In recent years, there has been a major shift in data centre strategies. Indeed, enterprise IT organisations are shifting applications and workloads to the cloud, whether private or public. Enterprises are increasingly embracing software-as-a-service (SaaS) applications and infrastructure-as-a-service (IaaS) cloud services. However, this is driving a dramatic shift in enterprise data traffic patterns, as fewer applications are hosted within the walls of the traditional corporate data centre.

The rise of cloud in the enterprise

There are several key drivers for the shift to SaaS and IaaS services with increased business agility often at the top of the list for enterprises. The traditional IT model of connecting users to applications through a centralised data centre is no longer able to keep pace with today’s changing requirements. According to Logic Monitor’s Cloud Vision 2020 report (1), more than 80 percent of enterprise workloads will run in the cloud by 2020, with more than 40 percent running on public cloud platforms.

This major shift in the application consumption model is having a huge impact on organisations and infrastructure. With organisations migrating their applications and IT workloads to public cloud infrastructure, this tells us that the maturity of using public cloud services and the trust that organisations have in them is at an all-time high. Key to this is speed and agility, without compromising performance, security and reliability.

Impact on the network

Traditional, router-centric network architectures were never designed to support today’s cloud consumption model for applications in the most efficient way. With a conventional, router-centric approach, access to applications residing in the cloud means traversing unnecessary hops through the HQ data centre, resulting in wasted bandwidth, additional cost, added latency and potentially higher packet loss.

In addition, with traditional WAN models, management tends to be rigid and complex and network changes can be lengthy, whether setting up new branches or troubleshooting performance issues. This leads to inefficiencies and a costly operational model. Therefore, enterprises greatly benefit from shifting toward a business-first networking model to achieve greater agility and substantial CAPEX and OPEX savings.

As the cloud enables businesses to move faster, software-defined WAN (SD-WAN), where top-down business intent is the driver, is critical to ensuring success – especially when branch offices are geographically distributed globally.

A business-driven network

To tackle the challenges inherent in traditional router-centric models and to support today’s cloud consumption model, companies can embrace a business-driven SD-WAN. This means application policies are defined based on business intent, connecting users securely and directly to applications wherever they reside, without unnecessary extra hops or security compromises.

For instance, if the application is hosted in the cloud and is trusted, a business-driven SD-WAN can automatically connect users to it without backhauling traffic to a POP or HQ data centre. In general, this traffic is usually going across an internet link which, on its own, may not be secure. However, the right SD-WAN platform will have a unified stateful firewall built-in for local internet breakout allowing only branch-initiated sessions to enter the branch and providing the ability to service chain traffic to a cloud-based security service if necessary, before forwarding it to its final destination.

If the application is moved and becomes hosted by another provider, or perhaps back to a company’s own data centre, traffic must be intelligently redirected, wherever the application is being hosted. Without automation and embedded machine learning, dynamic and intelligent traffic steering is impossible.

Ensuring security in the cloud

Securing cloud-first branches is vital and, to do this, they require a robust multi-level approach. This is not least because a traditional device-centric WAN approach for security segmentation requires the time consuming and manual configuration of routers and/or firewalls on a device-by-device and site-by-site basis. This is complex and cumbersome, and it simply cannot scale to 100s or 1,000s of sites.

With SD-WAN, companies can minimise the available attack surface and effectively control who, what, where and when users connect to public cloud applications and services, encompassing the ability to securely connect branch users directly to the cloud.

Enabling business agility

For enterprise IT teams, the goal is to enable business agility and increase operational efficiency. However, traditional router-centric WAN approach doesn’t provide the best quality of experience for IT, as management and ongoing network operations are manual and time consuming, device-centric, cumbersome, error-prone and inefficient. A business-driven SD-WAN centralises the orchestration of business-driven policies, enabling IT to reclaim their nights and weekends.

Depend on the cloud

If a business is global and increasingly dependent on the cloud, a business-driven WAN enables seamless multi-cloud connectivity, turning the network into a business accelerant. Unified security and performance capabilities with automation deliver the highest quality of experience for both users and IT, while lowering overall WAN expenditures. Shifting to this approach will enable business to realise the full transformational promise of the cloud.