How Your Renovated Architecture Will Simplify & Secure Connectivity

Enterprise Network Architecture

Enterprises Reap Benefits of Using Cloud to Connect Places

(This post is part 2 in a series by Todd Kelly discussing how to build next-generation WANs to support people, places, and things.)

As previously explored in part one, "First Steps Toward a Renovated, Future-Proof Network Architecture," there are two key first steps companies can take to renovate and future-proof their network architecture:

1) Implementing broadband and LTE.

2) Routing Internet traffic through the cloud.

After taking these steps, IT administrators will notice that renovated architecture also ushers in simplified, more secure connectivity.

Simplifying & Securing Connectivity with Broadband & LTE

As IT administrators begin implementing broadband and LTE, they are able to easily automate the rollout of network infrastructure and deploy these configurations without a lot of complexity and chance for human error. This automation comes via cloud-based management and by leveraging 4G LTE-as-WAN.

Using a broadband WAN service such as LTE allows a business to have a branch location up and running as soon as power is supplied and equipment (such as Point-of-Sale technology) is connected to the Edge router. The traditionally complex, expensive, and time-consuming process of setting up hardware and waiting for a wired connection to be delivered and installed has been virtually eliminated. Through a cloud management platform such as NetCloud Manager, LTE enables routers to configure themselves, identify their location, and connect automatically to multiple towers through software-defined radios.

This type of automation is made possible by several key advancements. Traditionally, legacy configuration practices by IT engineers relied on creating lines of router configuration code — and perhaps even coding scripts and logic to help with implementing changes, new features, or even new equipment. Also, traditional configurations often required static/private IP addresses, which can be time consuming to provision and often provide an expanded threat surface on the WAN for hackers to target at an enterprise.

This process was labor intensive, was prone to human error, and needed to be repeated every time updates or modifications were needed. With cloud management, a configuration can be set once through a simplified web UI. Routers implement this configuration automatically, without requiring expert certifications in any particular vendor technology or any static IP configurations.

Using a cloud management protocol — such as Cradlepoint’s Stream Protocol —  adds another level of simplicity. When businesses have unmetered or even metered (pay per bit) WANs such as LTE, they often need to reduce the amount of bandwidth that is utilized for router management. Using traditional management protocols such as SNMP over a metered WAN can take eight to 10 times more bandwidth and does not always provide a persistent connection with the router to control network traffic and security policies.

When WAN connectivity is simplified and automated, many of the manual security mistakes are reduced or eliminated. When managing the physical locations on a network — such as branch locations at the Network’s Edge — businesses have traditionally needed to administer hardware-based security manually on site. With broadband and cloud-managed routers, IT professionals can now use cloud-hosted security services to deploy best-in-breed security functions as software.

Companies can use the cloud security services for managing, running, and securing a network; they also can leverage APIs on a cloud platform to plug into third-party, higher-order security platforms such as security incident event management (SIEM) platforms for additional visibility and control with no need for hardware.

This kind of network renovation still provides a consolidated view and control for network administrators while simplifying and securing the enterprise branch without the need to deploy hardware.

Simplifying & Securing Connectivity Through Cloud-Routed Internet Traffic

One of the biggest security challenges involves constantly gathering information on emerging patterns, behaviors, and events that need to be analyzed in case they threaten an enterprise’s data and infrastructure. The techniques IT professionals use to analyze this information are always changing and can be computationally intensive, thereby requiring specialized ASICs or hardware to ensure a good user experience for everyone on the network.

For most businesses, at least 75 percent of traffic generated at the Edge of the network is destined for the Internet. Yet a large number of enterprises still send all of their traffic from a remote branch office back to headquarters before routing it to the Internet. As a result, companies constantly need to increase their WAN capabilities to handle more data and must deal with additional processing delays for their end users. They also need to manage the process of evaluating and refreshing hardware security platforms within their HQ data centers every three to five years, even though most of the remote branch traffic is destined for the Internet.

Renovating the architecture so that Internet traffic can be routed directly from a remote location reduces these delays and the additional WAN bandwidth needed in the headquarter data center. Security can be implemented locally on Edge routers for less computationally complex functions such as firewalls and intrusion prevention while using cloud-hosted security services for computationally intensive security (IE Secure Web Gateway), protecting the network’s and end users’ Internet traffic.

This kind of solution allows IT professionals to maintain local control, implement custom policies, and utilize management solutions that are software driven and more centralized. The user experience improves, WAN costs at the home office data center decrease, and the company no longer has to backhaul all Internet traffic into its data center. 

Embracing cloud security services helps companies rapidly evolve and compete; companies no longer need to build and maintain stacks of hardware in data centers specifically for securing Internet traffic. Instead, IT staff can focus their attention on revenue-generating activities that build a competitive advantage within the company.

These initial steps for renovating your business’s architecture can vastly improve the availability of the network, bring more bandwidth to the network’s Edge, and help a company embrace the cloud for connecting remote places within the enterprise.  

WEBINAR: Building Next-Generation WANs

For more information on how your renovated architecture will simplify and secure connectivity, watch this on-demand webinar about “Building Next-Generation WANs to Support People, Places, and Things.”