Networks of the past looked very different from networks today. Legacy networks were built for applications and data that resided in corporate data centers, whereas modern networks are built for cloud apps and a distributed workforce.
Especially post-COVID-19, it’s unrealistic to run a cloud-first business on a network that was designed for a different era. Organizations must be prepared to support and secure an ever-changing workforce where everybody is in the office, nobody is in the office, and every combination in-between.
WAN modernization is a business imperative
I recently interviewed David Ginsburg, vice president of product and solutions marketing at Aryaka Networks, who explained how Aryaka is helping organizations move to a consumption-based software-as-a-service (SaaS) experience with security and cloud. Highlights of my ZKast video with Ginsburg, done in conjunction with eWEEK eSPEAKS, are below the video:
- Aryaka is a 12-year-old provider of software-defined networking (SD-WAN). It specializes in fully managed networking and security services, which enterprises use globally.
- The process of buying broadband can overwhelm larger organizations. There are approximately 800 broadband providers in the U.S., which means companies can go from having one carrier relationship to hundreds. As a managed service, Aryaka is shielding the enterprise from the carrier dilemma and enabling IT leaders to focus on strategic work instead of just “keeping the lights on.”
- There’s a lot of misinformation about what’s required to offer a true managed networking and security service. Aryaka’s foundational principle is not to ignore the network. It’s not enough to deploy various security instances at the edge of the network without interconnecting them.
- Aryaka’s global orchestration includes first mile, middle mile, and last mile services. In the middle mile, the services are interconnected globally to ensure the best application performance regardless of location.
- At the last mile, Aryaka offers network provisioning, contracting, monitoring, and troubleshooting. Aryaka’s services point of presence (POPs) are included in various cloud platforms like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Oracle Cloud, among others.
Key elements driving WAN transformation decisions
- Applications are shifting to the cloud. Organizations need an architecture that’s optimized for cloud—not only on the network, but also on security.
- Organizations that have a distributed workforce need a security architecture that supports both a traditional on-prem environment and remote.
- With shifting expectations, organizations need a service experience that combines the management of networking and security into a consumable, optimized service.
- Aryaka is different from traditional telcos and managed services providers because it provides a SaaS-like experience that encompasses all of the above pillars.
Understanding the limitations of legacy networks
- Legacy architectures are based on hub and spoke, which doesn’t work in a cloud-first environment. Organizations are increasingly transitioning from legacy connectivity to internet-driven connectivity that allows them to better support a distributed, cloud-based application environment.
- Today’s organizations must be able to provide a consistent app experience, where employees move from on-prem to remote. Remote workers must become “first class citizens” of the enterprise network. That’s why more organizations are shifting networking and security budgets from on-prem to home office for an improved remote work experience.
- There are many types of users on the network, who weren’t remote before. The enterprise security perimeter has been extended, which introduces risk. Organizations must have a security architecture that supports distributed users, devices, and apps.
Managed services reduce SD-WAN complexity
- Aryaka is helping organizations transition to secure access service edge (SASE), a novel technology that combines the elements of SD-WAN and network security into a single cloud-based service.
- With the evolution of SD-WAN to SASE, organizations are seeing the convergence of networking-as-a-service and security-as-a-service. This dovetails into an architecture that Aryaka built to deliver connectivity, optimization, multi-cloud onramps, visibility, and global orchestration.
- The initial push for SASE was to create a security architecture that was optimized for a cloud-first environment. However, on-prem security is not going away. Many organizations deploy physical firewalls or on-prem virtual firewalls—due to compliance, connectivity, or scalability reasons. Organizations continue to embrace a hybrid security approach.
Security and network architectures are continuing to evolve
- Software-defined cloud interconnect (SDCI) is becoming more prevalent, where secure, automated connectivity is provided in an infrastructure-as-a-service (IaaS) environment. Users can connect to an SDCI hub via a single port to access various private and public clouds, SaaS apps, and more. Yet, organizations don’t have to deploy additional hardware.
- With security, on-prem and remote workers are coming to a converged services POP that not only delivers remote access connectivity, but also provides orchestration for policy management.
Aryaka offers options for SD-WAN and SASE
- Aryaka created a support experience that encompasses a networking component, a security component, and a lifecycle management component that ties all of this together into an integrated managed service offering.
- The services POP allows Aryaka to deploy value-added services at the edge of the network. They don’t only provide routing and switching, but also compute and storage. This enables sophisticated network and application optimization.
- Over the last 12 months, Aryaka added private access capabilities, where the client is deployed at the remote workers, but they’re all aggregated in Aryaka’s services POP.
- Going forward, Aryaka will be using the services POP as the foundation to deploy SASE. This will allow Aryaka to introduce additional edge-facing security capabilities.