It’s no secret the public cloud is growing. According to Gartner, the global public cloud market is expected to grow 17.3 % this year. And it’s also no secret that as more applications move to the cloud, significant changes are hosted onto the WAN.
With the cloud, most traffic is bound for the Internet, making backhauling to a centralized location for security inspection less practical. And with the cloud, users access applications in and outside of the office. All of which means security enforcement must adapt to these changes, providing secure, direct Internet access from the branch as well as protecting mobile users. SD-WAN appliances are ill-suited to address these changes.
But what if instead of appliances, we used the cloud to solve the problem of the cloud? You’d have access from anywhere and security everywhere. You’d have one solution for mobile and fixed users, infinitely scalable as all good clouds are. Sounds like a good idea, but practically how’s that done? Let’s find out.
Benefits of cloud-based networking
There are a few simple reasons that appliance-based SD-WAN solutions aren’t “good enough” for the modern WAN: they become too complex and inefficient at scale and they struggle to meet the demands of cloud and mobile.
For example, most appliance-based SD-WAN require enterprises to layer security in themselves. The problem is the integration of enterprise-grade security appliances is complex and often requires costly proprietary hardware. Similarly, optimizing the performance of cloud services or providing support for mobile users can prove to be complex with appliance-based SD-WAN.
Cloud-based networking makes it simple to address these challenges in a secure and scalable fashion. For example, as opposed to buying a next-generation firewall (NGFW) appliance, NGFW functionality can be provided using cloud-based, software-defined services from a cloud service provider.
If you understand the standard cloud delivery model and how different network appliances work, understanding the cloud-based networking concept is simple. Service providers aggregate resources and provide them, usually in a multi-tenant model, to consumers. This creates economies of scale that create a win/win for consumers and providers.
The benefits to enterprises in the cloud-based networking model are elasticity, velocity, flexibility, fewer resources dedicated to the installation and management of network hardware, and the elimination of upfront costs.
Simply put, cloud-based networking allows enterprises to offload the complexity of maintaining network infrastructure to a service provider. When you consider the staff and expertise needed to configure routers, switches, and firewall appliances at the enterprise-level, the upside becomes clear. Additionally, cloud-based networking makes it possible to access and manage network resources from effectively anywhere with an Internet connection.
Cloud-based networking and SD-WAN
SD-WAN is one of the services commonly enabled by cloud-based networking. For example, Cato Cloud is built using a cloud-native architecture. This means that users benefit from SD-WAN features like dynamic path selection, QoS, active-active link usage as well as an underlying network infrastructure purpose-built for the cloud.
Appliance-based SD-WAN requires the management and integration of proprietary appliances to add security & mobile support, and expensive premium cloud connectivity solutions like AWS Direct Connect for optimized cloud connectivity. With Cato Cloud, all of those benefits are built-in to the underlying cloud-based network.
From a security perspective, the Cato network includes an application-aware NGFW, anti-malware functionality, secure web gateway, and IPS built-in. As all these features are included in the underlying cloud-based network, they’re inherently more scalable and easier to manage than the old, appliance-based paradigm. As opposed to provisioning discrete appliances at each site or routing all WAN traffic back through a single location for auditing, enterprises have the security they need baked-in to the WAN. Not only does this make configuration and management much easier, it reduces the chances for a misconfiguration or oversight to create vulnerabilities in the network.
Mobile integrations are another major pain point for appliance-based SD-WAN. Often, enterprises are left with two choices when it comes to mobile integrations: enable users to connect via a cloud access security broker (CASB), which increases cost and complexity, or force them to connect through a specific endpoint (often dramatically impacting performance). Increased cost or extremely reduced performance is never an attractive tradeoff for a CIO. This is another area where cloud-native shines. The Cato Mobile Client ensures that mobile users are able to securely connect to the WAN and all physical and cloud resources. No need to sacrifice usability for performance (or vice versa) with cloud-native.
Additionally, intelligent cloud-native software that is part of our cloud-based network helps deliver the uptime enterprises demand. Features like self-healing help address service blackouts and brownouts. On the topic of uptime: the Cato Cloud includes an SLA-backed private backbone consisting of PoPs (Points of Presence) around the world. Multiple Tier-1 ISPs support the backbone, and if a given carrier fails, monitoring software helps ensure traffic is sent over a different ISP or even through another PoP. This robust backbone coupled with advanced software monitoring and self-healing allow us to provide the consistency and reliability enterprises demand on a global scale.
Cloud integrations are another area where cloud networking with the Cato Cloud outstrips appliance-based SD-WAN. With appliance-based SD-WAN, users are often dependent upon public Internet connections. The public Internet is notoriously unreliable, and when data needs to traverse long distances to reach a cloud service provider, latency can create real performance issues. As services like UCaaS and high-definition video streaming become more popular, these problems are exacerbated further. With Cato Cloud, PoPs are often in the same physical datacenters as major cloud service providers. This means that network traffic can egress at the PoP nearest to the provider, reducing latency to trivial levels.
Converged cloud networking matters
The reason cloud-native is able to consistently outperform solutions like appliance-based SD-WAN (the model most telco-managed solutions use) is simple: converged infrastructure is more efficient. Cloud-native solutions provide enterprises with a holistic, robust approach to the WAN. Security, high availability (HA), routing, mobile integrations, and SD-WAN functionality are delivered under one roof. With an appliance-based approach, complex integrations are required to achieve similar functionality which leads to increased costs and difficulty scaling. In an area where agility is more important than ever, this makes cloud networking and converged infrastructure much more attractive than an appliance-based approach.