Challenges when connecting multiple offices
There are a few common requirements when it comes to connecting multiple offices to the WAN. The connection must be secure, reliable, affordable, and capable of delivering the performance enterprises demand. The competitive nature of modern business also dictates that any solution is agile and scalable enough to meet the needs of an increasingly mobile workforce and allow for rapid onboarding of new sites.
VPN has proven to be a popular solution for site-to-site connectivity. However, as demonstrated in this case study of a software security company expanding to Europe, VPN has a number of downsides that limit its practical applications.
VPN requires onsite IT staff to manage local firewalls, not always practical in the era of WeWork and mobile employees. Complexity also grows with the size of the network, limiting scalability. Mobile VPN clients are either non-existent or too clunky to enable optimized connection for mobile workers. Further, the time it takes to get a physical appliance to a branch office in a foreign country can make VPN impractical for time-sensitive projects. In other cases, teams are so small or mobile that a physical appliance is simply overkill. However, what often makes VPN unusable for the enterprise is the notorious unreliability of the public Internet.
The desire for reliability is why many enterprises have looked to MPLS to connect multiple offices in the past. The problem is that MPLS simply isn’t agile or fast enough for deployments that require rapid onboarding.
In the aforementioned case study, it would’ve taken about 6 weeks to deliver an MPLS circuit, an obvious deal-breaker for a 5-week project. Further, MPLS bandwidth is significantly more expensive than Internet bandwidth, making connecting multiple offices with MPLS expensive. This also makes providing connectivity to small offices impractical. Finally, like VPN, MPLS struggles to provide optimized performance for cloud and mobile users (e.g. the trombone effect).