Options for Enterprise Inter Branch connectivity over a Wide Area Network (WAN)


Most of the companies have multiple branches and more often than not, a good network connectivity (Wide Area Network) across these branches is a must.  So, let us look at some of the popular options available for such geographically spread enterprises to connect with other branches and the head office. We have given a brief overview of Managed Leased Lines, MPLS (Multi Protocol Label Switching) Circuits, VPN Over Internet Leased Lines/ fixed and mobile broadband, Metro Ethernet, Wireless Back-haul connectivity and Satellite based VSAT systems in this article.

The ‘Cloud’ as it is referred to, is a concept that is gaining traction with a lot of companies. Companies seem to prefer managed services either with third parties or internally through the centralization of networking/ computing resources via Data Centers etc. But the first step to enable such internal or external clouds is good connectivity between the various branches of an organization. Without a proper and redundant network connectivity, there is no point in centralization of the computing resources. For that, companies ought to look for robust, redundant and quality oriented Wide Area Network Options.  Let us explore some common options which are available and have been fairly accepted among many enterprise customers.

Leased Lines:

Managed Leased Lines Architecture for Wide Area Networks
Managed Leased Lines Architecture for Wide Area Networks

Leased Lines have been traditionally a popular mode of connectivity between two branches or multiple branches in different locations. Leased Lines are private, secure, scalable and quite sufficient for basic data connectivity between different branches. Basically, companies lease a circuit (a particular amount of bandwidth in a circuit) from a service provider. The same is leased to them via multiple interfaces including copper, fiber  etc. Companies could lease bandwidths as low as 64 Kbps (or its granular increments) and the contracts are generally for one year. The service provider would take care of providing and maintaining the complete circuit from one location to other location(s) which includes owning and operating  all the passive and active components required to maintain the Wide Area Network. Leased Lines can be taken within the same city, one city to another or even one country to another (The International Leased Lines are called IPLC – International Private Leased Circuit) – which may be owned by a single service provider or jointly owned by multiple service providers. The Leased Lines cost more with increasing distances between the two locations and in the case of multiple locations as shown in the above architecture diagram for Leased Lines, each location needs to take a separate Leased circuit to every other Location to maintain any-to-any site communications between them. Since this is a private circuit, security concerns are minimum.

MPLS Circuits:

MPLS Architecture Diagram
MPLS Circuits – Architecture Diagram

MPLS Circuits are much like Leased Lines – they are private circuits but the transportation and switching is on common infrastructure which comprise of many MPLS Edge and MPLS Core Routers (at the service providers end, spread across multiple locations). MPLS Circuits have a lot of advantages over Leased Lines – the primary advantage being the fact that only one MPLS circuit is required per site, regardless of the total number of sites that needs to be interconnected.  This, is a huge benefit for organizations that have a large number of branches and are expanding. End to End QoS settings can be applied to MPLS circuits for best performance with real time data like voice and video traffic over the network. MPLS allows for dynamic bandwidth allocation and has robust security built in using VPN Tunnels thereby eliminating any VPN equipments from the customer end. More over, MPLS is a connection oriented network (which makes it more reliable) and protocol independent (that makes it suitable to carry any type of payload). If you are looking for a private circuit to connect your various branches today, this is the type of circuit you ought to be looking for. Even International MPLS circuits are possible (Actually by joining the MPLS networks of Service provider in one country with another, which is taken care by the respective service providers in the different countries).

VPN Over Internet Leased Lines/ Fixed Broadband and Mobile Broadband:

VPN Over Internet - Architecture Diagram
VPN Over Internet – Architecture Diagram

One major difference between the above two networks (Leased Line, MPLS) and this one (Internet Leased Line/ Broadband) is that, in the former, you can just connect to your companies servers or transfer data between multiple locations of your own company – its a private network. But an Internet Leased Line/ Broadband basically connects you to the public network – Internet. Since this is not a private network, it is not secure to exchange sensitive information about projects/customers etc as they are transmitted in clear text over the Internet (meaning, its possible to sniff the data by outsiders). But, to make this public network private (virtually private, that is), there exists technologies like VPN (Virtual Private Network) which basically encrypts data and transports it through secure tunnels over the Internet. So, if the Internet is used in combination with VPN Technologies, the network becomes as secure as a private network! The VPN technology can basically be enabled by devices like Routers, UTM(FIrewalls), VPN Concentrators etc that can form a site-to-site VPN tunnel between two or more locations and provide encryption to all the data traversing from one site to another. Even roaming users / home users can establish VPN connectivity to the enterprise network through VPN Software clients which are loaded on their PC’s / Laptops etc, over the Internet (Through fixed broadband/ mobile broadband – High Speed CDMA/ 3G/ EDGE etc). When the LTE (4G Mobile broadband) becomes available, the mobile broadband technologies might even become the primary connectivity option for many small and medium sized companies.

Why are the Internet Access Technologies are changing the game for WAN network connectivity? One, the prices for Internet Access technologies (networks) are coming down rapidly due to mass adoption, high capacity requirement and competition. Two, for the same cost, you can get much more capacity (read bandwidth) with Internet Leased Lines than Normal Leased Lines/ MPLS Circuits. Three, the mass adoption and standardization and dependability of VPN Technology by the enterprises has made this option quite safe. Four, broadband and mobile broadband networks have been implemented on large scales not only by individuals but by many branch offices and SMB’s as well and they are very cost effective. Moreover, high speed broadband technologies are available today (Have you heard of 1GE broadband connectivity to your home yet? You will hear of it soon!). Five, complementary technologies like WAN Application Acceleration, Intelligent Load Balancing with full redundancy options across multiple connections, Higher Capacity and faster Core/ Edge Routers, Centralized Data Center technologies, Cloud Computing initiatives etc, have all seen a good spurt in their adoption rates due to the fast technological advancements in their relative domains. Six, VPN Over Internet technologies are highly beneficial for companies that are spread across various international locations as the price of International MPLS/ Leased Lines are very expensive.

Some flip sides of VPN over Internet technologies include the fact that not all companies are ready to send their confidential data and information on public networks as the data is not 100% secure, the data packet loss is much more on public networks than private networks, End to End QoS parameters are very difficult to set up on public networks (required for transporting real time traffic like voice and video), broadband networks always offer good download speeds but the upload speeds are very less – which hinders data transfers from the broadband networks.

Metro Ethernet:

In the bigger cities, huge industrial districts, IT/ Technology parks etc, some service providers might provide 100 Mbps (or) 1 GE Ethernet connectivity (Over IP) using Fiber Cable Infrastructure and specialized Metro Ethernet Switches/ Routers. These high speed connectivity is however limited to two or more offices of the same company (or sister concerns) within the same city/ Industrial area etc. This is almost like extending your LAN to the other office but over fiber cables running across the roads, and these fiber cables are owned and maintained by the service providers. The service is advantageous to companies with a lot of data transfer between branches but as you might have guessed, the cost of Metro Ethernet is higher but not exorbitant.

Point to Point Wireless Network:

Wireless Extender Backhaul Connectivity Point to Point Wireless Networks are useful for connecting two or more branches of a company that are in the same district (not separated by more than 50-60 KM). There is one catch though – Line of Sight is required between the two locations (there should not be any opaque obstruction between the two antennas) and this is mostly achieved by constructing big towers at both the sites (which needs to be connected over wireless) so that there would not be any obstruction in the path and a Line of Sight exists between them.

The main advantage is, the point to point wireless back-haul network and all the equipments used to build it (Wireless Access Points, Antennas, Towers, Routers, Cables and other network components, etc)  are mostly procured by the companies that want to deploy them and hence it is a private network – without having the need to pay yearly charges for the bandwidth. Sufficient amounts of bandwidth can be achieved through wireless – even up to 300 Mbps in some cases, if the distance is not very huge and equipments support the same. The main disadvantage is the necessity of a ‘Line of Sight’ between the two locations, not bearing the fact that the Line of Sight of today might not be there tomorrow if a big building comes up in between! Other disadvantages include data security (if encryption is not configured between the two access points) and initial capital cost required to set up the wireless network and the towers. There are other Non-Line-of-Sight technologies like Wi-Max etc, but even they depend on reflection of signals and may not give accurate results if there is total non- line of sight.

Satellite based VSAT Technology:

VSAT (Very Small Aperture Terminal) technology is used to give connectivity to disperse locations based the satellite communications network (more specifically the Geo-Synchronous Orbit Satellites). This is hugely beneficial to the companies which require to connect their remote locations that are not covered by the terrestrial networks (Eg. Ships, Hill tops etc). More recently, VSAT technology has found its way in to the more mainstream applications as well (Like connecting various Bank ATM Machines across the country, Remote Video Conferencing, Tele-medicine etc).

The main advantage of a VSAT based network is that, these networks (and the charges) are independent of the location (Satellite coverage for the region is required, of course) and also independent of the distance between the multiple locations to be covered (provided all of them are covered by the Satellites). VSAT based networks have seen mass adoption in the places where they have been allowed to be deployed (DTH – Direct To Home cable services are an example of VSAT Communications) and have been very useful for reliable mobile communication needs (like Satellite broadcasting for a TV channel, for example). The disadvantages include the higher procurement and maintenance costs, limited support for bandwidth and the availability of service and trained personnel in a region.

excitingip.net

You can follow the latest Computer Networking/IT Products released for homes/small businesses & reviews by subscribing to this blog with your email address in the top right-hand sidebar box: ‘Follow by E-mail’. You can expect one mail per week (max).