The Easiest, Most Cost-Efficient Way to Set Up a Full Mesh VPN

The Easiest, Most Cost-Efficient Way to Set Up a Full Mesh VPN

As organizations connect branch locations directly to the Internet — rather than backhauling Internet traffic to headquarters over multiprotocol label switching (MPLS) services — they need to ensure the security of those remote site connections. InSpeed Quality Service (IQS) establishes a virtual private network (VPN) to protect company data as it travels over the Internet.

IT pros talk about using VPN tunnels to transmit data securely from one point to another. The word “tunnel” is used as a metaphor for a private pathway through an unsecured network such as the Internet. The tunnel is created using encryption to encapsulate the data packets. Because the data is encrypted, only the designated recipient can read it.

Organizations set up VPNs to connect two or more sites to one another, or to allow remote users to securely access company resources. There are three primary VPN topologies:

  • Point to point: This is the simplest form of VPN, in which one site connects to another. The VPN is set up and configured at each endpoint.
  • Hub and spoke: Each remote site is a “spoke” that connect to the headquarters “hub” via a separate VPN tunnel. The remote sites communicate with one another by going through headquarters.
  • Full Mesh: All sites are connected to one another. This is the most complex VPN topology, but also the most flexible and reliable.

Organizations have traditionally used the hub-and-spoke topology because it’s relatively easy to implement and requires only one VPN connection between each remote site and the hub. However, the hub-and-spoke model has a “single point of failure” — if headquarters loses connectivity, the entire VPN fails. It also creates latency because all traffic is traveling through a single chokepoint. Remote locations are unable to access multiple data centers, or collaborate with one another.

The full mesh topology eliminates the single point of failure, reduces latency and is capable of handling larger amounts of network traffic. However, a full mesh VPN traditionally has been expensive to set up due to the hardware required for each remote site. If not designed properly, the WAN will not route traffic in the most efficient manner. Full mesh VPNs are also highly dynamic and complex to maintain using legacy tools.

SD-WAN simplifies all of this by automatically establishing and configuring each VPN connection. A mesh of virtual links is created dynamically and layered on top of the physical WAN infrastructure. With IQS, a site can be set up with a single click and managed through a centralized, cloud-based console.

InSpeed’s SD-WAN solution is cost-efficient as well. Everything is handled by a small, onsite appliance that self-configures and automatically connects to the InSpeed cloud. It’s plug-and-play simple and so inexpensive that it can be used by employees who work from home. IT teams don’t have to worry about support headaches associated with legacy VPN technologies.

Many organizations are finding that the traditional hub-and-spoke VPN topology no longer meets their operational requirements. InSpeed makes it easy to set up and administer a full mesh, site-to-site VPN, ensuring robust security over any Internet connection.

Partly Cloudy with SD-WAN Likely

a single cloud over a tree, to go with our partly cloudy SD-WAN metaphor

The Forecast Predicts SD-WAN in Your Business’s Future

a single cloud over a tree, to go with our partly cloudy SD-WAN metaphor
RightScale reports that most organizations are using at least one cloud app.

dowload a printable PDF of this article

It’s hard to find an organization these days that isn’t using some kind of public cloud service. In fact, the RightScale 2017 State of the Cloud Report finds that organizations have implemented 1.8 public clouds on average and are experimenting with 1.8 more.

That’s putting increased pressure on the WAN, which must provide a secure, reliable connection to cloud-based applications and data. However, many enterprise WANs are built on decades-old technologies such as multiprotocol label switching (MPLS). They’re expensive, and they don’t work well with the cloud.

That leaves organizations with a couple of options. They can deploy broadband Internet links alongside MPLS to provide cloud access, but that’s only going to increase WAN costs. A better alternative is to implement SD-WAN, which gives you the quality and availability of MPLS over inexpensive Internet connections.

SD-WAN is the only real choice for today’s cloud and mobile environment. And InSpeed is the only SD-WAN solution that was purpose-built for cloud-based and interactive applications. You get faster cloud access and high-quality voice and video conferencing over any Internet connection, every time. If there are clouds on your horizon, give InSpeed a call: (650) 597 6430.


For more stories like this, follow us via RSSLinkedIn, Twitter, or Facebook.