As software, platforms, and other IT functions are shifted to the cloud, enterprises are taking note of the cost savings, scalability, agility, and innovation made possible through these steps to digital transformation. IT teams are now shifting their attention to the cloud wide area network (WAN) and moving as much of the network infrastructure to the cloud as possible.
Cloud WAN virtualized the management of the network, separating the control plane from the forwarding plane in software-defined wide area networking (SD-WAN). It solves many of the common challenges that emerge when enterprises begin migrating to the cloud, including increased demand for bandwidth and performance requirements, in addition to the growing and varying concerns related to network security.
Managing a cloud WAN is far from being a set-it-and-forget-it solution. Take a look at some of the considerations you’ll need to include in your ongoing cloud WAN strategy:
Security: The fast-paced, changing nature of cyber security threats is further complicated by the broadening of the security plane due to cloud adoption. Connectivity with cloud solutions introduces countless access points and additional vulnerabilities. Enterprises are also supporting mobility for employees as well as managing fleets of Internet of Things (IoT) devices, which both add complexity by multiplying the number of endpoints connected to the network.
While most of your employees may be picturing a malicious hacker that lurks in the shadows, waiting to pounce on your data, most security incidents are caused by employee mistakes. In addition, many employees are not trained to recognize common security threats, such as a phishing email.
Understanding how these factors impact your cloud WAN will make you more effective at network security. Some SD-WAN solutions offer end-to-end encryption and granular visibility into the network as well as continual monitoring which can help detect an anomaly. Traffic segmentation in the WAN can also help isolate a potential threat, preventing it from impacting the broader network.
Obtaining the Right SLAs: When you partner with a cloud provider, you’ll receive a service level agreement (SLA), of course, but how do you know if that SLA is adequate for your needs? The simple answer is that your SLA should be extensive to the degree that the cloud provider is integrated with your systems.
For instance, if you’re accessing Software as a Service (SaaS) for a customer relationship management solution, you may demand a less stringent SLA than you would for a cloud WAN. After all, your entire set of business functions, including communications and your core platforms, are dependent on your network to continue business operations. What will the impact be to your provider if you experience downtime? You need to be sure that your access to your cloud WAN won’t limit application performance or availability.
You need to know how your reliability or availability are guaranteed by a virtual private network (VPN) or other connection to the cloud. If your provider’s SLA amounts basically to “best efforts” you may not gain much with a VPN.
Understanding Data Flows: Adding cloud WAN means not just maintaining a connection to the cloud, but including the cloud as an equal partner in your enterprise WAN. This introduces distinct data flows to your network infrastructure:
- Worker access
- Data exchanges between the cloud and data center
- Application component sharing and sharing applications themselves
How these data flows occur in your network setting will inform your choices about technology and your best connection solutions.
How you integrate your cloud WAN will depend on how cloud resources and data center resources relate to one another. If cloud apps are directly accessed by your end users, the cloud will appear as an additional enterprise data center on your WAN. This will look similar to how a regional data center appears on your WAN.
If the cloud WAN is accessed to offload work when there’s a peak period or as a back data center, the resources should appear as alternative servers or as storage inside the enterprise data center.
While the first example utilizes IP-layer connectivity through a VPN, the second requires a little more investigation. You’ll need to examine the data center network to decide whether you’ll network the servers and storage at the IP level or through the Ethernet connection. If you prefer VPNs, you would need to tunnel Ethernet over the VPN, which can compromise efficiency and performance. It’s a good idea to check with data center network providers to determine whether connectivity is available through an IP-based link.
The benefits of cloud WAN boil down to performance and availability, so it’s important to manage the network that connects to the cloud, but also for public cloud services.
If you’re considering cloud WAN, it’s a good idea to begin with an assessment of your current network and the goals you have for a potential infrastructure upgrade. Contact us at TailWind, where we offer on-site certified technicians to ensure a smooth transition to your new network solution.