VPN & SDWAN Tips

VPN & SDWAN Tips

SD-WAN

You’ve probably heard of SD-WAN or may even have it already in place. So what’s all the buzz about? As with most emerging technology products, there are always pros and cons to consider, as well as ways to ensure a successful deployment.

Tips

1. What are your needs?

It’s easy to get caught up in the buzz words around SD-WAN, but don’t let those be your decision-makers. First, start with what you are trying to accomplish by using SD-WAN. This could be cost reduction to expanded infrastructure. A good network assessment will be key in making your final decision. Once you have your needs identified, present these to potential providers and make sure they fulfill your needs.

2. Security

As with any network solution, security will be key. There are no standard security features built into SD-WAN, so every company will handle this differently. Typically, security will be provided by endpoint devices such as layer 3 firewall’s. Additionally, companies may provide encryption layers on top of this, such as IPSec VPN. Identifying your security needs will play a significant role in your decision on which provider to use.

Benefits of SD-WAN

1. Best Network Path – SD-WAN can balance down to the application level which network source has the optimal connection rates and direct traffic through that path.

2. Reliability – by using multiple data connections, SD-WAN can ensure you stay connected by using the connection that is currently up and best suited for your needs.

3. Fast Deployment – SD-WAN nodes can configure themselves and use cellular networks if needed to turn up a location quickly while waiting for circuit installs. MAC work can be done within minutes reducing downtime and need for onsite technicians by using cloud services and auto-provisioning.

VPN

Your organization most likely has an advanced firewall in place for network security; with these types of appliances, VPN is almost always available. A VPN can be a cheap but useful option to allow connectivity for your users from anywhere.

Tips

1. Split Tunneling – consider using split-tunneling to reduce the amount of traffic coming back to your network. This option allows you to send only internal traffic back to the site while allowing standard internet traffic to route over the user's connection.

2. Additional Authentication – with VPN, you will need to authenticate, typically with a username and password. Adding another layer of authentication can be useful in protecting your network. RSA keys can be a good option. This generates a key that is required to be entered when connecting. The standard rule of thumb is to pick two of the following three; something you know (password), something you have (SSL Key), or something you can get (RSA Key).

3. End-User Connectivity – Your end-users connectivity will be key to the success of your VPN deployment. If they have lacking internet connections, this can cause issues with applications, file transfer, or even call quality. Training your users to minimize other internet hogging applications such as streaming music or video will be a huge benefit.