Everywhere you look the need for more bandwidth keeps on increasing. Businesses are contending with this phenomenon now, and as demand for bandwidth explodes further over the next few years (as the Internet of Things, big data, mobility and other major tech trends accelerate), companies will want to keep networking costs under control by routing much of this additional traffic as appropriate over the Internet.
More and more businesses are starting to deploy some form of hybrid network by moving Internet breakout from the traditional domain of the data centre to sites and locations much closer to the end users and deploying routing policies to offload the Internet bound traffic as soon as possible. This alleviates the need to transport Internet traffic across the corporate network, thus freeing this network to deliver the services that are critical to the business operations and applications.
It does, however, start to introduce a number of new security implications that need to be considered carefully. Part of the reason for hauling Internet traffic back to a small number of known locations before breaking out to the Internet was that these locations could be heavily defended. Security devices and applications could be deployed in concentrated locations, firewalls locked down, ports managed and provided that gateway was protected the rest of the organisation was relatively safe.
However, adding more Internet breakout connections potentially increases the attack surface that companies expose to would be attackers. Deploying all the security resources in the data centre at these much more numerous locations is unlikely to be a feasible in terms of cost, time or skills. So a different, layered approach to corporate security is required alongside hybrid networking.
Depending on your business needs and priorities, there’s a good case to be made for any of the existing technologies commonly used for hybrid networking, many of which are at an advanced stage of maturity. If application acceleration was your priority, you might favour a solution like Riverbed, for example, or if application prioritisation was more important, something like InfoVista perhaps. In fact, both solutions – and most on the market – will handle acceleration and prioritisation, as well as giving you application visibility – they just have slightly stronger capabilities in one area over another. For lower cost and ease/speed of set-up, meanwhile, SD-WAN might look the most attractive option.
As organisations ramp up their use of public networks, so they must pay much greater heed to security. A lot of organisations still procure their network and security solutions separately. We would strongly advise any company with a hybrid network environment to bring the design, procurement and operation of their network and security much closer together – and work with partners that have intimate knowledge and experience in both areas. This, above all other hybrid networking challenges, will be key going forward.
"As organisations ramp up their use of public networks, so they must pay much greater heed to security."