Jan 13 2016

Making the Case for the Intelligent WAN

New products help organizations to better manage cloud services and other Internet-based apps across the network.

In years past, an organization with numerous satellite locations would run a dedicated connection to a central data center from each location. The IT staff would deploy wide area network (WAN) optimization devices in the data center and at the edge of the network in each branch. Barring an unpredictable spike in traffic, most networks would run fairly well under this architecture.

The cloud has changed all that. Today, branches may run cloud-based applications such as Salesforce.com, Office 365 or many others. Under this model, data and applications leave branch offices and get routed not to the main data center, but to a cloud provider.

Daniel Conde, an analyst with the Enterprise Strategy Group who covers networking, says as the cloud has developed, IT managers have found that they need a way to gain visibility and manage the traffic that leaves branches and heads out to the cloud, as well as to their data centers.

As the volume of content and applications traveling across networks grows exponentially, organizations must optimize their WAN investments. Enter the concept of intelligent wide area networking or IWAN, providing users an optimal experience over any connection at lower cost.


The percentage of IT managers surveyed who say they use public cloud services such as Amazon, Salesforce.com and Office 365

SOURCE: Gartner, “Hybrid Will Be the New Normal for Next-Generation Enterprise WAN,” September 2014

Intelligent WAN Design

While many manufacturers offer solutions that can address these issues, Conde says Cisco Systems owns a market advantage with the IWAN, or Intelligent WAN, product it released last year.

“Cisco’s IWAN product brings software-defined networking to the WAN, where the appliances can now make intelligent routing decisions on whether an application gets routed across a multiprotocol label switching (MPLS) network or an Internet connection, choosing a link based on its availability or the quality of service required by the applications,” Conde explains.

Chandrodaya Prasad, director of product management for Cisco routing and IWAN, says three driving factors led Cisco to develop IWAN.

First, Prasad says, Cisco was challenged by large financial companies to develop a product that could more effectively manage MPLS and Internet connections across the WAN. Banks, financial institutions and other organizations run multiple branches and needed a way to better manage the changing WAN environment and the application landscape with the adoption of newer cloud-based services.

Second, the increase in mobile devices and media-rich applications as well as continuous operating system, application and security updates, along with the need for guest access, put a strain on enterprise networks. In one example, numerous branch networks experienced slowdowns when employees consumed bandwidth downloading Apple iOS 6 on their iPhones. At that time, the industry recognized that as mobile devices became more of a factor on networks, a better solution for the WAN was needed.

Finally, Prasad says, it became clear that not all traffic had to go through a central data center; the Internet was moving to the branch because of the need for direct Internet access to improve app performance. Organizations realized they could offload guest and public cloud directly to the Internet with secure and efficient transport.

“We looked at the MPLS services and saw that a 1.5-megabit link runs about $700 a month, while a 15 megabits-per-second business-class Internet connection was being offered for about $300 a month,” Prasad explains.

“While we won’t see the end of MPLS, because there are still some applications that require that level of security and quality of service, organizations realized they could add to their savings by augmenting MPLS with lower-cost Internet links for optimizing traffic connections.”

The Four Pillars

Prasad says Cisco based the Intelligent WAN on four pillars: transport independence, intelligent path control, application optimization and secure connectivity.

  • Pillar 1: Transport Independence: Prasad says organizations don’t need to worry about the underlying infrastructure -- whether it’s MPLS or broadband running over 4G/LTE or cable. Enterprises desire a flexible combination of premium WAN and Internet connections with a consistent virtual private network (VPN) overlay for all transport types, as well as the flexibility to roll out services faster.
  • Pillar 2: Intelligent Path Control: This component makes it possible for an integrated services router to make split-second decisions – dynamically – on how traffic should be routed. A YouTube application that’s not high-priority would get routed over an Internet connection, while a video conferencing session between multiple law offices would run over an MPLS connection because it needs high-quality performance.
  • Pillar 3: Application Optimization: This component offers visibility into the network. It also includes critical features such as application acceleration and bandwidth optimization.
  • Pillar 4: Secure Connectivity: Cisco offers enterprises their choice of security technologies. These range from integrated security capabilities built into Cisco ISR routers, Cisco Adaptive Security Appliance firewalls or cloud-based security tools and encryption.

ESG’s Conde says organizations are finding it challenging to control data and applications in a cloud environment.

“Today with the cloud, data is everywhere, and that’s why in our cloud survey, IT managers say that security is one of their top priorities,” he adds.

Mark Urban, senior director of product marketing for BlueCoat, agrees that with so many Internet connections across the WAN and the growing threat landscape, security must be a top consideration. Optimization approaches must change to address the asymmetric nature of the Internet.

“It used to be that a retailer would have 1,000 stores, and all the traffic would go into a central data center,” he says. “But the way traffic moves today -- lots of cloud and general web traffic -- it created a terrible bottleneck, one that is too expensive to maintain.”

Urban says about four years ago the company started offering its BlueCoat Cloud Security Service, which filters incoming or outgoing network traffic. Organizations can block access to malicious content, pornographic sites or any web content that violates acceptable use policy.

“We track activity on billions of URLs and let IT managers know the type of content that’s delivered and how they can block malware,” Urban explains, adding that “BlueCoat uses advanced analytics to be predictive as opposed to reactive.”

To learn more about building toward a better network tomorrow, read CDW’s Tech Insights Guide “Gigabit Networking: Connect with the Future” at CDW.com/gigabitguide.