A Different Type of WAN Optimization is Needed from the Branch to the Cloud

Taking deployment and security into account for cloud strategies.

Cloud has obviously become one of the biggest, if not the biggest, topics of conversation in the tech industry today. I’ve done a number of presentations, panels and roundtables on the subject and the big topic of conversation is always security and deployment strategy, which makes sense based on where we are in the evolution of cloud. However, I do think one of the often overlooked topics of investigation is the impact on the network and how to optimize user experience.

Legacy networks are built with a “hub and spoke” design. That is, all branches connect to a single “hub” location from which they receive network-enabled services, including Internet access. So, with the hub and spoke design, all traffic, in effect, “trombones” where it comes into the central location and then back up one of the spokes to a branch office.

While this is inefficient, it was workable since the majority of corporate applications are housed in the data center so the only traffic that is “tromboning” is Internet traffic. With legacy computing architectures, almost all applications are served up from the data center. The explosion in cloud-based applications, on the other hand, has started to dictate that more and more critical applications are being pushed out into the Internet. This means that almost all cloud traffic headed to the branch needs to be routed through the central hub location.

So what does this mean for performance? Well, with legacy applications, WAN optimization is done with a dual-sided solution, meaning one box is placed in the data center and then one is placed at the branch office. These two boxes optimize the application traffic between them. With a cloud-based solution, network managers have no ability to place an appliance in front of the application since it resides in the cloud. This means that any WAN optimization of cloud applications must now function as a single-sided solution, with one device at the edge of the enterprise that can perform the work of a traditional two-box solution.

The good news is that a WAN Optimization solution that supports both traditional symmetric and single-sided optimization for cloud-based traffic actually gives the enterprise a tremendous amount of flexibility with regard to how the WAN is architected. Instead of using the traditional hub and spoke design, branch offices can access the Internet directly, obviating the need to pass through that central location. A company could do this for larger branch offices where it makes sense to put a single-sided WAN optimization solution and then have the smaller branches pass through the hub. Or it might make sense to deploy single-sided WAN Optimization at the smaller branches as well to eliminate the cost of backhaul and other expenses associated with branch deployments. Either way, this would provide the best possible user experience while using the network bandwidth most efficiently.

The other factor that needs to be considered when optimizing cloud applications is, of course, security. There isn’t a survey that I have seen or an interview I’ve done where security isn’t the top concern for anyone considering cloud. There is plenty of security being built in the cloud-based services, but it’s also important to secure the network as well. Filtering out bad data at every ingress point protects the enterprise but also improves performance since all that bad data won’t be passing over the company network any more. One of the best ways to secure the traffic that runs from the cloud to the branch using a single-sided WAN Optimization solution is to route that traffic through a cloud security service that provides the same level of protection as traditional on-premise solutions. Cloud security services like these can scan and protect against threats before they even reach the branch.

Cloud is on the verge of exploding but companies need to ensure they have the right WAN strategies in place before making it the primary application strategy. WAN Optimization solutions that support both traditional symmetric and single-sided optimization, combined with a strong security service, can be a key component in that strategy, eliminating datacenter backhaul and costs and offering a new level of flexibility for the enterprise network.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2012 IDG Communications, Inc.