Wide Area Network (WAN) technologies have evolved these last few years to better align with our drastically changing way of consuming IT resources. Indeed, the post-pandemic shift to remote work / “Work From Home”, combined with business-critical applications and data moving to the cloud (both public cloud hosting and SaaS), is accelerating this transformation! In this article, we review the main trends observed with regards to WAN technologies, the main drivers that led to their adoption. These new technologies also introduced new challenges in termes of performance monitoring and troubleshooting: what’s the best way to setup the adequate monitoring for your hybrid connectivity?
WAN technologies evolution: how hybrid connectivity came into play?
Early days: centralized IT resources
Factors such as flexibility, scalability, security and costs have always driven the evolution of WAN technologies.
If you were already in the business in the 90’s, you probably remember WAN infrastructures built on technologies like leased lines, frame relays, and perhaps even X.25. Later, MPLS (Multi-Protocol Label Switching) imposed itself as the major WAN technology, thanks to its advanced architecture flexibility.
At that time, most of the corporate IT resources were located in on-premise data centers, fully managed by the internal IT team. The remote users (when they were allowed to connect to their corporate network remotely, which was certainly not prevalent at that time) were connected through Internet VPN connections. Furthermore, accessing the Internet from the different remote locations were centralized at the corporate headquarters level. This was a good way to optimally secure all external communications.
In the meantime, several major technology and environment shifts completely changed the WAN game, making hybrid connectivity the new norm and monitoring it a key question for most IT infrastructure managers:
- The rise of the cloud and the need to connect the legacy datacenters and the cloud based infrastructure
- Network abstraction: the adoption of software defined WAN and the multiplication of overlays and underlays
- Work from Home and SWGaaS / CASBs
IT resources decentralization: the cloud era
It is not a secret anymore: a lot of organizations migrate their IT resources to the cloud, using services like IaaS (Infrastructure as a Service) or PaaS (Platform as a Service). They also adopt SaaS (Software as a Service) as a way to better serve business-critical applications without the cost of implementing and maintaining the underlying software infrastructure.
In such a cloud context, IT applications and resources are often spread across the globe so that they are delivered as close as possible to the users. So centralizing external connections at the corporate data center level does not make sense anymore. In some situations, a corporate data center even does not exist anymore!
So the main challenge at that time was to guarantee a more efficient and performant access to cloud resources, from all remote locations, while keeping the costs and security aspects under control. It required organizations to look for the best network connectivity and transport providers, able not only to deliver performant and stable local connectivity but also as performant and stable Internet/cloud access.
The good news is that there are plenty of possibilities at your disposal. Plethora of telecom exchange providers can offer you the network connectivity technology that will address your specific requirements in terms of performance, security, reliability and costs.
They can provide you with access to their own data center(s) through MPLS connectivity, fast Internet access to SaaS through DIA (Direct Internet Access) service, or ensure connectivity to CSPs (Cloud Service Providers) from their backbone. You can also directly connect to major CSPs through Direct Connect services.
This is just a few of the possibilities you have. And of course, you can multiply the technologies at your disposal by the number of global or local providers that can deliver them to you!
Network abstraction: software defined WAN and the multiplication of overlays and underlays
With this increased level of complexity and offering diversity, it was time to find a way to simplify the management of heterogeneous network infrastructures.
This is where SD-WAN (Software-Defined Wide Area Network) solutions came into play.
SD-WAN is a new approach to delivering cloud-first networks that offer the agility, flexibility, cost and performance that today’s applications require. SD-WAN allows enterprises to transition away from a device-centric and circuit-centric environment. It does this by decoupling the logical network architecture, called “overlay network”, from the underlying technologies used, called “underlay infrastructure”.
In other words, the goal of SD-WAN is to use multiple physical WAN links of any kind to carry business traffic without the need for complex configuration and network engineering.
Where organizations historically used MPLS to connect widespread locations to one network, SD-WAN presents a less complex, more flexible, cheaper solution, without sacrificing any of the sophistication or security.
In an article of February 2021, Telegeography observes that SD-WAN technology has now gone mainstream.
Work From Home and CASB (Cloud Access Security Brokers) / SWGaaS (Secured Web Gateway as a Service)
The post-pandemic period we are all living in has pushed organizations to adapt their way of operating their activities. Companies have largely promoted Work From Home (WFH), if not imposed. This increases the level of complexity of the whole mix, as the additional questions are now:
- How do I secure my home workers and my organization’s assets from threats that will target home users that are by nature not protected by my corporate security arsenal?
- How can I ensure a performant home user’s network connectivity to my corporate resources as I cannot monitor their local networks and operators? Even if it is possible to deploy SD-WAN edge appliances at home offices, this is not mainstream.
Furthermore, securing access from home users to cloud-based resources requires an additional layer of security. This is typically delivered by CASB (Cloud Access Security Broker).
This centralizes all users’ connections to SaaS and as such, has an important impact on the network path between users and business applications.
This drives overall performance.
Hybrid connectivity monitoring challenges
The network technologies
Nowadays, organizations have a myriad of network technologies at their disposal to ensure network connectivity from their users, all the way down to their corporate IT resources. Examples of connectivity are corporate MPLS networks, third-parties MPLS networks, Direct Internet Access, VPN over Internet, WFH on Internet (WiFi, Mobile 4/5G, ….) and the list goes on.
The network providers
Traditionally, users were located at specific locations, being at headquarters or remote branches. These locations were covered by good quality network connectivity. Nowadays, the users are more and more spread around. Working from home due to the pandemic situation widens this user’s dispersion.
For global organizations, ensuring stable and performance corporate assets access for all users becomes a real challenge. Indeed, finding a network provider able to globally cover their needs cannot often be achieved. Each network provider does have its specificities, regions where they can deliver good services, and others where they are less active, or even not present. Organizations end up with contracting services from different network providers.
The Cloud Services Providers and associated advanced services
Users are not the only element of the puzzle to be more and more spread. Corporate resources follow the same trend. While most of the companies only connected to one major CSP some years ago, most of them will go to a multi-cloud strategy in the future. In its cloud prediction for 2021 report, Gartner predicts an important move to a “Ditributed Cloud” strategy (using multiple CSPs) to the detriment of “Hybrid Cloud” (mixing on-premise and cloud infrastructures).
From a network connectivity perspective, this multi-cloud strategy will add complexity as organizations will have to choose the right network providers to work with, not only depending on the location of their users, but also of their versatile business applications.
Technologies constantly evolve to address new market trends and demands. WAN is no exception. While companies will more and more move to a global decentralization of IT resources (through distributed cloud strategies) and users (e.g. WFH), new network technologies as well as network providers offerings emerge to address the needs for performant, reliable, and secure network connectivity.
But, even if solutions like SD-WAN can hide the complexity of underlying technologies by defining logical overlays, this complexity of mixing different underlay technologies, through different network providers, remains a fact!
And the question becomes: How on earth can you keep all of this under control, or at least understand the root cause of any degradation in such a highly complex and dynamic environment? As an example, in case your network experiences a DDoS attack, how can you quickly identify which of your business resources may be impacted, and for which users?
For this, you need a network-provider and network technology neutral monitoring solution, able to analyse in real time, and for all regions of the planet, all of your users, how they connect to your resources and applications, spread between different providers. And this is exactly what Kadiska does.