The Sound of the Trombone

June 7, 2015

I love Trombones… in marching bands. Some trombones, however, generate a totally different sound: sighs of angst across networking teams around the world.

The “Trombone Effect” occurs in a network architecture that forces a distributed organization to use a single secure exit point to the Internet. Simply put, network traffic from remote locations and mobile users is being backhauled to the corporate datacenter where it exits to the Internet through the corporate’s security appliances stack. Network responses than flow back through the same stack and travel from the data center to the remote user.

This twisted path, resembling the bent pipes of a trombone, has a negative impact on latency and therefore on the user experience. Why does this compromise exist? If you are located in a remote office, your organization may not be able to afford a stack of security appliances (firewall, web filter etc.) in your office. Affordability is not just a matter of money. Even UTM appliances have policies that need to be managed and if the appliance fails or requires maintenance – someone has to take care of it at that remote location. Mobile users are left unprotected because they are not “behind” the corporate network security stack.

The most recent answer to the Trombone Effect is the use of “regional hubs”. These “mini” data centers host the security stack and shorten the distance between the remote location and a secure exit point to the Internet. While this approach reduces the end user performance impact, the fundamental issue of managing multiple instances of the security stack still remains.

Cato Networks will solve this problem as part of the core design of our network security platform. If you are a victim of the Trombone Effect or Traffic Backhaul drop us a line or join our Beta program.

Yishay Yovel

Yishay Yovel

Yishay directs Cato Networks’ worldwide marketing. Yishay has over 25 years of experience in marketing, defining and deploying enterprise IT software solutions in the areas of security, storage, business continuity and mobile computing.