Before implementing an enterprise WAN in the cloud age, there are several key questions that need to be addressed. Does it make business and technical sense to outsource the WAN to a service provider? Or is it best to build a new enterprise WAN and manage it in-house? What impact will emerging technologies like SD-WAN, which I discussed in my last post in this series, have in the future?
In order to answer these questions, an organization must consider several key factors such as risk tolerance, capital culture, human resources, scalability, performance, and service responsiveness. For most large enterprises, the likely solution is to re-architect their existing WAN and include a mix of both private WAN and managed WAN services to suit their specific requirements. Equally important, they must choose the best network management and support strategies for a mixed WAN environment. Let's look at the various options for an enterprise WAN.
Private/secure optical network: There are two ways an enterprise can build a private/ secure optical network. The first is by using leased or owned dark fiber and self-managed optical equipment, which provides high-speed, scalable and secure transport between major sites and data centers to create a private cloud. It also helps consolidate multiple data centers to reduce cost and complexity, making it ideal for cloud enterprises whose bandwidth needs can change rapidly or unpredictably. Alternatively, enterprises can build a private/secure optical network by using managed wavelength or carrier Ethernet services. This approach is useful for those who wish to connect to additional IT capacity and resources in a virtual private cloud, but can prove to be more costly in the long term.
Private IP/MPLS core: This method provides reliable connectivity between end users in multiple large sites and applications running in the private cloud, as well as connectivity to virtual private resources and hybrid cloud services. A private IP/MPLS core also enables voice, video and data to be delivered across a single infrastructure. In addition, it provides traffic engineering and QoS for legacy and cloud applications, secures data with IPSec or network group encryption, and offers more predictable application performance with more stringent SLAs.
Managed IP/MPLS VPN services: Managed IP/MPLS VPN services provide secure, resilient, reliable, any-to-any connectivity between multiple smaller remote sites. These are widely available from many different service providers and are ideal where the cost/performance is justified, or where changes are less frequent and more predictable. Managed IP/MPLS services provide support for layer 2 carrier Ethernet VPNs and layer 3 IP VPNs and maximize bandwidth utilization with no restrictions on traffic mix. Furthermore, these services simplify operations with WAN routing, provide support for in-depth network and application monitoring as well as support for custom management levels and other services such as internet access, security, SIP trunking, and hosted PBX that are ideal for smaller remote sites.
Software-defined WAN: As discussed in my last post, SD-WAN provides more flexible connectivity to the cloud for smaller sites within the same region, or where changes are more frequent and unpredictable. It uses easily deployed, centrally managed, policy-based and software-defined solutions that use standard server-based appliances.
Integrated WAN management strategy: An integrated WAN management strategy manages multiple network layers, end-to-end services and applications across the cloud. This strategy provides multiple benefits, including: converged management across multiple network domains; node network, service and application layer management; rapid provisioning of new cloud connections, services and applications; network SLA monitoring with service and application assurance; correlated multi-layer, multi-technology troubleshooting; and simplified operational and business systems integration.
WAN support strategy for the cloud: A WAN support strategy for the cloud is one that embraces both network and IT support. This is achieved through investing in personnel who possess the necessary skills or through outsourcing to an appropriate network and cloud IT support specialist such as a service provider or systems integrator. It can also be done by implementing a support strategy that combines elements of both. For example, an organization may choose to build a private WAN, but outsource some aspects of network support like network management while controlling other aspects, such as like maintaining network security as part of its overall IT security strategy.
With the move to cloud-based IT models, flexible and agile approaches to WAN networking are becoming more widely available, but enterprises must periodically re-evaluate and determine the best approach to their WAN needs. The most important step is to implement an end-to-end approach that combines essential services such as configuration and management, real-time monitoring, proactive maintenance, system administration, and end-user support across both network and IT domains. With various alternatives available, and the option to implement more than one approach at a time, enterprises are sure to find a solution that will best meet their needs and business strategies.