Four Questions For Life After MPLS

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Anyone who’s purchased MPLS bandwidth has experienced the surreal. While at home you might spend $50 for a 50 Mbps Internet link, MPLS services can cost 10 times more for a fraction of the bandwidth. SD-WANs promise to address the problem, of course, but even as an SD-WAN provider we can tell you that SD-WANs may not be right choice for everyone. So much depends on how you answer certain questions about your business, the resources available, and your networking requirements. It’s why we put together a checklist (humbly called “The Ultimate Checklist”) for figuring out whether you should stick with MPLS or consider an SD-WAN.

Start by addressing the core questions to know if the Internet can play a role in part or entirely as your next backbone. The questions break down into four areas:

Availability – What level of network availability does your business require?Capacity – How do capacity constraints impact your business?Latency – How will your applications be impacted by the increased latency and loss incurred on the Internet?Security – What do you need to secure the Internet access points at each of your offices?

Each of these four areas consists of dozens of sub-questions; we boiled them down to just 13. With security, for example, do you want to offload Internet traffic at the branch or backhaul traffic to the datacenter? If you’d like to eliminate the “trombone effect” and take advantage of the improved cloud and Internet performance that’s possible with SD-WANs, you’ll want Internet offload.

But with Internet offload you’ll have another consideration — remote office network security. MPLS services arose at a time when threats existed “out there” on the Internet and Internet traffic was the exception not the norm. So we created a secured Internet access point for the company, backhauled Internet-bound traffic from offices across the WAN to that Internet hub, and minimized the need for branch security.

Such an approach might have worked when threats were outside of company and Internet traffic was the exception. But Internet traffic is the norm and today’s threats are as likely to emanate from our offices as they are from the Internet. As such, many security professionals are looking to apply advanced security services, such as malware protection, and next generation firewall (NGFW), to the WAN as well as Internet connections.

WAN architectures give you a range of choices for addressing these security considerations. MPLS services effectively segment traffic at layer 2, but provide no additional network security. SD-WANs segment traffic at layer 3 and encrypt traffic,you’ll need a third-party vendor for advanced security service. Cloud-based SD-WANs go a step further and integrate the advanced security into the SD-WAN. 

Many different options and many different kinds of architectures to consider. We hope the “The Ultimate Checklist” helps.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Cato Networks
Cato Networks is rethinking network security from the ground up and into the Cloud. Cato has developed a revolutionary new Network Security as a Service (NSaaS) platform that is changing the way network security is delivered, managed, and evolved for the distributed, Cloud-centric, and mobile-first enterprise. Based in Tel Aviv, Israel, Cato Networks was founded in 2015 by cybersecurity luminary Shlomo Kramer, who previously co-founded Check Point Software Technologies and Imperva, and Gur Shatz, who previously co-founded Incapsula.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?