How to connect multiple offices

How to connect multiple offices

One complaint I often hear is how the WAN can be a bottleneck to productivity. MPLS circuits can take weeks even months to provision depending on location. All too often, IT directors have told me they need to explain why MPLS circuit delivery is a holdup for branch office going live. At a time where agility is more important than ever to business outcomes, this is an unenviable situation to say the least.

This then begs the question: how do you connect multiple offices rapidly and affordably without sacrificing performance? Cloud-native SD-WAN provides a way to do just that.

Challenges when connecting multiple offices

There are a few common requirements when it comes to connecting multiple offices to the WAN. The connection must be secure, reliable, affordable, and capable of delivering the performance enterprises demand. The competitive nature of modern business also dictates that any solution is agile and scalable enough to meet the needs of an increasingly mobile workforce and allow for rapid onboarding of new sites.

VPN has proven to be a popular solution for site-to-site connectivity. However, as demonstrated in this case study of a software security company expanding to Europe, VPN has a number of downsides that limit its practical applications.

VPN requires onsite IT staff to manage local firewalls, not always practical in the era of WeWork and mobile employees. Complexity also grows with the size of the network, limiting scalability. Mobile VPN clients are either non-existent or too clunky to enable optimized connection for mobile workers. Further, the time it takes to get a physical appliance to a branch office in a foreign country can make VPN impractical for time-sensitive projects. In other cases, teams are so small or mobile that a physical appliance is simply overkill. However, what often makes VPN unusable for the enterprise is the notorious unreliability of the public Internet.

The desire for reliability is why many enterprises have looked to MPLS to connect multiple offices in the past. The problem is that MPLS simply isn’t agile or fast enough for deployments that require rapid onboarding.

In the aforementioned case study, it would’ve taken about 6 weeks to deliver an MPLS circuit, an obvious deal-breaker for a 5-week project. Further, MPLS bandwidth is significantly more expensive than Internet bandwidth, making connecting multiple offices with MPLS expensive. This also makes providing connectivity to small offices impractical. Finally, like VPN, MPLS struggles to provide optimized performance for cloud and mobile users (e.g. the trombone effect).

How to connect multiple offices with Cato

Cato’s cloud-native SD-WAN is able to solve all these problems elegantly. With Cato, the complexity of VPN and lengthy MPLS provisioning times are a thing of the past. Just how much of an improvement is Cato? Check out this video that demonstrates how to connect and provision a Cato Socket in 3 minutes. From there, the “how to connect multiple offices” process is simply rinse-and-repeat.

Not only is this process faster and more scalable than the alternatives, the resulting WAN connectivity performs better and is more secure. Our global private backbone is backed by a 99.999% uptime SLA, includes an integrated security stack, provides end-to-end route optimization for cloud traffic, and delivers WAN connectivity that meets (and often exceeds) MPLS reliability at significantly lower costs.

But what about those sites where an appliance of any kind is impractical? This ADB SAFEGATE case study provides a real-world example of how Cato’s mobile client handled the challenge of deploying all 26 company sites within two months. According to Lars Norling, director of IT operations at ADB SAFEGATE, “the possibility to include everyone within the solution, including all of our traveling colleagues and all of our small offices using the Cato mobile client, has been extremely important to us”.

By creating a software-defined perimeter (SDP), Cato makes it easy to securely connect even a single mobile user via clientless browser access. As SDP is built-in to the Cato Cloud, mobile users are protected by the same policies and packet inspections as on-prem employees and benefit from the same WAN optimization features.

Cato eliminates WAN bottlenecks and makes connecting multiple offices simple

As we have seen, Cato Cloud makes connecting multiple offices simple, fast, and affordable. This enables enterprise WANs to keep up with the speed of modern business, and no longer act as a bottleneck or impediment to progress. If you’d like a demo of the nuts and bolts of the “how to connect multiple offices” process, you’re welcome to contact us today.

For more examples of successful MPLS to SD-WAN migrations, download our free 4 Global Companies who Migrated Away from MPLS eBook. To learn more about the WAN optimization benefits of cloud-native SD-WAN, check out our WAN Optimization and Cloud Connectivity whitepaper.


  • What is SD-WAN?

    Software-defined Wide Area Network (SD-WAN) devices sit in company locations and form an encrypted overlay between themselves across any underlying transport service including MPLS, LTE, and broadband Internet services.

  • What are the benefits of SD-WAN?

    Reduced Bandwidth Costs: MPLS bandwidth is expensive. On a “dollar per bit” basis, MPLS is significantly higher than public Internet bandwidth. Exactly how much more expensive will depend on a number of variables, not the least of which is location. However, the costs of MPLS aren’t just a result of significantly higher bandwidth charges. Provisioning an MPLS link often takes weeks or months, while a comparable SD-WAN deployment can often be completed in days. In business, time is money, and removing the WAN as a bottleneck can be a huge competitive advantage.
    Reliable Network Across the Unreliable Internet: The ability to connect locations with multiple data services running in active/active configurations. Sub-second network failover allows sessions to move to new transports in the event of downtime without disrupting the application.
    Secure Communications: Encrypted connectivity secures traffic in transit across any transport.
    Bandwidth on Demand: The capability to immediately scale bandwidth up or down, so you can ensure that critical applications receive the bandwidth they need when they need it.
    Immediate Site Activation: Bring up a new office in minutes, instead of weeks and months that it takes with MPLS. SD-WAN nodes configure themselves and can use 4G/LTE for instant deployment.

  • What are the key trends driving SD-WAN adoption?

    Enterprises built their networks using legacy carrier services, such a managed MPLS service. These services are expensive, require weeks to months to activate sits, and require waiting for the service provider to make even the simplest of changes.
    SD-WAN offers an escape from that bringing agility and cost efficiencies to IT networking. The SD-WAN connects locations with several Internet connections, aggregating them together with an encrypted overlay. Policies, application-aware routing, and dynamic link assessment in the overlay allow for the optimum use of the underlying Internet connections.
    Ultimately, SD-WAN delivers the right performance and uptime characteristics by taking advantage of the inexpensive public Internet with the security and availability needed by the enterprise.

  • What are the limitations of SD-WAN?

    Lack of a global backbone: SD-WAN appliances sit atop the underlying network infrastructure. This means the need for a performant and reliable network backbone is left unaddressed by SD-WAN appliances alone.
    Lack of advanced security features: SD-WAN appliances help address many modern networking use cases, but don’t help with security requirements. As a result, enterprises often need to manage a patchwork of security and networking appliances from different vendors (Like CASBs) to meet their needs. This in turn leads to increased network cost and complexity as each appliance must be sourced, provisioned, and managed by in-house IT or an MSP.
    No support for the mobile workforce: By design, SD-WAN appliances are built for site-to-site connectivity. Securely connecting mobile users is left unaddressed by SD-WAN appliances.