Enterprises around the world have traditionally leveraged virtual private networks (VPNs) on wireline connections to link remote locations. Until now, VPNs were the right solution for the cost and the level of security provided. But with growing multicloud adoption among enterprise IT systems, data patterns have evolved and it has now become clear that VPNs can no longer satisfy all the needs of today’s enterprises. Unfortunately, many organizations are learning this the hard way.
Modern applications, such as big data, mobility, cloud and the Internet of Things (IoT), to name a few, continue to extend traditional enterprise perimeters, rendering VPNs vulnerable to threats. As a result, many are incapable of providing the cost savings for which they have been historically associated with. In fact, as new applications are added to distributed enterprise locations, the cost and complexity of adding more VPNs to secure them have correspondingly escalated.
Software Defined WAN (SD-WAN) has emerged as an ideal solution to overcome these challenges. When implemented correctly, SD-WAN places network intelligence and security at the enterprise branch while simultaneously reducing the enterprise attack surface by logically segmenting the network on a per-application basis.
The Introduction of 4G/LTE
The average network speed for small and medium enterprise branches is between 40Mbps to 100Mbps; the monthly cost can double after including the wired backup line. Many enterprises are currently using 4G/LTE as a backup for wireline connections at their branches. With 4G/LTE rollouts, many countries have over 40% penetration with speeds between 15-40Mbps or over 100Mbps with Carrier Aggregation (CA).
SD-WAN CPEs simplify the management and control of the traffic over multiple connections accordingly and offload internet traffic locally.
With the promised speeds of 500Mbps to 1Gbps on 5G connections, enterprises are considering mobile as a primary connection in many situations:
- Fast rollout of branches where fiber is not (yet) available
- Temporary locations (events, pop-up stores, concerts, sports…)
- Emergency situations (i.e., temporary hospitals that require connectivity)
5G – More Than Speed
5G provides a lot of innovative features that can improve enterprise branch connectivity, especially when SD-WAN meets the 5G network architecture underlay through technologies like network slicing, multi-access edge computing (MEC) and fixed wireless access (FWA).
The enterprise network traffic is segmented in VLANs according to the required quality of service (QoS). With 5G, the mobile network operator can provide multiple QoS and latency levels using network slicing.
Enterprise Traffic Optimization
When you map the architecture of the 5G network and the SD-WAN IPsec hub/spoke overlay, you will notice that the flow of packets is not exactly optimized. Hosting the IPSec hubs on the 5G MEC sites could simplify the traffic paths, increasing application performance and latency.
Traffic Offloading at the Edge
Fixed wireless access (FWA) is another beneficial 5G use case that allows the mobile network operator to use 5G to provide fixed broadband instead of costly fiber-to-the-home (FTTH) rollouts. The FWA architecture can offload the internet traffic closer to the end-user, increasing the performance of multi-cloud applications.
The Juniper Advantage
Juniper provides all of the key building blocks to enable the Cloud + 5G + AI transformation through a combination of its own robust portfolio and key strategic partner offerings.
Additionally, we have the most extensive secure SD-WAN solution for the AI-driven enterprise journey providing secure and efficient connectivity, from remote sites to the cloud. Key features that enable the Juniper Contrail SD-WAN solution to deliver a superior experience on 5G include:
- Contrail Service Orchestration, Juniper’s scalable and multitenant SD-WAN controller can be hosted at the enterprise or in the cloud, simplifying the rollout of SD-WAN services by service providers. The Juniper SD-WAN controller (Contrail Service Orchestration) and Mist Wi-Fi Controller are great examples of cloud-first platforms equipped with automated operations and AI.
- The Juniper SD-WAN solution offers a large range of CPEs (SD-WAN spokes, including the SRX Series firewalls or NFX Series Network Services Platform) that can be combined to satisfy the needs of each location. NFX brings edge cloud at the enterprise branch and implements SD-WAN as a virtual function but can also run additional applications to achieve low latency.
- The Juniper SD-WAN solution offers a range of SD-WAN hubs to terminate encrypted IPSec tunnels. The vSRX offers the same features as the physical SRX Series firewalls used in an SD-WAN hub but in a virtualized form factor that can be hosted at the 5G multi-access edge computing (MEC) to optimize the traffic.
- By unifying Juniper’s SD-Branch solution under a common cloud-managed portal and federating management between LAN, WLAN and WAN environments, we have made great progress toward delivering on the ultimate promise of the AI-driven enterprise.
With Juniper Networks’ comprehensive 5G and SD-WAN solutions, service providers will be well equipped to capture all of the benefits of 5G for enterprise branch.
Learn more about our 5G and SD-WAN capabilities in partnership with Vodafone: