violetkaipa - Fotolia
Where do mobile users fit in with SD-WAN as a service?
SD-WAN as a service can act as a bridge between mobile users who want to access business apps on the go and network managers who want to manage and secure those users.
In most cases, conversations surrounding the topic of software-defined WAN deal with connectivity from corporate headquarters to one or more remote offices. This is because the technology behind SD-WAN requires two or more WAN connections between the two sites. These are typically either private MPLS links or IPsec tunnels over commodity broadband.
That said, two trends are causing network architects to take a closer look at how mobile users connect to and access company resources using modern technologies. The first is the fact that most workforces are becoming increasingly mobile in nature. Employees often have the need to work from home or on the go. These employees want to be able to seamlessly access business apps whether they're at home, at a coffee shop or in a taxi driving across town.
The second trend is a movement toward the use of public cloud, as opposed the company's private data center. Common remote access network designs force users to connect to the corporate office network before accessing company resources. This is typically achieved by using remote access VPN client software. If the apps and data no longer reside on the corporate network, however, it's inefficient for users to connect to the corporate office first, only to be redirected back through the internet to public cloud resources.
SD-WAN as a service centrally manages mobile users
The increasingly mobile and public cloud trends pose problems that make it less efficient for mobile employees to use current remote access designs. For one, having remote users connect to the corporate network first can cause significant performance issues to the end user. Instead, it makes more sense for the user to directly connect to internet-accessible resources in order to reduce latency and potential bottleneck issues.
If your cloud resources are scattered among multiple public cloud service providers, however, this raises serious security and administration problems in terms of user authentication and access policies. The old model of requiring all end users to authenticate on the corporate network first centralizes authentication and access-control rules. Allowing the user to directly connect to cloud resources effectively decentralizes these tasks, which can translate into an administrative nightmare.
Many businesses are looking at SD-WAN as a service to gain the performance improvement end users want, while eliminating security and administrative complications. As a managed service that several cloud service providers currently offer, SD-WAN as a service essentially moves remote access authentication and policy-enforcement responsibilities to the public cloud. By doing so, network managers gain the ability to centrally manage all mobile users.
Additionally, SD-WAN as a service builds similar load-balancing and prioritization policies found in private SD-WAN options. But with SD-WAN as a service, the WAN seamlessly extends to both private and public cloud resources. It's a win-win model that gives network managers the administrative and security controls they want, with the performance benefits end users want.