumption and increase the available physical space, increasing network scalability and agility, resulting in reduced capital and operational expenditure.

Network Soup

Although SDN and NFV are frequently thought of as interchangeable, this is not correct, though they are similar, primarily in that they both employ network abstraction. Both SDN and NFV rely heavily on virtualization; however, where SDN’s primary focus is to separate network control functions from network forwarding functions, NFV’s primary focus is the abstraction of network forwarding and other network function from the hardware on which it runs.

The hand-in-hand combination of NFV and SDN allows simple, consistent policy control and network status, as well as the ensuring data flows, are distributed in the context of local network parameters, independent of location or hardware platform.

Ed Tittel, IT veteran in a Cisco blog says, “SDN rests on the notion that network control can be divorced from network infrastructure and physical devices. By applying programming and automation to network control, network operators can define, manage and manipulate logical networks directly and dynamically. NFV, by contrast,” Tittel continues, “is all about the network functions that must be performed at all levels and stages of a network – at the periphery, boundary, and core – to accept, forward, shape and filter network traffic as it courses through any given infrastructure.”

SDN virtualizes network management, separating network devices from the control plane handling network traffic. The software-defined network management enables organizations to have greater control and flexibility when scaling network resources and optimizing performance. sd-wan-blog

NFV replaces network services that have been typically done by hardware with virtualized software – think physical networking and appliances like routers and firewalls. Now, network services can be done on standard servers, reducing costs and providing capacity that can be increased or decreased on demand. NFV originated from the need to deploy faster network service for business growth. Many of the services are managed in a software-defined network.

Because NFV compliments or replaces traditional network appliances, it must guarantee the following:

  • High performance — 100Gbps +
  • Uptime of 99.999%
  • Scalability to millions of users
  • Low-latency delivery of real-time applications
  • Integration with legacy network architectures and link to existing operational and billing systems

NFV deployments haven’t really taken off, due to standards and instructions for implementations. However, new network configurations to support the adoption of SD-WAN, IoT, and 5G are forcing network operators to look at business architecture and begin to virtualize. Connected devices and sensors create new requirements for fixed and mobile networks.

Suppliers migrating to 5G are including NFV solutions as part of their architecture. Network operators are benefitting from cost savings— no longer purchasing network equipment and instead deploying software on standard servers. Additionally, NFV solutions save on space, power, and cooling, and have greater flexibility with capacity. NFV applications can be used for a myriad of things in addition to SD-WAN applications, including evolved packet core, IP multi-media subsystems, CDN, vCPE, video servers, network monitoring and slicing, service delivery, and some security functions.

GET A NO OBLIGATION SD-WAN ASSESSMENT HERE
0

Network Services
A combination of certain technologies can provide exponential benefits when bundled together; an example being SD-WAN, a natural fit for Unified Communications to improve voice and video call quality, providing more deployment options, efficient bandwidth use and potentially, lower costs.

Research firm IDC predicts that, over the next several years, cloud-driven solutions will present businesses with the potential to significantly improve performance or increase productivity. In addition to cost-effectiveness and quality of service, SD-WAN and UCaaS, both as-a-service solutions, allow a pay-as-you-grow model that can easily adapt to expanding teams and offices—and easily scale down during slow periods.

1. Better Routing:

SD-WAN addresses issues that contribute to lower QoS (quality-of-service) such as jitter, packet loss, and latency with dynamic traffic management across multiple network links in real-time. Some SD-WAN solutions provide both redundancy and QoS to networks and improve the quality of an organization’s connection via cloud-managed router capabilities.

2. Extra Reliability:

SD-WAN often serves as a cost-effective backup solution because it enables an active-active configuration, which enables operational continuity in case of link failure. This allows for near 100% up-times as well as superior voice and video quality.

3. Improved Security:

SD-WAN enables the security of UC solutions in several ways. Primarily, WAN segmentation, which can reduce the instances of some of the most prevalent cyber-attacks that can occur in UC systems. By isolating traffic by application, it’s also more difficult for some threats to identify and/or attack core applications. Not only does SD-WAN enable increased security protocols, but it also provides a cleaner flow for UC traffic.

4. Better Monitoring:

While emails, normal web browsing and most file transfers can handle jitter and packet loss with fairly minimal loss of productivity, with UCaaS, the same jitter and packet loss when dealing with voice or conference and video results in a noticeable slow-down of productivity and frustrates employees and customers alike. With SD-WAN, traffic prioritization can be managed so that tasks that can wait are automatically put on the back burner to highly prioritized traffic, such as a web conference or phone calls.

5. Compliance:

Together with UCaaS, SD-WAN helps to ensure that compliance regulations are met for industries such as healthcare and finance—even PCI-DS and GDPR—due to the inherent redundancy and traffic prioritization traits of the solution.

6. More Services:

Reliability and prioritization also make adding other cloud-based solutions easier without needing to increase the amount of bandwidth. This is particularly true for organizations utilizing SD-WAN in a multi-office environment.

Interested in learning more about UCaaS with SD-WAN specifically? Download our e-Book.
0

Network Services

Article by ATI Partner Shashi Kiran, Chief Marketing Officer – Aryaka Networks

You Have a Multi-Cloud Environment – Now What?

Whether they set out to use multiple clouds or not, large enterprises today end up with several cloud suppliers. In fact, it’s probably hard to find a company that isn’t using some mix of Microsoft Azure, Amazon AWS, IBM Cloud, Salesforce.com, Oracle, Google G-Suite, ServiceNow or Box. The list goes on and on. This is more pronounced with enterprises that have a global site footprint.

The cloud, after all, gets you out of the business of hosting applications and worrying about upgrading hardware and software constantly. It also enables you to sidestep the capital commitments otherwise required.

However, the more clouds you use, the more complex connectivity becomes. Security concerns skyrocket as it becomes hard to figure out who is accessing what, from where and how. In addition, the network becomes central to application performance across the organization.

Forces at Work

Despite the network challenges multi-cloud creates, multi-cloud is here to stay and will become even more complex with time as:

  • Companies turn to even more SaaS offerings that enable them to embrace best of breed rather than multi-purpose on-premise solution bundles that have to meet various requirements of legacy environments
  • Technologies, such as serverless computing and other advances, that are only possible with cloud native applications attract more enterprise workloads
  • Adoption of Internet of Things technologies and strategies require organizations to collect and analyze data closer to scattered sensors at the edge of the network, probably in specialized cloud services
  • Companies try to mesh cloud tools with on-premises systems in hybrid configurations because stringent security or compliance requirements – or the tightly integrated nature of those legacy systems – prevents going all in with cloud


Unfortunately, this shifting, demanding and dynamic environment is not a good fit for the 20-year-old legacy MPLS wide area networks that many organizations still rely on. Besides the fact that MPLS simply can’t provide off-ramps to many cloud tools, adding bandwidth is expensive and simple network changes can take months. It’s like trying to erect a shiny new skyscraper on a stone foundation fit for a mountain cabin. Businesses are short changed on time to market and this is a big no for CxOs driving WAN transformation initiatives.

The good news is software defined-WANs promise agility and enable enterprises to realize the full potential of what multi-cloud environments have to offer. But traditional SD-WANs don’t own the network and have to partner with telcos and service providers that do, creating a suboptimal solution. This is where a fully managed SD-WAN solution, where the provider owns both the network and the software definition provides the “best of both worlds.”

A fully managed SD-WAN running on a private network can connect far-flung employees to various data centre resources while also providing direct connections to public cloud platforms such as AWS, Azure, Google and Oracle as well as connectivity to SaaS platforms such as Office 365, Salesforce, WebEx and Zoom, without compromising on application performance.

A managed SD-WAN allows enterprises to shift higher value human resources from the business of assessing technology, building out the network and then constantly tweaking and optimizing it as requirements change. Patching edge-routers or boxes from traditional, SD-WAN vendors is often an operational nightmare.

When managed SD-WAN is delivered as a service, it is akin to a SaaS provider, delivering connectivity as-a-service.

While SD-WAN services can help any organization deliver consistent application performance to employees around the world, the benefits for IT are magnified in multi-cloud environments because they get a unified view that is cloud provider agnostic.

However, not all managed SD-WAN services are alike. Speed of provisioning new circuits, the reliability of the backbone, the quality of the support and ease of engagement – all make a huge difference! Look for a fully managed SD-WAN that leverages a private network for the middle mile, uses built-in acceleration and optimization tools to improve application performance, and uses best of breed layered security from partners for mission-critical applications.

So, when it comes to looking for an SD-WAN delivered as a service to support growing multi-cloud needs, look for:

  • A simple, managed global solution for multi-cloud connectivity
  • End-to-end reliability SLAs guaranteeing 99.99% uptime
  • 24x7x365 monitoring and CCIE-level support
  • Built-in WAN acceleration and optimisation, regardless of the cloud resource targeted
  • Off-ramps to all the cloud providers
  • Deployment capabilities measured in hours at any site globally
  • Support for on-demand site and bandwidth changes


CIOs invest considerably in their public and multi-cloud strategy. The productivity of developers and corporate applications is compromised, if the underlying network connectivity is flaky or if it takes too long for a predictable site connection to be up and running. Digital transformation and the move to the cloud should start with the network. That is ground zero for a multi-cloud world.


Article by ATI Partner Shashi Kiran, Chief Marketing Officer – Aryaka Networks

0

Network Services

It’s apparent that U.S. organizations have accepted that cloud is here to stay; A recent analysis from Maverick Research found that more than 80% of CIOs estimate that more than half of their business will be conducted on cloud infrastructure by 2020, and roughly the same number predicted that applications supported by a SaaS platform will support more than half of their business transactions.

With this relatively newfound cloud acceptance, those managing the enterprise’s networking infrastructure have begun to realize that no single vendor can truly meet every need. Most businesses, particularly within enterprise and mid-market will likely require significant overhauls to their networks in order to support multi-source congestion from SaaS as well support digital transformation initiatives; as legacy networks were built for an era of static connections, a time when companies built their own private networks using largely proprietary hardware to connect to server/client networks.  

SD-WAN

Although IT professionals have been talking about SD-WAN technology for years, in 2019 it will be a major component in how networks are built and rebuilt. SD-WAN enables networks to route traffic based on centrally-managed rules and roles, regardless of where the entry or exit point of the traffic originates—and the data is fully secure. Research projects that SD-WAN networks will explode by 500%, and those businesses that aren’t currently using SD-WAN will likely be making plans for its adoption.

network-connect-3-1

One of the primary benefits of SD-WAN is that the network can be run by leaner, more agile teams of networking engineers, making it easier to make modifications as business needs change. Eventually, SD-WAN will begin to transition into more “intent-based” networking; this type of networking will change the way connectivity is delivered and, based on the defined standards, will adapt automatically to the needs of a business by analyzing various traffic events against KPI’s, flagging suspicious activities and implementing additional security measures as they’re needed.

Rohit Mehra, Vice President, Network Infrastructure, IDC says, “Intent-based networking is a significant development for the networking industry. It encompasses not only advanced levels of visibility, automation and assurance, but it is the platform on which new machine learning-based network management functionality will be built.” Since the network of the future will use machine learning and AI to become cognitive, proactive and potentially self-driven, intent-based networking is important to enable continuous adaptation to environments that are constantly in flux.

WAN Edge

Another current network trend is the increasing discussion and adoption of WAN Edge architecture as cloud continues to drive vital changes to how networks are built, requiring more flexible network architectures that can accommodate and secure connections to multiple clouds. The WAN edge is the natural connection point to the cloud and where enterprises should be plugging in new security and SD-WAN software to safely and efficiently traverse this complicated network and provide appropriate policies to locations around the world.

In 2018, Gartner published its first Magic Quadrant for WAN Edge Infrastructure. SDXCentral reportedly asked Gartner analyst Joe Skorupa why the report wasn’t simply called Magic Quadrant for SD-WAN. Skorupa replied that the changes in the edge of the wide area network are much bigger than just SD-WAN. Skroupa went on to tell SDXCentral that the new WAN will include services ranging from security, to a variety of WAN optimization types, to secure web gateways, and “things like micro-segmentation all the way from the data center to the end user,” along with hosting of third-party applications in edge computing scenarios. “SD-WAN is just going to be a feature,” he said.

Network Security

As Joe mentions, the relationship between SD-WAN and security is in the process of a growing revolution. Edge devices and IoT, for example, will provide an increased area to potential threats and will create more opportunities for misconfigurations or vulnerabilities that can be exploited.

As you’ve no doubt noticed, it’s not just the number of cyber attacks that have increased, but also the severity. Throughout 2019, we’ll no doubt hear more tales of infiltrations and data loss from organizations across the globe—and not just enterprise organizations, either. Due to the ever-increasing concern for security, 2019 will be another record year for network security spending and a banner year for IT security vendors and resellers. Gartner predicts that, worldwide, the IT security solutions market will increase by nearly 9% from 2018’s estimated $114 billion to over $124 billion.

Going back to SD-WAN for a minute, advisors suggest that high levels of security functionality should be built directly into the network’s foundation; ideally a wide-ranging suite of security components should be native to the network, delivered in a single SD-WAN platform in order to complement the other layers within a customer’s security posture. A few of these network security features would include:

  • Next-generation firewall
  • DDoS protection
  • Integrated intrusion Detection System (IDS) and Prevention (IPS), Anti-ransomware and Anti-virus
  • Layer 3 protection – ARP, IP ICMP protocol defense, IP spoofing, source-routing checks, fragment overlaps


SD-WAN, WAN Edge and network security are all vital solutions that companies of all sizes must seriously evaluate as the adoption of cloud in support of digital transformation journeys continues to boom. Ensuring that networks are not only efficient but also secure should be the primary concern, not just in 2019 but moving forward.  

0

Network Services

Software Defined Secure Branch is a purpose built solution designed for businesses and organizations with complex multi-location IT management needs and the desire for more visibility, security protection, and control of their network. Once in place, it helps keep the network secure and accessible through a combination of simplified management, the intuitive software defined wide area network (SD-WAN) solution, and security.

Branch or remote office network architectures have barely changed for 15+ years. The digital enterprises of today need a network landscape that is built for the demands of the workloads of today – a network that is agile, intelligent, secure and reduces operational complexity while being cost-effective.  By 2021, 10% of midsize and large enterprises will have transitioned from piloting (during 2017) to using on-demand SDN-enabled services (Gartner, 2018 SAM Market Opportunity Forecast Readout – Network).

“Software Defined Secure Branch lets our customers focus on their business or organization as first priority, leaving the IT to us,” said Victoria Lonker, Verizon’s vice president of global products and solutions. “The simple, intuitive experience delivers rapid provisioning of new branch locations, a mobile management app, service health, application visibility and the security controls needed to protect the business.”

Verizon’s Software Defined Secure Branch, offered with Versa Networks, provides:

  • Video and cloud-based service performance leveraging SD-WAN to automatically adapt the network to help improve application performance.
  • Business continuity benefits through enterprise-grade connectivity and Verizon’s robust 4G LTEnetwork for active backup.
  • Bundled security through Verizon’s comprehensive threat management and end-to-end network encryption.
  • An application-centric network on Verizon’s sophisticated and managed infrastructure driving an enhanced user experience.
  • Intuitive mobile app-based service management and continuous monitoring capabilities for the service.
  • The service is easily accessible through the Verizon Enterprise Center online user experience portal that unifies the purchase, deployment, and management. The visibility provided through the portal gives business owners the tools needed to deliver on a better customer experience.
  • “SD-WAN is a powerful and complex solution with many moving parts. Verizon’s offer is a simple yet flexible way for businesses and partners to get technology at the level of features they need, and expand into new features as they need them,” said Brian Washburn, Practice Leader, Network Transformation and Cloud, Ovum.

Adopting Verizon’s Software Defined Secure Branch gives organizations a network landscape that is built for the digital enterprises of today. It maintains application performance and delivery, provides flexibility to easily integrate and scale the right security functions alongside advanced networking capabilities, and offers agility and better cost management.

0

Network Services
Article by ATI partner Joel Mulkey, Founder and CEO – Bigleaf Networks

IT leaders at today’s cloud-enabled businesses are expected to provide the same predictable performance that they did with on-prem systems. Downtime is unacceptable, and these cloud applications need to work the way they were meant to. They need to be responsive, fast, and not frustrate users. And they must do all of this in a way that scales – working consistently as business needs change, revenue grows, and locations expand.

But cloud is creating new challenges for the network, challenges not readily solved through traditional networking technology that rely on static policies.

The first challenge is that, by nature, cloud technologies rely on the Internet, and no matter what kind of internet circuit you look to use, performance is unpredictable. We monitor thousands of internet connections ten times per second and can tell you very simply that it doesn’t matter what kind of connection you have; fiber, cable, wireless, etc., they all can experience business-affecting degradation. This can mean downtime or brownouts, and both can be expensive, frustrating to users, and potentially job-threatening to the people responsible for networking. Our data shows that on average, an ISP connection will experience 3.5 hours of downtime per month and 23 hours of major performance-affecting brownouts per month. This can be at 2 AM, so if you’re not a 24/7 business maybe that hasn’t hit you hard yet, but it can also be during the middle of the day.

The second challenge comes from the ever-shifting application landscape. If your users are leveraging the cloud well, procuring and consuming new applications all the time and shifting their use of current applications, how does the network keep up? There’s no way for network administrators to know exactly the makeup of their traffic 6 months from now (if they even know what it looks like today). This means that it’s impossible to create static network policies that can provide a good user experience over time.

Finally, the third challenge is that IT is no longer the sole gatekeeper of software provisioning. This means that, even with plentiful IT resources, there are critical technologies being used in businesses that IT doesn’t know about and has no policies to manage.

These challenges lead to an all-too-familiar game of policy whack-a-mole. Users get frustrated by application outages or poor performance. They contact IT in a huff, and now IT must decide if they’re going to ignore the problem, say it’s not a supported application, try to fix it with some new network policy, or maybe contact a vendor so that vendor can implement a new policy. At the end of the day, no one is happy, and the cloud is a point of frustration rather than empowerment.

Here’s what I think is at the root of the situation: It used to be that IT controlled every application. IT was the bottleneck and was able to control the experience. Sometimes that worked out well, but that’s not the way the world is moving.

In this new cloud era, IT is now a facilitator, end-users are interacting directly with their applications. They’re procuring, configuring, using, and troubleshooting them. Yes, they’ll still come to blame IT when they don’t work right, but the interaction model has fundamentally changed. IT leaders need network technologies that support this new model, that enable their users to be nimble and efficient with applications.

If their network is built upon a set of static, human-controlled policies, how do companies ensure performance and reliability when new applications can be added into the environment at any time? They can probably configure policies for 80 or 90 percent of their business needs. That’s pretty good, and they’ll feel like they’ve done their job, the box is checked, they can say they have failover or application prioritization. But what about when one of those new applications uses a ton of bandwidth – how does that impact their existing business-critical applications? Or when their CEO gets sent an invite to use some random videoconferencing tool they’ve never heard of for a key meeting, are their network policies going to ensure he or she can communicate effectively, or will they get a frustrated email after the call?

Beyond simple frustrations and inconvenience, if a business relies on static network policies, it’s exposed to the risk of falling behind competitors who are using the intelligent software in their network. The solution to this lack of control isn’t more policies, it’s a smarter network.

At Bigleaf, we don’t want our users to have to think about how the network will handle new applications. Frankly, everyone wants their voice calls to sound clear, their video to play smoothly, their web applications to be snappy, and their databases to be reliable. We’ve built smart software that auto-detects every type of application, classifies them into six priority categories, and automatically ensures they behave how they’re supposed to, even when the network is congested. Our users don’t need policies to get the outcome they want. It’s wonderful.

Article by ATI partner Joel Mulkey, Founder and CEO – Bigleaf Networks

Learn more about SD-WAN for Enterprises here.
0