GUEST POST: By David Hold, Senior Product Marketing Manager, QOS Networks
The SD-WAN Network Edge will need to encompass home offices for the foreseeable future
Remote work is the recipe du jour, putting great strain on the aging and creaking VPN infrastructure, but many are no doubt asking, what will happen when the current crisis ends? Will everyone be returning to the office, and when could that happen?
We put that question to Lee Doyle, Principal Analyst, Doyle Research, and formerly group vice president in charge of IDC’s network infrastructure and security groups, who has been studying and writing on this issue. “My model says work at home could stabilize at about 30% staying home, easily,” he says, adding that working from home may persist longer than many people realize—at least into 2021–and perhaps longer.
As companies search for cost savings in response to the uncertain economic outlook, reducing office space is an easy place to begin cost cutting. One study showed that by allowing employees to work at home just 50% of the time would save a company on average over $11,000 annually per worker.*
But this new working relationship places unprecedented strain on an enterprise remote access infrastructure that was sized to support a much smaller fraction of the workforce on any given day. Writing in TechTarget recently, Doyle observed that previously, “census data indicated that approximately 5% of the U.S. workforce worked from home all the time, with another 40% working from home occasionally.”
But the COVID-19 situation has fundamentally altered that relationship. “With up to 100% of employees working from home, IT organizations are finding that their remote access and VPN services are difficult to use, hard to troubleshoot, slow, and not necessarily secure.”
Securing the Mobile WAN
For IT teams where 95% of their user base had previously been within the corporate firewall, the crisis forced most office workers to become home workers overnight. Their IT staff was left trying to manage a myriad of potentially unsecured environments.
Consequently, the WAN was forced to become a lot more mobile. Securing the mobile WAN immediately transitioned to become the new operating standard. However, a lot of organizations were left with risks and vulnerabilities. To solve this, the legacy method of backhauling all remote traffic for inspection by a central firewall came back, while split VPN tunneling gave direct access to both the data center hosted applications, as well as direct Internet and cloud breakouts.
These new challenges required a new approach to a permanent problem in a mobile workforce. IT teams are now faced with how to fully extend the security perimeter to all those remote employees, while ensuring performance and providing comprehensive support. In any system, the core tenants need to be protected against ransomware, data loss / leakage / theft, malware and account hijacking, while enforcing encryption.
Alternatively, a more complete answer to the challenges of remote networking, security and application performance is needed. Because, if employees are to be as effective working from home as in the office, they will need applications to perform just as well in any location—at the branch, in the cloud, or the home office. The next generation will integrate a mobile-first methodology that is focused on integrating end-user awareness into the performance, reliability and security conversation
SD-WAN Extends the Edge to the Home
SD-WAN offers the benefits of centralized control of application routing policies and security settings that include encrypted tunnels, stateful firewalls and integration with cloud-based security services. When the end users are distributed away from their branch offices to hundreds or even thousands of home offices, that centralized control becomes essential.
Another key benefit is that cloud gateways can enable end users to access applications directly from the cloud without the performance lag of hair-pinning back through the data center, all while remaining within the security blanket that SD-WAN provides to the remote worker.
In fact, VMware SD-WAN™ by VeloCloud® is one of a few technologies today that can significantly improve application performance over residential broadband access, even when there is just a single access line. And when access is supplemented by a second line or 4G wireless, the VMware SD-WAN Edge can combine traffic over both lines, while prioritizing business-critical applications over those of other users in the home. This ensures that important traffic does not have to contend for bandwidth with Netflix, for example.
It should be noted, however, that the proper design, deployment and configuration of large-scale distributed SD-WAN networks to hundreds or thousands of end-user locations is not a simple process. When an enterprise fundamentally changes its approach to network performance and security, there are new parameters to monitor, requiring new visibility tools.
QOS Networks Optimizes the SD-WAN @ Home Experience
Having designed, implemented and managed the largest SD-WAN networks in the world, QOS Networks, a tech-enabled MSP, can bring its extensive experience to managing performance and security through its Intelligent Network Platform software, along with optimal SD-WAN policies for home office workers. To this end, managers can configure and deploy specific policies that ensure corporate traffic is given priority over the rest of the home traffic, extending the corporate network performance to the user working remotely.
The next step is to enable home workers to become part of a software-defined perimeter, where each end user becomes a node in the global WAN, with the same security, visibility, automation and level of integration as any other site on the network. This is where QOS adds value, by increasing uptime with self-healing capabilities and enhancing home security through strong identity management and authentication tools that ensure reliable access control.
However, extending the SD-WAN edge to the home office presents operational challenges to network managers, not the least of which is how to manage the configuration, distribution, activation and management of these sophisticated devices in so many remote locations.
The QOS Intelligent Network Platform shines a light for network managers as they’re searching for a better way to manage their dispersed workforce. The Intelligent Network Platform brings together multiple points of monitoring that can give advanced insight into end-user performance, faster correlation around issues, and ultimately, eliminate the swivel-chair management approach IT managers are forced to use today.
Throughout the past few months of shelter in place, QOS Networks inDeploy platform has been able to install thousands of VMware SD-WAN Edges to the home in a matter of days. inDeploy can operate at this speed and scale by automating the provisioning and deployment workflows—along with asset tagging and tracking, so IT managers know where every device is at every step of the process.
What Lies Ahead?
To sum up, while it is still unclear just how many employees will continue to work at home or return to the office part-time or full-time in the foreseeable future, there is compelling evidence that the software defined network is the next big phase of remote access. By extending the SD-WAN edge, the home worker is no more remote, and no less secure, than an employee working in a branch office.
Throughout the process, QOS Networks has the scale, depth and tools to effectively deliver a secure quality experience to not only branch locations but to end users in any environment, shifting this new work landscape toward something intelligent, managed, and effective.
If you want to learn more about how QOS Networks has partnered with VMware SD-WAN to support enterprise work-from-home home deployments, watch this engaging webinar, Business Continuity with QOS Networks and VMware SD-WAN, where QOS Network’s Mike Kalas explains these trends with VMware’s Chris Le and Rohan Naggi.
Learn more about QOS Networks