Beyond traffic prioritization, there are some pretty significant benefits to deploying a hybrid WAN. Andrew Lerner, Research Director for Gartner, recently wrote in his blog: The value proposition associated with hybrid WAN and the technology-solutions include:
- Reduced WAN costs via using lower-cost Internet/broadband (to supplement, complement, and/or replace traditional MPLS).
- Simplified and improved management orchestration of WAN traffic/devices, including path selection capabilities.
- Improved and unified visibility and monitoring traffic.
- Improved security, including improved scale for VPN-based solutions.
Gartner also advises that while "public cloud services and mobility are driving business needs, the Internet and MPLS play an equally important role for enterprise connectivity. Network planners must establish a unified WAN with strong integration between these two networks to avoid application performance problems."
Application, network performance and security management have been a few traditional WAN bugaboos. In a recent invitation to industry players to build improved wide area technology, the military's high-tech research arm Defense Advanced Research Projects Agency (DARPA) wrote of current WAN issues: "In current practice, when users at the network edge experience degraded or denied communication, they typically have no recourse other than to inform WAN administrators of the difficulty. Consequently, network events that affect small but mission-critical sets of users, flows, or time periods may go undetected and un-diagnosed by these systems, which will further prolong recovery times. Examples of such events are localized failures caused by router mis-configuration, and network-based, low-volume DoS attacks targeting a particular user enclave."
"Further impeding WAN administrators' effective response to network events is the fact that the WAN transports data in encrypted tunnels between enclaves (i.e., the tunnels established between encryption devices at the network edge). The WAN therefore has no detailed knowledge of user, application or mission communication requirements, impeding its ability to respond to network events in a manner that efficiently meets these needs," DARPA stated.
The networking research community has invested heavily in hardening network infrastructure to mitigate or prevent network events. Proposed methods include a variety of network-based DoS detection techniques, Byzantine fault tolerance algorithms, trust-based routing methodologies, algorithms for discovering configuration errors, and a variety of fast fail-over mechanisms, among many others, DARPA stated.
Last year DARPA detailed a new program, known as EDICT or Edge-Directed Cyber Technologies for Reliable Mission Communication, that hopes to develop advanced WAN tools to address the current weaknesses in the wide area: "The objective of the EDICT program is to bolster the resilience of communication over IP networks solely by instantiating new capabilities in computing devices within user enclaves at the WAN edge," the agency stated.
"It is envisioned that systems developed within this program will combine real-time network analytics, holistic decision systems, and dynamically configurable protocol stacks to mitigate WAN failures and attacks on the fly, in a mission-aware fashion. Protocols in scope for this program include those at the network, transport, and application layers of the five-layer protocol reference model."
Sign up for Computerworld eNewsletters.