Buying routers in general, and choosing the correct enterprise edge router in particular, is an important process that involves considerable time and research to get right. In this guide, we will explain how edge routers differ from other types of routers and highlight functions of edge routers in typical enterprise deployment scenarios. Finally, we will list important features that modern edge routers can provide.
Edge routers explained
When buying routers, it's crucial that the purchase decision-makers have a thorough understanding of how items in the router category work. First, edge routers sit at the demarcation point where a campus LAN connects to external networks. In most cases, enterprises use edge routers in two key locations -- the internet and the WAN edge. And while an edge router responsible for separating the corporate LAN from the internet may have different features than ones used to separate the LAN from the WAN, their core duties are largely the same.
But there are also other types of routers that need to be defined to make sense of the differences between various types of routers. For example, it used to be that routers existed within the LAN to facilitate the routing of intra-LAN data flows. But stand-alone routers have long been replaced by multilayer switches that perform not only routing duties at Layer 3 and 4, but also switching capabilities at Layer 2.
Branch routers, meantime, provide several features not required at the corporate edge. Branch routers are deployed at remote sites on the far end of the WAN. And while they connect to WAN edge routers at the primary corporate LAN, they provide additional capabilities at the remote facility. Among them are the following: more connectivity options, including time-division multiplexing (TDM) and 3G and 4G connection capabilities, built-in wireless LAN (WLAN) management services, as well as WAN application acceleration services to help speed up connectivity to resources located at the corporate HQ or in the cloud.
How edge routers work
In their most basic form, routers are responsible for transporting IP traffic from one network to the next. This can be performed using either static or dynamic routing capabilities. Edge routers also perform other duties that are specific to the protection of the trusted corporate network. Remember, edge routers allow trusted enterprise networks to connect to less-trusted networks.
In the case of the internet edge, security is a top priority since enterprise administrators have no control over who can attempt to access corporate resources from the internet.
Safety can be accomplished in one of two ways. The first method is to configure and implement access control lists (ACLs) on interfaces that separate the disparate networks. These ACLs can specify source and destination IP addresses or networks, as well as protocol information such as TCP/UDP ports. It's a simple way to protect a network from untrusted entities. A second method -- and one that's easier to manage and more secure -- is to purchase an edge router that has built-in firewall service capabilities. These services run on the same appliance as the rest of the router and provide more advanced protections stateful inspections, VPN tunnel creation, and intrusion prevention system and intrusion detection signature matching.
Edge router capabilities to consider
When buying edge routers for your organization, the IT decision-makers must consider several factors. Here is a breakdown and explanation of many of the most critical questions to ask:
- What is the expected routing table size?
The size of the routing table is a key factor in choosing the proper model. In terms of WAN edge routing, routing table sizes are usually architected to stay small. Where things get more complex is on the internet edge. If you run BGP, advertise public IP address space and have multiple paths to the internet, you are likely to elect to receive either partial or full internet routing tables from your service providers. Doing so helps the router choose the optimal outbound path for destinations outside the campus LAN. In cases such as these, where large routing tables need to be maintained, choose a router that can handle very large routing table sizes.
- What are your connectivity options?
In most cases, these days, handoffs between the internet and WAN edge use Ethernet technologies. To that end, understand what type of Ethernet handoff you'll be receiving from your internet or WAN service provider. The three most common options are Gigabit Ethernet copper or Gigabit Ethernet over either single-mode or multimode fiber optics. Other possibilities include 10 Gigabit Ethernet fiber handoffs and legacy TDM circuits such as a T1.
- How much throughput is required?
Because you want your edge router to remain on your production network for anywhere from three to five years, ensure it can handle whatever traffic you expect today -- as well as several years into the future. Don't choose a router that is undersized or cannot be upgraded.
- Will the router be responsible for securing internal resources?
If you are buying routers that will be pulling double duty by not only routing but also performing firewall functions, make sure the model selected has the right security capabilities. Typically, advanced security features require add-on licenses that must be purchased to activate. Also, keep in mind that running a converged router and firewall on a single appliance will require additional processing power and memory.
- Do you require redundancy?
Router redundancy, in the form of fault tolerance, includes features such as dual power supplies and route processing engines. Additionally, some vendors offer software-based fault tolerance capabilities by running multiple instances of the routing table and other critical control mechanisms. Alternatively, you can enable network edge redundancy by using high-availability clustering techniques such as active or standby routers -- or routers that operate in a load balanced capacity.
- Does the router need to scale?
Router hardware appliances come in two forms -- fixed form-factor and modular chassis. While fixed form-factor routers are usually cheaper to purchase, they can't scale beyond their current capabilities. Modular routers, on the other hand, can be upgraded in terms of CPU, memory and port types. Choosing a modular router will allow you to rapidly scale your edge upward if necessary.
- Will the router be a physical or virtual deployment?
Traditional edge router deployments use hardware appliances with customized components that support optimal performance. But advancements in virtualization technologies mean routers can be run on a hypervisor. This not only provides flexibility in terms of deployment options -- including within the cloud -- it also allows for scalability that not even modular routers can match.
- Do you require SDN or SD-WAN capabilities?
Perhaps the most recent advancement is edge routers capable of operating within an overall software-defined networking or SD-WAN architecture. Both SDN and SD-WAN centrally control routing characteristics from end to end. The SD-WAN routing features also offer advanced route selection techniques, where you control multiple paths to remote sites across the wide area network.
The bottom line
As you can see, there are many things to consider when buying routers. Choosing the right edge router for your specific needs is a complex process but just remember these three basic steps: First, determine the specific deployment use case for the router. Second, select the appropriate capabilities and features. And finally, make sure you consider needs for today as well as several years into the future.
Once you do this, you'll have a good idea as to the type, size and form factor of the router for your organization. Armed with that knowledge, you can then choose the right network supplier for the product and support services you are seeking -- and buy routers at a price point that fits within your budget.
Will software- defined WAN eventually replace the edge router?
Even with virtualization, hardware remains important
Needs not brand names are what counts when choosing network elements