SASE Work from anywhere

Guest Post: Five Key Network Requirements for Working at Home

By Lee Doyle, Sponsored by VMware

The explosion of work from home (WFH) has created the need for an enterprise grade network connectivity solution. To ensure a seamless office-to-home transition, employees need an IT environment that closely duplicates the experience they would have in the office. According to a recent survey by market research firm TBR, going forward more than half of workers will work either remotely full time or hybrid (split between office and home) – see Figure 1.

Ensuring an excellent application experience is the primary way to meet productivity requirements for employees at home.  Unfortunately, access to business applications is often degraded by unpredictable and overloaded internet broadband connections.  

IT organizations are charged with delivering a secure, quality experience for all employees.  Legacy VPN solutions are challenging to use, difficult to troubleshoot and do little to enhance the quality or security of cloud-based applications. They need tools to remotely monitor the health and security of remote connections independent of their location.  They need networks that are easy to provision, self-healing, and efficient to troubleshoot.

VMware WFH solutions based on VMware SD-WAN™ are a proven option to enable a highly productive work from anywhere strategy. VMware SD-WAN is a foundational component of the VMware SASE Platform™. SD-WAN is an intelligent overlay on existing physical networks such as broadband circuits and wireless 4G/5G LTE. Leading enterprises have already successfully deployed thousands of their remote workers with SD-WAN/SASE (secure access service edge) technology.

Here are the five key requirements for successful at-home networks for the remote workforce:

1. Uninterrupted Connectivity: Resiliency and Redundancy

Employees require a high-quality application experience at all points during their workday. They need to access corporate-based applications, utilize SaaS applications based in the cloud, and leverage real-time voice and video calls for their meetings.

Internet broadband services provide widely variable quality which is typically unpredictable. Home connections continue to experience network performance issues such as latency, packet loss and jitter – resulting in poor application performance, inability to access data, and exasperating degradation of voice/video quality in important meetings.

SD-WAN technology deployed at home is designed to alleviate the challenges of disrupted Internet connectivity. It offers application prioritization, accelerated on-ramps to leading SaaS applications, and dramatically improves real time voice/video quality. It can be deployed with highly reliable active-active or active-passive link mode to automatically transition to a cellular 4G/5G connection if the broadband Internet is degraded.

2. Enterprise Grade and Consumer Simplicity

Home-based networking solutions must be simple to install by non-technical personnel. The sheer number of employees and their ratio to IT teams makes it impractical to have technical personnel on-site or to provide remote supervision. Solutions should automatically adjust to changing network conditions to provide for application optimization.

The SD-WAN at home solutions need to be quick to install with plug and play zero touch provisioning. IT teams can remotely install templates with appropriate application access and robust security. Centralized management and orchestration combined with cloud-based intelligence provides proactive troubleshooting and greatly reduces trouble tickets.

3. Robust Security with SASE

Security vulnerabilities are an unwelcome fact of life for enterprise organizations. They are constantly fighting against malware, DDOS attacks, ransomware, and the requirement to protect their sensitive (customer) data.

Home networks increase the attack surface on the enterprise. Wi-Fi routers have hundreds of known vulnerabilities. Home users are susceptible to phishing attacks, malware download and password theft.

The SD-WAN platform provides robust edge security – including cloud-delivered SASE capabilities. Centralized, cloud-based policies can be applied to inspect the network traffic and apply appropriate security services (e.g., firewall, data loss prevention, URL filtering, etc.) based on zero trust principles. SD-WAN provides secure, encrypted tunnels to the cloud and the ability to integrate with third-party security services.

4. Optimized for Real Time Voice and Video Communications

Employees at home rely on unified communications (UC) such as VoIP and video for internal and external communications and are highly reliant on the quality of their Internet connection. Any disruption (slowdown, increased latency or jitter) can make UC applications unusable or unprofessional.

SD-WAN monitors current traffic conditions and can reroute traffic to improve the quality of the UC experience. It optimizes connectivity to the “best” on-ramp for cloud-based voice and video communications. With optional cellular back-up (or dual Internet circuits), SD-WAN will automatically switch real-time communications to the optimal WAN connection.

5. Privacy and Segmentation

For privacy and compliance reasons, business traffic should be segmented and isolated from personal and other home users’ access to the Internet. European privacy regulations now mandate this segmentation.

SD-WAN can assign users and their associated devices to a private virtual LAN. This VLAN ensures that traffic from these appliances will go directly to the internet and provides privacy for the home users’ traffic (no flow data is collected or stored for private segments).

Work from Home Solutions from VMware

VMware offers Secure Access and SD-WAN Work From Home solutions to help enterprises provide an optimized experience for their remote employees.

VMware Secure Access™ combines VMware SD-WAN and VMware Workspace ONE to provide remote workers secure access to on-premises, cloud and SaaS applications.

VMware SD-WAN delivers a secure access service edge platform that combines SD-WAN with comprehensive security options embracing cloud and SaaS. Additionally, it delivers optimized network connectivity, assured application performance and security. VMware SD-WAN provides operational simplicity by providing centralized monitoring, analytics, and control combined with artificial intelligence to simplify operations.

VMware SD-WAN is easy to install and provides link remediation along with outage protection. It offers quality of service to automatically prioritize business-critical traffic like Zoom, Office 365 and other critical applications. Optional LTE is provided as a backup solution to enhance the QoS of business-critical applications.

Leveraging Dynamic Multipath Optimization™ (DMPO), WAN traffic is continually monitored and optimized in real time to allow for intelligent traffic steering. This means that WAN traffic is routed to its destination over the most efficient path possible. VMware SD-WAN has entry points to all of the major public clouds, service providers, and major data center players using their network of hosted gateways.

Furthermore, VMware’s Edge Network Intelligence helps IT teams proactively manage the client experience with AIOps for all end user device performance and security across their wireless and wired LAN, SD-WAN and SASE.  Figure 2 illustrates the performance benefits of VMware SD-WAN.

Figure 2:  Evaluation of SD-WAN Performance by Tolly Group – Custom Benchmark Study for VMware and Intel

Video – WFH with VMware SD-WAN

SD-WAN at Home: Customer Examples


VMware has made its SD-WAN at home solution available to virtually all of its 32,000+ employees. Its IT team reports that SD-WAN has helped to break down significant barriers for colleagues who work remotely. The result is greater control, reliability, and overall productivity thanks to enterprise-grade application performance, quality and security.

The IT team observed an 88 percent mitigation of partial outages during the initial deployment—roughly six hours of partial-outage mitigation per colleague, per month. In addition, outages were eliminated for colleagues using multiple ISPs.

Large U.S. Insurance Firm

During 2020, a large U.S. insurance firm deployed VMware SD-WAN at home to 15,000+ of its agents and other employees who were now working remotely. The roll-out was rapid, smooth and provided significant improvements in home-based productivity including:

  • 86% decline in support incidences
  • 90% reduction in network performance issues

MD Anderson Cancer Center

MD Anderson is a leading U.S. cancer research center. During the current pandemic, it had many of its leading specialists (e.g., radiologists) working from home on a full-time basis. It needed a secure, reliable networking solution to enable its specialists to access very large files for diagnosis. VMware SD-WAN enabled them to remain fully productive for 2020 and onwards while working at home.

Conclusions and Recommendations for IT Executives

The software-based intelligence of SD-WAN provides IT organizations and service providers with a flexible platform to deliver advanced WAN services.  SD-WAN provides for rapid deployment with a “plug and play” architecture while enabling work from home users to leverage high speed Internet circuits and 5G to meet increasing bandwidth requirements.

Delivering a high-quality user experience is paramount for IT organizations. SD-WAN technology identifies applications and can apply granular prioritization to make sure critical applications receive the bandwidth they require. Organizations have found that SD-WAN significantly improves the responsiveness of applications such as Office 365, SaaS and real-time UC.

SD-WAN enables “zero touch deployment” where an appliance is shipped to the branch or home of the end user, plugged in to AC power and the Internet, and configured remotely by a centralized console. Ease of installation and the ability to pre-set templates for configuration for dozens or hundreds of branches provides smooth, rapid SD-WAN installation at a home or remote office.

Security integrated with SD-WAN technology enables organizations to safely leverage insecure Internet links. SD-WAN platforms employ SASE, cloud-based intelligence to address direct security threats and identify changes in traffic flows that indicate potential data loss.

Many organizations have already successfully deployed SD-WAN technology to the home-based workforce to increase productivity, improve security and reduce demands on scarce IT resources.  As organizations plan for a (likely) future of a distributed workforce they should leverage SD-WAN to meet these new requirements.

Meet the Author

Lee Doyle is the Principal Analyst at Doyle Research, providing client-focused targeted analysis on the Evolution of Intelligent Networks.  He has over 25 years’ experience analyzing the IT, network, and telecom markets.  Lee has written extensively on such topics as SDN, NFV, enterprise adoption of networking technologies, and IT-Telecom convergence. Before founding Doyle Research, Lee was Group VP for Network, Telecom, and Security research at IDC. Lee contributes to such industry periodicals as Network World, Fierce, and Tech Target.  Lee holds a B.A. in Economics from Williams College.


Leave a Reply

Your email address will not be published. Required fields are marked *