blackzheep - stock.adobe.com
Because of the coronavirus pandemic, many companies shut down offices but still need to operate as close to normal as possible. Work-from-home strategies have changed how businesses address the network edge, which had already expanded outward with cloud services and software-defined WAN. Now, the network edge -- and, in particular, the SD-WAN edge -- is reaching the employee residence as vendors market SD-WAN for home offices.
SD-WAN vs. VPN
Traditionally, strong firewalls and security kept the network perimeter in the data center. With cloud computing and SD-WAN, that network edge began shifting to the cloud or the branch office. Firewalls can now be bought as a service from cloud providers, where the economics align nicely with the changing network edge.
Normally, remote users dial in using a VPN to create a tunnel into the resources they need within that firewall. A VPN is a session-based tool where the user initiates a connection and then disconnects when done, and this strategy has worked fine for travelers and the handful of remote users.
COVID-19 changes SD-WAN economics
With the increase in remote work, IT is seeing SD-WAN as an interesting option for the high-priced engineers, designers and other skilled workers who need persistent access to large, sensitive or critical files. The move to SD-WAN pushed the network edge from the cloud or branch office, and now, it may go all the way out to an employee's home.
The typical SD-WAN appliance, at $1,000 or more, was not cost-effective for individual users occasionally working from home in the past. But, as these high-priced employees now work 40 or more hours a week from a set location, the economics of converting that connection to SD-WAN for home offices -- instead of a VPN -- suddenly become more feasible.
SD-WAN for home
Residential SD-WAN provides more flexible security than a VPN, making it a better choice for a persistent connection. Another benefit over a VPN is that an SD-WAN can route cloud traffic, like Microsoft 365 or Salesforce, directly to cloud services instead of backhauling the data through the data center.
A VPN is a more coarse-grained approach to remote access that essentially treats most users the same. VPNs typically route all traffic over the connection, so even nonwork traffic ends up running through the headquarters' gateways out to the internet.
But, with an SD-WAN home office, IT can take a more fine-grained approach to managing users, access, security and the other aspects of connectivity back to the main headquarters. SD-WAN enables some traffic to go to the main office and some traffic to go directly to cloud services under the company's control and parameters, with a final block of traffic, like Facebook and YouTube, routed externally, not constraining the company's bandwidth and infrastructure.
The zero-touch provisioning of most SD-WAN gateways means IT can send SD-WAN appliances directly to a remote worker for installation. Once plugged in, the device can self-provision and connect back to headquarters with little or no interaction on the employee's end. Even VoIP can be configured, enabling calls from the headquarters to route directly to the employee.
Network managers are now expected to support a remote work infrastructure for work-from-home employees. Learn how network teams can implement certain measures to keep remote workers connected.
Does SD-WAN at home make sense for your business?
The pros and cons of extending your network edge to an employee's residence boils down to three key factors.
The first is the type of work the employee is doing. Most productivity-based tasks, like with Microsoft 365, don't require an SD-WAN connection. But larger applications, like computer-aided design and computer-aided engineering, could benefit from the better-quality SD-WAN connection.
The second factor is the cost of the employee. It's easier to make the case for high-priced employees where the higher cost of the SD-WAN is offset by the increased productivity.
The final factor is your existing remote infrastructure. If your company already had a solid work-from-home program with strong connectivity, then continuing down the VPN path might make sense. But, if your VPN infrastructure is strained by work-from-home rules, then extending the SD-WAN edge to key employees or groups may make sense.
As IT continues to react to this pandemic environment, SD-WAN is one more tool that can be deployed to help keep remote workers connected and keep business running.