Many years ago, there was a “new kid on the block” called SD-WAN. It was the buzz-word that everyone was talking about; the ability to break the chains that kept us bound to a “legacy” WAN.
SD-WAN promised a range of benefits:
- The ability to define your own WAN topology that was agnostic of the underlying transport used
- Leverage multiple WAN transports allowing for dynamic path selection based on defined performance criteria for different types of traffic
- Ensuring that your business-critical applications were always performing at their best!
%20New%20Kid%20on%20the%20Block/SD-WAN.gif?width=1792&height=960&name=SD-WAN.gif)
All of this was delivered in a turn-key solution that was fully automated and simple to deploy! But then it went quiet on the SD-WAN front, it was no longer the “buzz word”….
To assume that all organisations have already made their transition into SD-WAN, and that the technology is now completely standard is a drastic overstatement.
The reality is, that it hasn’t been that easy to deploy, and that a lot of consideration is needed when planning a transition to SD-WAN; increased use of public cloud for our workloads, heavy reliance on Internet facing SaaS apps, facilitating remote workers, all the while keeping everything secure!
In this blog, we'll explore how modern SD-WAN has solved some of these deployment headaches.
ASSOCIATED BLOGS:
Customer Scenario
With this in mind, let me share a recent journey I had with a customer, and how IPTel was able to help them execute on a vision to modernise their WAN infrastructure, and allow them to achieve some key criteria:
- Exit their on-prem Datacentre
- Provide DIA (direct internet access) from each site for improved SaaS application performance
- Move away from an MPLS-based WAN network and leverage more cost-effective connectivity options
- Centralised control, delivered from the cloud
- Have the ability to implement security controls holistically across the organisation
.png?width=240&height=240&name=D4%20Meraki%20SD-WAN%20(Instagram).png)
Existing edge routers were Cisco ISR4K connected to an MPLS WAN.
Each router was configured via the CLI (Command Line Interface) and offered no visibility into applications traversing the network, or any metrics on the ‘health’ of the WAN.
Internet access from all the sites had to go via the datacentre, and there was no ability to securely allow remote workers to access resources.
The scenario leads itself to the deployment of an easier to manage and commission set of technologies. Cisco Meraki has just such a set of technologies, with the added benefit of the ease of management via the cloud.
ASSOCIATED BLOGS:
Solution Overview
We decided to implement an SD-WAN solution built on the Cisco Meraki platform using the Meraki MX range of UTMs (routers) and use Cisco’s cloud-based security platform Secure Connect as a centralised policy point for securing workers both on and off the corporate network.
Apart from being able to use the MX devices to deploy connectivity between sites, we were also able to connect to the Cisco Secure Connect cloud from the MX at each site.
Here is a high-level view of the deployment built upon Cisco Meraki SD-WAN and Secure Connect (diagram courtesy of Cisco):
%20New%20Kid%20on%20the%20Block/Picture1.png?width=559&height=443&name=Picture1.png)
Here is a closer look at the functions within the Cisco Secure Connect cloud:
%20New%20Kid%20on%20the%20Block/Picture2.png?width=726&height=221&name=Picture2.png)
Remote users would also VPN to the Secure Connect cloud. Trusted traffic would go directly to the Internet via the “underlay” and all other traffic would go through secure tunnels to Secure Connect for inspection.
We were able to pre-configure most of this via the Cisco Meraki Dashboard even before any MX’s were delivered to the sites, resulting in a smooth transition and minimising any disruption to service for the customer..!
ASSOCIATED BLOGS:
SD-WAN: Summary
SD-WAN has been around for quite some time, but with the latest iteration, the design and commission is more intuitive and the overall solution less expensive.
.gif?width=240&height=240&name=Enhancing%20Network%20Security%20Cisco%20Umbrella%20(Instagram%20Post).gif)
The key aims of SD-WAN are to ensure certain traffic types are prioritised and protected, while making use of cheaper carriage and Meraki delivers on these requirements.
We ended up delivering exactly what the customer wanted; a modern WAN infrastructure that is easy to manage, secure, facilitates remote workers, and provides plenty of visibility into the performance of the network..!
Meraki cloud managed SD-WAN is a great option for many businesses with lots of sites, and at a price-point that provides a return on the investment.
At IPTel, we have passed the relevant certifications with Cisco to support SD-WAN as part of our Managed Services offering - drop us a line is that's of interest.
To find out more how IPTel has helped customers to transition to SD-WAN, please read the following:
ASSOCIATED BLOGS:
