WHY YOU NEED 4G/LTE WIRELESS FAILOVER FOR BROADBAND

It’s impossible for a broadband internet connection to deliver 100 percent uptime. Lost connectivity can be caused by a wide range of issues, including bad weather, construction, an auto accident that knocks out a telephone pole, or a glitch with your Internet service provider. But users across your organization don’t want to hear that when they can’t quickly access the applications and data they need. And don’t even think about using that excuse with your customers when dropped calls or poor quality video conferencing quality make clear communications impossible.

Organizations that depend upon broadband to support point-of-sale applications, cloud-based services and other critical business solutions must have reliable, 24×7 connectivity. Otherwise, retail locations, warehouses, remote branches and users won’t be able to communicate with the corporate data center or each other. They end up losing productivity, revenue, and the confidence and loyalty of their customers.

Organizations need to be prepared for downtime across their WAN when they inevitably lose their broadband Internet connection or other wired service. In fact, even the most reliable multiprotocol label switching (MPLS) service isn’t immune to outages and such dedicated connections are typically cost-prohibitive for remote locations.

Organizations will often implement two separate broadband connections to protect against a possible service provider outage. However, this doesn’t always provide true redundancy. Many buildings have a single point of entry for communication cables, so the actual conduit itself is a single point of failure. It’s often necessary to use different technologies for primary and backup connectivity in order to ensure maximum availability.

A business continuity network that combines different connectivity options – wired Ethernet and 4G/LTE wireless – will ensure that your organization has 100 percent network availability as well as the bandwidth and performance that are critical to business operations.

The InSpeed software-defined WAN (SD-WAN) solution enables you to create a business continuity network that combines cost-efficient Broadband Internet with highly reliable wireless connectivity. Because data can use multiple independent pathways and alternate routes to reach its destination, this environment eliminates the possibility of a single point of failure and provides users with greater reliability, flexibility and versatility. The InSpeed SD-WAN ensures security by encrypting data from end to end.

But a business continuity network isn’t enough — you also need automated failover capabilities. The InSpeed Quality Service (IQS) solution continually monitors the WAN and automatically fails over to 4G/LTE wireless when broadband Internet connectivity is lost, allowing for seamless business continuity. The switchover is so fast that voice calls won’t get dropped, enabling you to maintain the highest levels of productivity and deliver the best possible customer experience. When the wired connection is restored and stabilized, InSpeed will detect it and automatically fail back to the broadband Internet service.

In addition to preventing a disruption to business operations, 4G/LTE wireless is faster to deploy, easier to manage and more reliable than wired failover solutions, and can be less expensive. 4G/LTE wireless may also provide the most reliable service in remote areas that have limited or slow Internet connectivity, or no connectivity at all.

Every wired Internet connection must have redundancy – a reliable backup plan – in order to avoid the potentially disastrous consequences of an outage. Let InSpeed show you how 4G/LTE wireless failover can protect your organization by delivering reliable and secure Internet connectivity.

HOW SD-WAN CAN HELP ENHANCE CYBERSECURITY

Traditional security architectures focused primarily on protecting the network perimeter. Firewalls and other devices were used to create a defensive barrier between an organization’s secure internal network and the open Internet. While perimeter security is still critical it no longer provides adequate protection. The cloud, mobile and an increasingly distributed IT environment have created a “perimeter” that is porous and ill-defined.

Security risks have also increased due to shifts in wide-area network (WAN) connectivity. In the past, organizations would connect branch offices to headquarters using dedicated private lines or multiprotocol label switching (MPLS) services. Branch locations typically did not connect directly to the Internet. Instead, Internet traffic was backhauled over the WAN through headquarters, which had more robust defenses.

MPLS is reliable and secure but also extremely expensive. In addition, it’s not well-suited to today’s network traffic patterns, which emphasize Internet services, cloud-based applications and communication tools such as voice over IP (VoIP) and video conferencing. Backhauling Internet traffic creates latency that impacts the user experience. Direct local access to the Internet provides a better user experience at a much lower cost. However, the Internet is not reliable or secure.

The need to connect branch locations directly to the Internet is one of many factors driving the adoption of software-defined WAN (SD-WAN). SD-WAN makes it possible to mix multiple data transport services, including broadband Internet, to create a hybrid WAN. The “software-defined” component is a communications overlay and policy-based automation that selects the best path for WAN traffic based upon network conditions and application requirements. This helps to overcome the inherent unreliability of the Internet, enabling organizations to reduce WAN expenses significantly by taking advantage of more cost-efficient bandwidth.

But what about security? Doesn’t a direct Internet connection amplify security risks? Yes, but the right SD-WAN can help to enhance security across the distributed IT environment. Best-in-class SD-WAN solutions use standards-based authentication and encryption to protect data traveling over the Internet.

Security is a core component of InSpeed’s SD-WAN solution. InSpeed Quality Service (IQS) is a cloud-based controller that prioritizes network traffic, manages bandwidth and ensures that business policies are enforced over any connection. The InSpeed cloud instance is located in a hardened data center with the highest levels of security.

A small on-premises network appliance is installed in-line with a site’s WAN connections, sending all traffic over a secure VPN tunnel to the InSpeed cloud. Robust, end-to-end encryption gives added security to enterprise WAN traffic.

IQS makes it easy to set up a secure, private, site-to-site network mesh using broadband Internet connections. It provides the same level of security and reliability as a carrier circuit along with the Quality of Service (QoS) features that InSpeed is known for, as well as the critical components of a firewall that protect against external attacks—all included in our standard product. In addition, InSpeed minimizes the security risks associated with remote workers connecting to the corporate network. By integrating the remote user into the corporate WAN mesh, InSpeed secures the connection from a small office/home office to headquarters without the need for complex firewall configuration and management.

Firewalls and other perimeter defenses are still key elements of a layered security approach. However, cloud connectivity and the distributed nature of today’s IT environment means that data is traversing the Internet as well as private networks. IQS helps to protect that data while ensuring a high-quality user experience.

Does MPLS Still Have a Role to Play in the Modern Software-Defined WAN?

Hint: You Can Get the Best of Both Worlds.

Software-defined WAN (SD-WAN) is often touted as a cost-saving technology that enables organizations to slash their telecom expenses. The savings typically comes through the elimination of multiprotocol label switching (MPLS) services, which are reliable and secure but also very expensive compared to other data transport options. However, pigeonholing SD-WAN as the “anti MPLS” solution overlooks one of its primary benefits: flexibility.

First, a little history. MPLS has its roots in traditional “leased line” telco circuits that provided a fixed path from point A to point B. Designed to improve IP network traffic performance, MPLS adds a label to the data packet header that determines the forwarding path the data should follow.

In essence, MPLS creates a virtual “leased line” by carving out a fixed path over a Layer 3 routed IP network that’s shared by multiple customers. End-user customers add virtual private network (VPN) “tunnels” to encrypt traffic, providing security.

MPLS has been widely deployed because of its inherent reliability and security. Broadband Internet, in contrast, is a “best effort” medium that traditionally has been used only for low-priority traffic or in areas where MPLS was not an option.

MPLS was great for multi-branch locations during its heyday but is limited in performance and sold at two orders of magnitude higher cost per bit. One of its limitations is that all locations need to be connected to the same service provider, which increases the cost and, in some cases, precludes its use due to lack of availability. Although generally more reliable than broadband Internet, it is manually configured and prone to performance and availability issues due to service provider configuration errors.

There are other drawbacks as well. Provisioning MPLS service or adding bandwidth typically requires significant lead time – weeks and months. And MPLS may not be available in some remote locations.

SD-WAN gives customers the flexibility to choose the best data transport service(s) for their needs without sacrificing the benefits of MPLS. Commodity broadband Internet connections — which are cheaper, more widely available and faster to provision than MPLS — can be combined to create a WAN that is highly resilient.

Customers hesitant to simply drop MPLS can create hybrid networks with commodity broadband in conjunction with MPLS. Best-in-class SD-WAN solutions continuously monitor network conditions and make automatic, load balancing routing decisions. Sub-second failover protects against service provider outages with little to no impact on the user experience. VPN tunnels with end-to-end encryption protect data as it travels over the public Internet.

Given the critical importance of the WAN to business operations, many network administrators are reluctant to move away from MPLS. And they don’t have to. Again, SD-WAN provides flexibility and choice. MPLS can be maintained for traditional data center traffic and other connectivity options added to handle Internet traffic.

Many of InSpeed’s customers have indeed used our SD-WAN solution to eliminate MPLS. They found that InSpeed and broadband provided better performance and Quality of Service than MPLS — so why pay the premium price? But that’s a business decision. We believe that MPLS still has a role to play in the modern WAN and give you the flexibility to leverage it along with other data transport options.

 

The Easiest, Most Cost-Efficient Way to Set Up a Full Mesh VPN

The Easiest, Most Cost-Efficient Way to Set Up a Full Mesh VPN

As organizations connect branch locations directly to the Internet — rather than backhauling Internet traffic to headquarters over multiprotocol label switching (MPLS) services — they need to ensure the security of those remote site connections. InSpeed Quality Service (IQS) establishes a virtual private network (VPN) to protect company data as it travels over the Internet.

IT pros talk about using VPN tunnels to transmit data securely from one point to another. The word “tunnel” is used as a metaphor for a private pathway through an unsecured network such as the Internet. The tunnel is created using encryption to encapsulate the data packets. Because the data is encrypted, only the designated recipient can read it.

Organizations set up VPNs to connect two or more sites to one another, or to allow remote users to securely access company resources. There are three primary VPN topologies:

  • Point to point: This is the simplest form of VPN, in which one site connects to another. The VPN is set up and configured at each endpoint.
  • Hub and spoke: Each remote site is a “spoke” that connect to the headquarters “hub” via a separate VPN tunnel. The remote sites communicate with one another by going through headquarters.
  • Full Mesh: All sites are connected to one another. This is the most complex VPN topology, but also the most flexible and reliable.

Organizations have traditionally used the hub-and-spoke topology because it’s relatively easy to implement and requires only one VPN connection between each remote site and the hub. However, the hub-and-spoke model has a “single point of failure” — if headquarters loses connectivity, the entire VPN fails. It also creates latency because all traffic is traveling through a single chokepoint. Remote locations are unable to access multiple data centers, or collaborate with one another.

The full mesh topology eliminates the single point of failure, reduces latency and is capable of handling larger amounts of network traffic. However, a full mesh VPN traditionally has been expensive to set up due to the hardware required for each remote site. If not designed properly, the WAN will not route traffic in the most efficient manner. Full mesh VPNs are also highly dynamic and complex to maintain using legacy tools.

SD-WAN simplifies all of this by automatically establishing and configuring each VPN connection. A mesh of virtual links is created dynamically and layered on top of the physical WAN infrastructure. With IQS, a site can be set up with a single click and managed through a centralized, cloud-based console.

InSpeed’s SD-WAN solution is cost-efficient as well. Everything is handled by a small, onsite appliance that self-configures and automatically connects to the InSpeed cloud. It’s plug-and-play simple and so inexpensive that it can be used by employees who work from home. IT teams don’t have to worry about support headaches associated with legacy VPN technologies.

Many organizations are finding that the traditional hub-and-spoke VPN topology no longer meets their operational requirements. InSpeed makes it easy to set up and administer a full mesh, site-to-site VPN, ensuring robust security over any Internet connection.

Why Organizations Don’t Want SD-WAN Offered by Their ISP or Telco

Lock in is just one issue with getting SD-WAN from your carrierEarly adopters have found that getting SD-WAN services from their phone or Internet carrier doesn’t deliver the biggest bang for the buck. A recent Gartner survey unveils the problems for those looking at SD-WAN offerings.

The software-defined WAN (SD-WAN) market continues to grow at a phenomenal pace. SD-WAN solutions only started coming on the market in 2015, but the technology was already seeing mass adoption in 2017. Gartner predicts that 2018 and 2019 will be key years for growth as early adopters continue rapid uptake of the technology.

With a market this hot, many vendors are jumping on the SD-WAN bandwagon. Back in 2015, all SD-WAN deployments were “do-it-yourself”—the organizations purchased, implemented and managed the technology. By early 2016, managed services providers (MSPs) had begun offering SD-WAN services, and by mid-2016 traditional telecom carriers and Internet service providers had introduced SD-WAN products. Research firm IDC has predicted that by 2020 the majority of SD-WAN services will be provided by the companies that sell phone and broadband.

Often it appears that getting another service from a vendor you’re already paying is easy and convenient. They may even bundle the product in with phone or Internet, suggesting there is a discount.

Do Customers Want to Get SD-WAN from Their ISP or Phone Carrier?

But is that what customers want? A recent Gartner survey says it’s not. Only 30 percent of U.S. respondents said they preferred SD-WAN delivery through a carrier or network service provider. Most (37 percent) preferred to obtain services through the SD-WAN vendor, and 30 percent preferred a non-carrier provider such as an MSP or systems integrator.

The reasons for these preferences become obvious when you consider the top drivers for SD-WAN adoption. Organizations implement SD-WAN to gain increased availability, performance and agility while reducing WAN transport costs. Buying SD-WAN from a carrier is not going to give them the flexibility they’re looking for, and likely won’t provide the cost savings they’d get with an independent solution.

Carriers and some MSPs embed an SD-WAN service in a larger solution and make it look inexpensive. However, these SD-WAN offerings are more complex and expensive in the long run once you include installation, configuration of the rules and ongoing management of those rules.

[epq-quote align=”align-right”]Carrier-bundled SD-WAN often costs more in the long run once you include installation, complexity and configuration of the rules and ongoing management of those rules.[/epq-quote]The perceived challenges associated with SD-WAN offer another perspective:

  • Almost half (48 percent) of Gartner survey respondents were concerned about the lack of visibility into the operations of the service provider.
  • 48 percent were concerned about service provider lock-in.
  • 43 percent about lack of control over the SD-WAN solution.

Even if the ISP provides a bundled discount, SD-WAN offerings are not going to solve those problems.

Addressing the Problems Created by SD-WAN Resold by ISPs/Telcos

When organizations purchase services through an SD-WAN vendor, the WAN transport layer becomes commoditized. Customers can mix and match carrier services such as MPLS with broadband Internet, 4G/LTE wireless and even satellite technologies. Within these categories the services are interchangeable, giving customers the flexibility to obtain the best connectivity at the best price.

InSpeed’s SD-WAN solution goes even further. InSpeed Quality Service (IQS) installs on your existing network—no waiting for your carrier or ISP to install a new circuit and hit you with special charges. You don’t have to worry about changes in the network and IP addresses causing issues with your service. Simply plug in the InSpeed appliance and IQS automatically prioritizes interactive traffic and optimizes bandwidth over any connection. You gain:

  • high-quality voice and video conferencing
  • guaranteed application performance
  • the cost advantage of avoiding a carrier-class circuit
  • real-time visibility into ISP performance and site or data center issues

Our unique Control Center provides graphic visibility of the ISP’s performance, making service calls simple because you can easily and accurately describe the issue to the ISP. You’ll see exactly how your circuits are performing and how IQS is responding to changing traffic conditions. The big win is visibility into the ISPs performance and the ability to triage an issue among site, ISP, or data center

InSpeed does not charge for bandwidth or require a second connection. If you want to install an additional connection for business continuity it’s as easy as a song—simply add a low-cost 4G/LTE modem to be used only for network failover.

Unlike other SD-WAN services, InSpeed is self-managing, and operation and maintenance are included. No IT time is required to make modifications to the service or keep it working properly. Plus, InSpeed provides a secure network, so there is no need to add a separate firewall or VPN.

The benefits of SD-WAN are well documented but a lot depends on the service provider you select. Early adopters have found that telco SD-WAN services fail to deliver the best value. InSpeed provides an independent solution that’s highly effective, cost-efficient and easy to use.

Contact one of our sales specialists to answer all your questions about SD-WAN.