SD-WAN Application Reliability Across the Enterprise Branch
Legal service companies often have multiple branch-office locations to provide services to their clients. Because of the distributed nature of the business, network connectivity to clients and employees accessing remote applications is a critical factor in keeping the business running successfully.
Law firm employees rely on business applications like case management to schedule calendars, track case notes, and manage client documents and records. Without a reliable WAN, lawyers and administrative staff will either lose access to their applications or the applications will run too slowly, leaving users frustrated and unproductive. As law firms increasingly utilize cloud and SaaS services, it becomes even more critical for WAN infrastructure to provide the most reliable access as possible.
Law firm employees and clients accessing applications from corporate data centers and cloud-hosted and SaaS-delivered sites need the applications to be fast, reliable and secure. IT needs the WAN to be agile, for easy deployment and management, and to have visibility to respond to dynamic network changes.
Today’s WANs need to be flexible, as they support discrete network architectures, including data traffic and wireless network traffic. Network links need to support a law firm’s business objectives and mobile strategies, while ensuring client data are kept secure and confidential. The WAN also needs to be reliable and optimally performing to maintain a user quality of experience (QoE).
WANs are an integral part of a law firm’s communications, as applications and services are dependent upon them. Dedicated MPLS circuits have often been used to support these applications and services. Yet many law firms are now looking for MPLS augmentation alternatives to achieve lower costs, simplify deployments for new offices and increase bandwidth.
The cost, time and complexity of ripping out existing network infrastructure should not be necessary. An SDWAN overlay can be cost-effective and deployed quickly, working in conjunction with legacy infrastructure.
SD-WANs offer many benefits for law firms, providing substantial cost savings and greater agility over single provider MPLS networks. The Talari SD-WAN accomplishes this objective by aggregating multiple, diverse network links into a single, virtual WAN that continuously adapts to traffic, based on the availability and real-time quality of the network paths, which enables companies to support greater traffic volumes and ensures that business-critical applications are not adversely affected by underlying network issues.
Talari empowers law firms with high bandwidth and highly reliable and cost-effective WAN services that deliver optimal application performance across the entire SD-WAN. Key features of the Talari SD-WAN include application-aware forwarding, and performance-oriented adaptive routing. Central management allows IT to easily roll out network-wide policies and configurations, which make the network fit the firm’s diverse business needs.
Talari SD-WAN unique capabilities create failsafe WANs that deliver:
- Continuous, unidirectional measurement of packet loss, latency, jitter and bandwidth utilization
Enables unprecedented WAN visibility and sub-second response to adapt to network issues
- End-to-end Qos and inbound congestion avoidance
Provides up to 97% sustained utilization on shared links without negatively impacting Qoe
- Ability to use all bandwidth across multiple links, even for a single high-bandwidth flow
- Packet replication for real-time traffic delivers platinum quality support
Talari’s functionality ensures that all application sessions (including VoIP, Video Conferencing and Interactive Desktop) are maintained in the case of a link failure or poor quality on an individual network service.
Flexible Deployment Options
Talari offers flexible deployment options, including physical and virtual appliance deployments with a software licensing model that will grow to meet a legal firm’s expansion needs over time. In addition to these unique capabilities, Talari delivers key components necessary for an enterprise SD-WAN, including:
- Centralized control and network analytics using Talari Aware
- Zero touch deployment and activation of remote offices
- High QoE cloud access, and full visibility to cloud performance
Ensuring a Reliable Enterprise WAN
It is not uncommon for WAN connectivity to be deployed in an Active/Passive capacity. However, this is inherently inefficient. Law firms commonly use equal-cost multi-path routing (ECMP) load-balancing for two links at the same time to achieve more efficient use of their WAN. However, this function will not discern which applications are using the link or the actual performance of the link. Link load balancing is done on a flow-by-flow basis, meaning a large, long-lived flow will only be able to use a single WAN link’s bandwidth.
Talari’s packet-by-packet decision making and continuous monitoring of quality allows full utilization of all the links available at a site with knowledge of the link’s availability and potential issues, so the best available bandwidth is used for any given packet. When traffic is sent from one location to another, intelligent tags are placed on the data that measure time, order, congestion and loss at the path and session level. Talari records and statistically analyzes this data to determine short-term characteristics and trends in the network.
Talari SD-WAN establishes numerous paths across the WAN using multiple IP-capable WAN links at the local site to remote site nodes. Talari SD-WANs within a network have a common, high resolution clock. Every packet transmitted between nodes across the WAN contains a packet tag that includes a time stamp and sequence numbers at both the path level and at the application session level. Talari uses these tags to measure every packet in real-time, derives quantitative benchmarks, and creates (using queuing theory) short-term, predictive behavioral statistical models and metrics. It performs bandwidth allocation using these models, allocating the maximum possible bandwidth to the best performing paths with the purpose of providing optimal throughput. The behavior models are reflected through a feedback mechanism, possibly many times per second, to the transmitting Talari Appliance that uses real-time performance and availability intelligence, encapsulated within the Talari Reliable Protocol or TRP, as a map of the available resources available at any point in time.
Talari’s failsafe SD-WAN makes it possible for legal firms to utilize low-cost Internet bandwidth to intelligently steer Internet-bound traffic to direct Internet access circuits, either in combination with, or as a replacement for more expensive MPLS links. Additionally, paths can be created across the Internet using secure encryption for Internal traffic. It is generally understood that Internet bits are far less expensive than those from the MPLS providers without a SD-WAN overlay, offering 50x – 150x bandwidth per dollar cost optimization compared to MPLS at branch locations, and can be 10x – 50x better cost advantages for data center locations.
This provides several benefits:
- Delivers more bandwidth to each location
Aggregates multiple, disparate links and uses the combination in a failsafe manner - as if it were a single connection
- Application-aware forwarding uses the best performing link for the most performance-sensitive applications, for example:
If the Internet is performing best at that time, it makes sense to use that path. The inverse is also true: applications that are not performance sensitive can be directed toward lower quality links. This means even when a circuit is not performing well, it is still giving value for money.
- Cost-efficient use of the network:
For non-business critical traffic, such as wireless guests and corporate mobile traffic, lower cost Internet bandwidth can be used
Network Visibility to Protect Application Delivery
SD-WAN management includes full visibility of network service quality (monitoring loss, latency and jitter across each WAN path in each direction with every packet), and bandwidth utilization across each WAN path. Application performance metrics can be reported out, providing details on how network quality is affecting specific applications.
Centralized Management and Control
Talari AWARE is a VM-based management system for centralized SD-WAN configuration and management, while also providing visibility into WAN services (network quality and bandwidth utilization) and application performance. AWARE can be deployed within the customer network or as a cloud service. The comprehensive nature of the Talari SD-WAN allows data to be captured by tracking traffic without probes or injecting test data, which allows for the most granular and accurate view of network and application performance possible.
One of the major advantages with the AWARE platform is the capability to create “Reporting Dashboards” for each user of the management system. So, for example, the MNSP or internal Network Operations team can view the network performance statistics of each WAN service from their region; or the MSP or internal IT Service Management teams can view the performance for business-critical applications across the entire SD-WAN. SD-WAN inventory and central configuration creation, editing and distribution are all performed using AWARE.
Scalability to Match Business Growth
Talari edge appliances are specified based on the total aggregate WAN bandwidth from a specific location and scale from 20 Mbps to 5 Gbps performance for hardware appliances, and from 20 Mbps to 2 Gbps for the virtual appliances
To allow for future bandwidth scalability and to save initial costs, hardware appliances can be deployed with a lower specified software license, and then increased when required up to the maximum supported bandwidth for that appliance.
The Talari SD-WAN supports up to 550 locations from a single appliance. Full mesh or hub and spoke SD-WAN overlays can be configured and Talari supports the use of dynamic conduits (SD-WAN overlay paths) to simplify the configuration and deployment of full mesh topologies.
Talari Interoperability with WAN Optimization Appliances
While WAN Optimization is part of the core platform and synonymous with the Talari SD-WAN, without reliable Internet connectivity any amount of WAN Optimization will be limited if the network connection fails or bandwidth is not utilized to its fullest capacity. This capability is fundamental to the Talari SD-WAN, together with centralized, automated management of diverse network links. Talari allows law firms to get the most bandwidth utilization from their network investments, utilizing cost-effective links, with built-in agility, security and reliability.
Cloud Access and Connectivity
Talari makes cloud-hosted applications run smoothly in spite of network quality issues or failures, hence bandwidth is made predictable and data are secured. Talari’s packet-by-packet adaptive path networking intelligence facilitates the aggregation of multiple broadband links, Amazon Direct Connect links or Microsoft ExpressRoute connections. Reliable cloud application delivery is enabled by the continuous measurement and monitoring of the quality of each possible path in each direction, and the adaptation of traffic flows in real-time to route around failures and poor-quality links.
Comprehensive and detailed data on the quality of each network path to the cloud and the quality received by applications across that network are constantly collected and aggregated in a centralized database. This gives legal firms the insight they need to separate issues on the cloud access network from issues on the cloud applications themselves. Talari security capabilities protect cloud traffic from being read or modified, even when using broadband links. Talari’s security includes:
- 128 or 256-bit AES encryption
- Per-session,rotating encryption keys
- IPsec termination
- Extended packet authentication trailer
- Extended packet encryption header
- Virtual routing and forwarding (VRF)
Talari’s SD-WAN for the cloud is comprised of virtual appliances located in Amazon Web Services (AWS) regions or the Microsoft Azure cloud infrastructure.
The Talari Virtual Appliance CT800 acts as a cloud gateway and runs in Amazon Web Services (AWS). Designed to improve access from company locations to IaaS sites, SaaS applications and Internet sites, the CT800 delivers up to 100 Mbps full-duplex performance across multiple WAN connections, including Internet and AWS Direct Connect.
VoIP, virtual desktop infrastructure, case management, time and expense tracking, and enterprise applications
Lawyers and support staff must be able to access important documents and information from their mobile devices and laptops. They must be available to help clients whether they are in the office or out. While there are many risks associated with working remotely, the reliability, security and performance of the WAN can’t be one of the risks. Just as network-security technologies are a business imperative, so too are keeping the associated IT-connectivity costs down.