A global software solutions company with 50 offices in over 30 countries is migrating all of its workloads to the cloud. Supporting the application demands of over 10,000 employees, the company is fully embracing public cloud infrastructure to deliver fast and cost effective access to business applications including customer-facing applications and accompanying back-end systems.
The software firm undertook a holistic approach to digital transformation including adopting latest technologies in artificial intelligence, machine and deep learning capabilities to power the initiative. The core applications such as digital and creative applications, content marketing and document management systems were supported by three best-in-class cloud-based solutions.
With business applications predominantly in the datacenter, the branch users accessed the corporate resources over MPLS based dedicated WAN. The migration to cloud/SaaS applications meant users had to endure additional latency with every click. The hub-and-spoke network architecture over MPLS circuits was expensive and introduced additional challenges connecting to company’s virtual private cloud (VPCs) in AWS and Microsoft Azure infrastructure. The resulting poor performance drove the firm to seek better control of its overlay network and easier connectivity among its sites, and public and private infrastructure.
The traditional router based MPLS WAN no longer was a viable option due to its complexity and cost of the infrastructure. The firm needed a new approach to WAN to support the workload distribution for its multi-cloud environment and high availability of sites. The business leaders also wanted to make every branch office one hop away from any resource it needed to access. This warranted the company to consider application delivery with direct access to cloud/SaaS applications from the branch.
The company needed the flexibility to plug different circuit types into its network fabric, and get direct local Internet access for each branch office. Due to security concerns, the company was backhauling Internet traffic through hub locations, including access to their private instances within VPCs in AWS and Azure. Internet traffic from other countries was taken to the company’s corporate office in California, which degraded the quality of their user experience. The local breakouts introduced new security challenges with increased attack surface.
The direct to cloud access meant increased bandwidth to the branches along with multiple connections to each branch for high availability. This increased complexity of routing appropriate applications on different circuits and managing diverse networks with varying bandwidth across different geographies. The IT organization needed a solution that would allow them to easily manage diverse networks and bandwidth easily from central support centers. Due to the high cost and complexity of maintaining global footprint of offices, the company needed a centralized management solution that offered high degree of automation. This meant that the entire branch office infrastructure had to be evaluated, including network hardware, circuits, security stack, space, power and cooling.
The IT organization conducted extensive research to understand all their options, and tested multiple products in their lab. One of the success criteria for the SaaS/cloud application migration was the four-nines availability of critical services, while reducing cost of service delivery. The enterprise SD-WAN was selected after rigorous research and testing.
The platform included enterprise grade routing stack, full featured SD-WAN and advanced security. The routing stack provided simple integration with the existing underlay network. The SD-WAN function enabled IT to implement policy-based traffic steering. The advanced security with NGFW, IPS/IDS, AV and other state of the art security allowed secure local breakouts. The platform, extensible with REST APIs, allowed the company to begin the process, and integrate their applications, cloud resources and connectivity into the enterprise SD-WAN architecture.
The first phase involved moving the company’s network access layer into the SD-WAN fabric, which meant switching to SD-WAN appliance in each branch office location, and connecting them to the SD-WAN fabric. The firm has completed approximately 90% of its on premises site deployments. The second phase will bring their virtual private clouds into the SD-WAN fabric. The company already has all of their cloud-based controllers inside AWS, with a virtual data center spun up as a branch. One business requirement is to ensure performance of voice and video traffic is of high quality, especially with the company’s transition from MPLS to Internet circuits. With integrated capabilities such as dynamic traffic conditioning and path resiliency features, the enterprise SD-WAN architecture can easily overcome the limitations that are characteristic of Internet circuits.
Before the migration, due to high cost of MPLS, critical sites such as Data Center and support centers had active-passive circuits while the less critical sites such as branches were connected with a single link. After deploying SD-WAN, all locations now have multiple active-active links resulting in higher availability and capacity.
Full stack routing, and enhanced configuration and centralized management has allowed the company to easily migrate legacy sites to the SD-WAN fabric in phases. In fact, outside of pre- and post-testing, the company is able to migrate a branch office in less than an hour.
The SD-WAN fabric has allowed the firm to move from MPLS to multiple lower cost Internet circuits, enabling the company to meet the cost reduction objective. With the enterprise SD-WAN architecture, the organization’s operating cost per site is reduce to just over half the previous average annual spend.
The enterprise SD-WAN architecture has given the firm high availability with multiple circuits, increased bandwidth while managing cost, local Internet connectivity with improved performance, enhanced security at all sites and, multi-cloud connectivity for business applications, resulting in higher quality of user experience.
Selected Country/Language: English