5 Benefits CIOs Need to Know about SD-WAN
By: Gabriel Gomane, Senior Product Marketing Manager, Aruba, a Hewlett Packard Enterprise company.
The COVID-19 crisis has accelerated digital transformation, from enhancing the online customer experience to offering remote and hybrid work scenarios for employees. The dual migration to Network-as-a-Service (NaaS) models and multi-cloud hosted applications, as well as the implementation of Work-from-Home (WFH) initiatives have helped support this transformation. This includes the ever-present need to combat cyber threats with increasingly sophisticated network security concerns.
CIOs understand that organizations need IT agility to keep pace with a rapidly changing business environment. However, organizations are often hampered by a sluggish and rigid network infrastructure as they embark deeper into the digital transformation journey.
In response, CIOs can look SD WAN as a means to break through rigidity and accelerate digital transformation initiatives to fuel future business growth.
Below are five benefits that CIOs and their respective organizations can enjoy by implementing SD-WAN.
1. Reduce WAN costs while improving business agility
Traditionally, companies connect branch offices to the corporate data center via expensive MPLS lines. However, as organizations continue to increase bandwidth to accommodate greater use of data-intensive applications such as video conferencing and remote backup, more bandwidth is required, to the point where MPLS lines can become expensive. These rising costs prevent the IT group from fully supporting critical business needs. To make matters worse, new MPLS connections can take up to four months to deploy, significantly slowing new branch expansion regardless of cost. Consequences include a lack of agility and flexibility needed by organizations increasingly embracing hybrid work environments that require a significant increase in branch or micro-branch offices.
To address these challenges, CIOs can turn to SD-WAN, which leverages lower-cost Internet and 5G connections through virtualization and aggregation of network connections, creating secure tunnels from the branch offices to the data center and cloud. The Aruba EdgeConnect SD-WAN edge platform uses path conditioning techniques, including Forward Error Correction (FEC) and Packet Order Correction (POC), to increase the performance and reliability of these links. In addition, in the case of link bonding, POC automatically reorders packets coming from different links.
FEC can also recover lost packets at destination without having to retransmit them. These capabilities can help organizations better manage the inherent deficiencies common to Internet and wireless connections, such as packet loss and jitter. With SD-WAN, companies benefit from additional business-critical agility while reducing costs at the same time.
2. Build the foundation for the SASE architecture to improve cloud security
Not only do organizations with an MPLS router-based architecture face higher costs and longer lead times for expansion, they also lack visibility into the branch office environment. IT cannot easily enforce security policies at branch offices, especially in hybrid cloud environments.
This ability to effectively provide security will be further undermined as the security perimeter dissolves. Users and their devices, as well as a growing number of IoT-enabled endpoints, are proliferating and connecting from virtually anywhere. Meanwhile, traditional security measures like VPNs are limited. A VPN does not support granular security policy enforcement. Once a user has been identified and authenticated over a VPN connection, they can access critical resources within the network that they probably shouldn’t have been given access to.
To enable CIOs and their respective organizations to meet modern security challenges, Aruba EdgeConnect SD-WAN includes a zone-based firewall that provides role-based segmentation, granting users or IoT devices access to specific areas of the network as needed, while preventing access to sensitive information or other areas of the network unrelated to the role or task becomes hand. Network segmentation allows IT to better isolate malware and prevent it from spreading across the network by containing the threat within each segment.
Aruba EdgeConnect also provides automated orchestration and native integration for modern cloud security providers to provide a robust SASE (Secure Access Service Edge) architecture. Rather than relying on a single vendor to manage a rapidly evolving security threat landscape, organizations have the flexibility to select best-in-class cloud security providers to meet the current and future needs of the business. This support includes features such as ZTNA (Zero Trust Network Access), SWG (Secure Web Gateway) or CASB (Cloud Access Security Broker).
3. Use the flexibility of the cloud architecture
Enterprises are migrating applications to the cloud and using cloud-hosted Software-as-a-Service (SaaS) business applications such as Microsoft 365, Salesforce, Box, Dropbox, ServiceNow and many more instead of hosting them in the company’s traditional data center. However, organizations with traditional router-based WAN architectures continue to route cloud-dedicated traffic back from branch offices to the data center. While such practices are effective for maintaining security, they can significantly impact cloud application performance and the resulting user experience in the branch office environment.
To counteract this problem, Aruba EdgeConnect uses a local Internet breakout to intelligently route traffic to its destination. It can identify the application in the first packet and intelligently route it back to the data center or directly to the cloud destination or first to a cloud security enforcement point, depending on the application and its security policy enforcement needs.
For example, organizations typically trust Microsoft 365 business traffic, so data is sent directly to the cloud. Meanwhile, traffic from internal applications or suspicious traffic is routed back to the data center. Other, less trusted web traffic is then routed to a cloud-hosted security provider for further inspection before being sent to its final destination.
In addition, Aruba EdgeConnect integrates seamlessly with established cloud providers such as AWS and Azure and generates secure tunnels from the edge to the cloud provider. The connection of branches is seamless and with one click.
Aruba
A secure cloud-first architecture with Aruba EdgeConnect paired with automated orchestration
4. Reduce WAN infrastructure complexity
Organizations have typically built network infrastructure over many years or even decades as the business grows. Coupled with this growth, new branch offices are typically tasked with a stack of appliances including routers, firewalls, VPN concentrators and WAN optimizers. For organizations undergoing digital transformation, moving an application to the cloud or improving service quality often requires the manual reconfiguration of multiple devices. The excess equipment not only requires advanced network skills to maintain and manage, but also results in multiple maintenance and procurement contracts that are difficult to track.
Aruba EdgeConnect enables organizations to reduce the footprint of these appliances by consolidating routing, firewall, WAN optimization, and SD-WAN on a single platform or thin-branch model while significantly reducing WAN management overhead. Network architects simply define policies that tie, for example, WAN optimization to MPLS routing or, in the case of SaaS applications, routing traffic to the embedded firewall and then to the cloud.
5. Manage network operations from a central console
Due to the inflexibility of traditional network architectures, deploying new remote sites can be tedious and take many months. Additionally, enterprise IT departments often lack complete network visibility to comprehensively monitor transport throughput, packet loss, latency, and jitter. With Aruba EdgeConnect, administrators can deploy and manage the network from a single pane of glass.
This includes zero-touch provisioning, which greatly simplifies the process of connecting and deploying a new site by automatically getting its configuration from a central orchestrator. The centralized orchestration also ensures that QoS and security policies are seamlessly and consistently enforced in the new branch office.
An advanced SD-WAN solution like Aruba EdgeConnect can also continuously monitor network health and then automatically adapt to changing conditions. In this way, CIOs can ensure that the IT organization is always delivering optimal application performance via a central dashboard via health maps. These aggregated views, displayed on an easy-to-use dashboard, can show real-time WAN transport loss, latency, and jitter, allowing network administrators to proactively identify performance issues. Administrators can also monitor the health of network-connected appliances, top talkers, applications, topology map, mean option score (MOS), and more. All application traffic is easily identified by name and location, and alarms and alerts enable faster identification and resolution of network problems.
For more, Watch this short video on the key benefits of SD-WAN.
To learn how Aruba EdgeConnect SD-WAN can help facilitate digital transformation, Visit here.
5 Benefits CIOs Need to Know about SD-WAN Source link 5 Benefits CIOs Need to Know about SD-WAN
