This blog was originally published to the 128 Technology website – in 2020, Juniper Networks acquired 128 Technology. Learn more about the acquisition here.
Enterprises are migrating to the cloud to avoid equipment expenses and hassles, and improve business agility. Forrester believes 65% of North American enterprises already use public cloud platforms and 66% already run internal private clouds.
The cloud changes the way businesses deliver applications and services, and reshapes enterprise traffic flows. In the old world, businesses hosted applications in central data centers. Remote sites and branch offices were connected over hub-and-spoke MPLS networks or private WANs, and most business-critical application traffic was confined to the enterprise network. Mobile users and teleworkers were secured and controlled at the internet border of the corporate data center. And external traffic was backhauled across the enterprise network and securely handed off to the internet.
In the new world, applications and services are hosted in public clouds, private clouds, and corporate data centers. And business-critical traffic often flows over best-effort internet connections over which the enterprise has little visibility and control. Legacy branch office networks, designed to support traditional client-server applications and traffic patterns, aren’t well suited for the cloud-centric era of IT. Enterprises must rearchitect their networks to support the unpredictable, dynamic dataflows of the cloud-first world.
SASE Converges and Decentralizes Network and Security Architectures
In today’s world, users access cloud-based applications and services from any place, at any time. The notion of steering all traffic back to a central data center no longer makes sense. Going forward, organizations will need to secure and manage traffic at the edge—close to the user—for speed and efficiency. Gartner refers to this concept as the secure access service edge (SASE).
SASE decentralizes the enterprise network architecture, converges WAN and network security functions, and polices and manages traffic flows at the network perimeter, close to the user. Gartner believes that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE. At 128 Technology, we couldn’t agree more. Our company was founded on the idea that security must be fully integrated into the network. You could say we’ve been SASE since birth!
Our Session Smart Networking solution supports a wide range of SASE functions including service-centric routing, session-aware forwarding, WAN optimization and resiliency, traffic shaping and QoS, zero-trust security, DoS/DDoS protection, and VPN and NAT functionality. The solution integrates with popular network access control platforms to automatically discover endpoints and enforce fine-grained, identity-based traffic management and security controls at the edge, under the direction of a central policy server.
SASE Redefines Branch Office Networking
SASE transforms branch office networking by consolidating technology and distributing forwarding decisions to the edge. But when it comes to software-defined branch office networking solutions, not all products are the same. Many legacy SD-WAN vendors have jumped on the SD-Branch bandwagon, but their solutions can be prohibitively expensive. Legacy SD-WAN products support multiple SASE functions, but each function is instantiated as a unique VNF that consumes CPU and memory resources. As a result, they require high-density, multi-core servers that can be too pricey for branch office applications.
At 128 Technology, we designed our solution from the ground up to eliminate middlebox and VNF sprawl, and reduce cost and complexity. We support a variety of SASE functions in a single VNF, so our software runs on affordable COTS servers. And we provide zero-touch provisioning and centralized management to simplify product installation and ongoing administration at unstaffed remote sites. Our tunnel-free solution lets organizations monitor individual sessions, track KPIs and troubleshoot problems across locations and networks from a single pane-of-glass.
We support a variety of intelligent routing and traffic management features to ensure high performance, service quality, and availability for diverse branch office applications. Fine-grained QoS controls enable shaping and prioritization of traffic to enforce different SLAs for different dataflows with different service characteristics. We intelligently route branch office traffic based on policies and real-time network conditions, automatically selecting the right network path (MPLS, 4G, internet, etc.) for the right application at the right time.
128T Session Smart Networking extends the advantages of software-defined WANs all the way down to the branch office LAN, providing an adaptable, service-centric branch office network fabric that supports the arbitrary dataflows and diverse workloads of today’s cloud-centric businesses. It lays the foundation for a new generation of on-demand applications, IoT systems, and digital solutions that help enterprises improve business performance and accelerate the pace of innovation.
