Answering the Top Questions About SASE Asked by IT Professionals
Companies evaluating which SD-WAN approach is best for them will have to decide between deploying an Over the Top (OTT) SD-WAN or having their SD-WAN bundled with the underlying network. The decision certainly has a big impact on SD-WAN’s complexity, performance, and affordability.
The benefits of OTT SD-WAN
OTT SD-WAN is any SD-WAN that operates over third-party network services. Those might be MPLS services or Internet last-mile services, such as DSL, cable, and 4G. SD-WAN appliances always use an OTT approach unless bundled with a network.
The biggest benefit to OTT SD-WAN is the flexibility to select the network provider. Enterprises to can choose whichever ISP or network provider has the best performance for a given location. Where resiliency is a concern, companies can easily work with multiple ISPs to dual-home and diversely route circuits for maximum uptime.
The drawbacks of OTT SD-WAN
SD-WAN performance across global connections very much depends on the performance of the underlying connectivity. The latency introduced by the long distances of global connections is only exacerbated when traversing the Internet core with its unpredictable and often poor Internet routing. The problem is in the way providers are interconnected and with how global routes are mismanaged—and this is something that is totally out of the control of the OTT SD-WAN provider, the ISPs of the underlying network, and of course, the customer. (Read This is Why the Internet is Broken: a Technical Perspective to learn more.)
Long latencies of Internet routing can be quite problematic for applications like voice, video and unified communications. The unpredictable performance poses problems delivering acceptable, professional-grade communications.
There are other issues with OTT SD-WAN solutions as well. OTT SD-WAN solutions use of appliances makes them better suited for connecting sites than other enterprise resources. Mobile users are beyond the scope of OTT SD-WAN but even cloud connectivity poses problems, requiring the installation of an SD-WAN appliance in or near the cloud datacenter or cloud application. All too often, though, there isn’t a simple location to install such a device. Connecting the cloud into an OTT SD-WAN not only increases costs (an additional appliance) but design complexity. Enterprises must find or lease the premise to place the SD-WAN appliance near the cloud application instance, and do that for every critical application.
Is Cato an OTT SD-WAN?
Cato Networks affords the last-mile flexibility of OTT solutions and the performance of managed underlay infrastructure.
Cato SD-WAN devices, Cato Sockets, sit in each location, automatically establishing encrypted tunnels across available Internet connection to the nearest Cato Point of Presence (PoP). Companies are free to use any available last-mile service.
Cato Sockets include the technology to overcome last-mile problems that might arise running across third-party last-mile networks. Packet Loss Compensation techniques compensate for and eliminate last-mile packet loss. Enhanced Link Capacity and Resiliency allows enterprises to run multiple last-mile lines in parallel (active/active mode), increasing capacity and last-mile availability. Should a line fail (blackout) or slow down (brownout), Cato can automatically route traffic to the alternate line, avoiding the problem.
Managed backbone performance
At the same time, Cato uses its own global, SLA-backed affordable backbone to address the limitations of the Internet core. Cato PoPs are connected by a global, privately managed backbone built across affordable, SLA-backed IP capacity across multiple carriers. Cato PoPs select the optimum path for every packet, routing traffic across the Cato Cloud Network to the PoP nearest to the final destination.
By keeping the traffic on the Cato backbone, packet loss is minimized and latency can be guaranteed between global locations. During its testing, Paysafe found latency between Cambridge and Montreal to be 45% less with Cato Cloud than with the public Internet. Cato performance was so good it was nearly identical to that of MPLS — at a fraction of the cost.
And low latency and packet loss aren’t the only benefits of running across the Cato Cloud Network. Built-in optimization techniques dramatically improve data throughput beyond. Stratoscale, for example, saw throughput jump by 8x when file transfers moved from the Internet to the Cato Cloud Network.
Flexibility to connect cloud resources and mobile users — easily
With a global backbone of PoPs, connecting cloud resources and mobile users also becomes far easier. Traffic to Salesforce.com, Office 365, or cloud data centers, such as Amazon AWS and Microsoft Azure, will exit at the PoP closest to these services, in many cases within the same datacenter hosting both the PoP and the cloud service instance. This is a dramatic improvement over the unpredictable public Internet utilized by OTT SD-WANs. Similarly, Mobile users run mobile client on their device and automatically connect to closest Cato PoP.
Overall, we believe the Cato approach provides the best of both worlds. Fold in our converged security stack and ability to support cloud resources and mobile users, and we believe the advantages of Cato’s SD-WAN are clear. But don’t take our word for it, read what real customers have to say.