The Need to Rethink the WAN

(1)

The Need to Rethink the

WAN

(2)

Introduction

In the past few decades, technology advances in the Internet, cloud computing, virtualization, and other technologies have proceeded at a brisk pace. During that same time, however, traditional service providers have not deployed new WAN services based on technologies that are a successor to the currently used MPLS. In fact, WAN technologies in use in most branch offices today have changed little, if at all, since the 1990s.

Changing business and technology environments are driving the need for a new WAN technology paradigm. Factors pushing this drive for change include growth in the number of branch offices and the cost and complexity to support them; increasing use of cloud-based applications, particularly for business-critical processes; and the ever-increasing growth of WAN traffic.

The goal of this white paper is to explore some WAN characteristics, limitations and some new approaches better suited to supporting fast-changing business and technology environments.

Challenges for Branch-Office Networking

Network organizations are caught in the grips of a vise. On one side of the vise is the need to support a growing number of branch offices, the increase in mobile workers and the accelerating adoption of cloud computing. Plus, they must do all of this while ensuring acceptable performance for the company’s business-critical applications. On the other side of the vise, network organizations are constrained by the current set of WAN services and the characteristics of those services; e.g., high cost, inadequate uptime, packet loss, long lead times, complexity and security concerns.

Business and technology are changing in ways that significantly impact the WAN. These changes include the growing number and importance of branch offices; the impact of poor application performance; the

increasing adoption of mobility; and the proliferation of cloud computing.

THE GROWING NUMBER AND IMPORTANCE OF BRANCH OFFICES

As explained in a recent blog1_{, branch offices are growing in number and in importance because they provide}

significant business value. Part of this business value arises because many customers prefer to interact with a person instead of a computer, and part is because a company’s branch offices generate significant

marketplace awareness for the company.

One of the key requirements associated with growth of branch offices is the need to get new branch offices up and running quickly. As discussed below, this trend is in conflict with one of the limitations of MPLS: the long lead time associated with implementing new MPLS circuits.

Branch offices also face a growing cost of the requisite WAN bandwidth as well as an increasing number of branches that need to be supported. Additionally, whereas components of IT such as CPUs, memory and

(3)

LAN bandwidth follow Moore’s Law, traditional WAN services do not. And as discussed below, WAN traffic continually increases over time.

To illustrate the cost of running a WAN to support a company’s branch offices, consider a hypothetical company named GottaGrow. GottaGrow currently has 100 branch offices, which connect to the corporate data center using MPLS. Each of GottaGrow’s branch offices has a T1 access link with an average cost of $750/month.

Consider two growth scenarios. In scenario #1, GottaGrow adds 20 branch offices. The cost for just the 20 WAN circuits is $15,000 per month, which results in a three-year cost of $540,000 for these new circuits. In scenario #2, GottaGrow doesn’t add any new branches, but due to growing traffic volumes, GottaGrow’s network organization adds another T1 access circuit into each branch office. In this scenario, the cost for just the new WAN circuits is $75,000 per month. This results in a three-year incremental WAN cost of

$2,700,000 and a three-year cost of $5,400,000 for all of the WAN circuits.

These two growth scenarios are realistic given the overall trend of increased network traffic. For example, The 2014 State of the WAN Report2_{included the results of a survey in which respondents were asked how}

much change their company will make over the next year in the volume of WAN traffic running on their MPLS network and the volume of traffic they send and receive from the Internet. Their responses are shown in Table 1.

MPLS Internet

Down by more than 25% 4.3% 1.0%

Down 1% to 25% 7.7% 5.3%

No Change 35.3% 35.3%

Up 1% to 25% 24.2% 33.8%

Up 26% to 50% 5.3% 9.7%

Up by 50% or more 6.8% 4.8%

Don’t Know/Not Applicable 16.4% 10.1%

Table 1: Anticipated Change in WAN Traffic by Service

The data in Table 1 demonstrates the well-known fact that network traffic in general, and WAN traffic in particular, tends to increase over time. This ongoing increase in traffic causes network organizations to continually add WAN capacity and hence continually increase cost.

IMPACT OF POOR APPLICATION PERFORMANCE

On an ever-increasing basis, companies run their business-critical applications over the company’s WAN. If the company’s WAN is not performing well, neither are those business-critical applications.

(4)

In another survey question in The 2014 State of the WAN Report, respondents were given a number of possible ramifications and were asked to indicate the two that best applied to their company if one or more of their business-critical applications were not performing well. Their responses are shown in Table 2.

Ramification Percentage of Respondents

The CIO gets pressure from their boss or from the related business unit manager

44.4% It tarnishes the reputation of the IT

organization

43.5%

The company loses revenue 38.2%

The company may not be able to make regulatory requirements

14.0%

The company loses customers 13.0%

The company receives negative publicity in the press

7.2%

Table 2: Impact of Degraded Performance

The data in Table 2 highlights that when poor WAN performance leads to a company’s business-critical applications not performing well, it has a dramatic negative impact on both the business and the IT organization.

MOBILITY

In the traditional IT environment that was prevalent a few years ago, end users resided in a corporate office, and the applications and data the users needed to access were housed in a corporate data center. While that traditional IT environment still exists, a different IT environment is becoming increasingly common, in part, to support the growing number of users who are mobile. One of the many concerns related to mobile-user support is the changing nature of the applications these users access. At one time, mobile users primarily accessed either recreational applications or applications that were not delay-sensitive, such as email. However, in the current environment mobile users also need to access a wide range of business-critical applications, many of which are delay-sensitive.

An example of the growing interest in mobility in general, and in guest Wi-Fi in particular, comes from the retail industry. In a recent blog3_{, Cisco identified a number of factors driving the growing use of guest Wi-Fi.}

According to Cisco, one of the factors is that “Guest Wi-Fi is a key enabler of in-store multi-channel

initiatives to interact with consumers on mobile devices. It enables the retailer to provide guests with an avenue for Internet access, product research, and broader access to the retailer’s website and mobile applications, which can often be richer and more personalized than what can be offered in-store. Cellular

connections can also provide this access, but coverage is typically poor inside most retail stores. Wi-Fi is preferred over cellular because it is owned and operated by the retailer, and provides reporting insight into consumer behavior and rich business analytics including mobile platform usage, web destinations, and

(5)

product research. These analytics allow retailers to better understand consumer desires, tailor in-store product assortments, focus marketing campaigns by location, personalize marketing and promotions to individual shoppers, and quickly identify changing consumer and market trends to allow faster adaptation.”

The 2014 Application and Service Delivery Handbook4_{included the results of a survey in which respondents}

were asked how important it is for their IT organization over the next year to get better at improving the performance of applications used by mobile users. Their responses are shown in Table 3.

Improving the Performance

Extremely Important 22%

Very Important 33%

Moderately Important 29%

Slightly Important 11%

Not at all Important 6%

Table 3: Importance of Getting Better Delivering Mobile Applications

More than half of the survey respondents indicated that it was either extremely important or very important for their organization to improve the performance of applications used by mobile users. This result highlights the need for network organizations to focus on how a change in their WAN can help to achieve this

important goal.

CLOUD COMPUTING

Cloud computing is growing in popularity because it provides organizations with faster access to applications and services while reducing the cost of those applications and services. While the initial adoption of cloud computing was driven by small and medium-sized businesses, today businesses of all sizes utilize cloud. The most popular form of cloud computing, often referred to as public cloud, focuses on organizations acquiring applications and services from Software-as-a-Service (SaaS) and Infrastructure-as-a-Service (IaaS)

providers. In December 2013, IDC issued a number of technology predictions for 20145_{. One of those}

predictions was that spending on cloud computing, including cloud services and the technology to enable these services, will exceed $100 billion in 2014.

The preceding discussion of mobility mentioned that a key characteristic of the traditional IT environment prevalent a few years ago was that the applications and data that the users needed to access were housed in a corporate data center. With the ongoing adoption of public cloud computing, that scenario is no longer true, as companies continue to access services and applications provided by a public cloud provider. This is challenging in part because it will rarely be possible for a company to use its MPLS network to provide connectivity to SaaS and IaaS vendors; in those instances in which it is possible, it is highly inefficient.

4_{http://www.webtorials.com/content/2014/06/the-2014-application-service-delivery-handbook.html}

5

(6)

The Limitations of Traditional WANs

As documented in The 2014 State of the WAN Report

,

t

he primary concerns that IT organizations have relative to the use of MPLS are cost, uptime and the length of time it takes to implement new circuits. The cost concerns around MPLS are understandable given the previous examples of what it would cost GottaGrow to add WAN capacity. These costs also partially explain IT organizations’ concern about the uptime of MPLS. For example, if GottaGrow wanted to add a second T1 access line into each of its branches to increase network availability, it would cost $2,700,000 over three years just for the extra circuits. In addition, unless GottaGrow spent additional money to guarantee diverse routing, most likely all of its access circuits would utilize the same conduit coming out of each branch office. As a result, it is highly questionable how much the additional circuits would increase uptime.

As was also documented in The 2014 State of the WAN Report, the primary concerns that IT organizations have relative to the use of the Internet are security, uptime and packet loss. These concerns also are

understandable. For example, while packet loss can occur in either an enterprise WAN or the Internet, it is more likely to occur in the Internet. This is partly the result of the Internet business model, which dictates that the only service providers to make money from the Internet are the providers of the access links. One of the effects of that business model is that there tend to be availability and performance bottlenecks at the peering points. The fact that the Internet is a network of networks also explains why no service provider offers an SLA for use of the Internet that includes either availability or performance.

Another issue with the current WAN environment is that the traditional approach to providing Internet access to branch office employees has been to backhaul that Internet traffic on the organization’s enterprise network (e.g., their MPLS network) to a central site where the traffic was handed off to the Internet. The advantage of this approach is that it enables IT organizations to exert more control over their Internet traffic, and it

simplifies management in part because it centralizes the complexity of implementing and managing security policy. One disadvantage of this approach is that it results in extra traffic transiting the enterprise WAN, which adds to the cost of the WAN. Another disadvantage of this approach is that it usually adds additional delay to the Internet traffic. Because of the impact on application performance, the disadvantages associated with backhauling Internet traffic have a particularly negative impact on traffic that is destined for SaaS providers.

Another limitation of the traditional approach to designing a WAN is complexity. As pointed out in an article in TechTarget6_{: “Today, organizations have an average of 6.1 products per branch, according to Nemertes}

Research. Purchasing, integrating, maintaining, and managing appliances such as routers, switches, and firewalls is expensive and time consuming. To ensure that these products are integrated with corporate IT, branch offices are no longer left to design and implement their own ad-hoc network infrastructure and applications. However, it is costly for enterprises to build and staff these branch-networking infrastructures in order to provide performance that is comparable to that at headquarters. The more boxes, the more complex and difficult it becomes to manage them and to integrate the local network with centralized IT. Operational costs are high, and there are multiple points of failure.”

(7)

The costs mentioned in the preceding discussion of the cost for GottaGrow’s branch office WAN were the costs only of the WAN circuits. Those costs don’t reflect the complexity associated with operating a branch office network that was highlighted in the TechTarget article. In an attempt to avoid this complexity, many IT organizations outsource their branch-office networks. However, a recent InformationWeek article7_pointed

out the well-known fact that many outsourcing arrangements fail.

Implementing a New Approach to Wide Area Networking

What can network organizations do to get out of the grips of the vise that currently squeezes them between the requirements of branch offices and the constraints of current WAN technologies? IT organizations need to implement the approach to wide-area networking that is depicted in Figure 1.

Figure 1: A Hybrid WAN

The WAN that is depicted in Figure 1 is referred to as a hybrid WAN because it has multiple access links, each of which uses a different WAN service. As previously discussed, one of the business challenges facing network organizations is supporting the growing use of cloud computing. While that is clearly a challenge, it

(8)

is also an opportunity because of the development of new cloud-based networking functionality often referred to as Network-as-a-Service89_.

Using the Network-as-a-Service model, the hybrid WAN of Figure 1 can eliminate complexity by having cloud-based configuration, real-time monitoring and the easy provisioning of a range of L4 – L7 services — including performance-related functionality such as QoS and link optimization as well as security

functionality such as stateful and application-aware firewalls. To support these L4 – L7 services on an end-to-end basis, some type of device will be necessary at each edge of the network. However, to ensure that this new approach to designing a WAN doesn’t have the same complexity as the traditional design, it is critical that this edge device be zero-touch.

There are many ways to construct a hybrid WAN. One option is to have two connections to the Internet that are provided by different ISPs and that use diverse access such as DSL and 4G. This approach enables an IT organization to easily and quickly add inexpensive Internet bandwidth while eliminating concerns about both uptime and backhauling Internet traffic.

Another way to construct a hybrid WAN is to have one WAN link be a connection to an MPLS service and to also have one or more Internet links. This approach enables the IT organization to dynamically send selected traffic over the expensive MPLS circuit and the rest of the traffic over the Internet link(s). This approach also allows IT organizations to eliminate concerns about uptime while sending traffic that is

destined for the Internet, such as traffic that is heading to a SaaS or an IaaS provider, directly to the Internet. To understand how the hybrid WAN depicted in Figure 1 eliminates the concerns about uptime, consider the situation in which there are two access links, one of which is a terrestrial MPLS circuit and the other an Internet circuit that runs over a 4G connection. For the sake of example, assume that the MPLS link has an uptime of 99.9% and the Internet link has an uptime of 99%. Because these two access links are diversely routed, the uptime of the combined access is 99.999%.

To understand how the hybrid WAN depicted in Figure 1 can create low-cost, business-class Internet connectivity, consider the situation in which there are two or more Internet links provided by different ISPs. If the hybrid WAN has the ability to both continually monitor link and path quality and then to dynamically steer application traffic over the most appropriate link and path, Internet connections can achieve the same performance as an MPLS circuit combined with the price-performance advantages of broadband.

8_{http://en.wikipedia.org/wiki/Network_as_a_service}