chris - Fotolia


Is a hybrid WAN architecture right for you?

Hybrid WANs have a lot of benefits, but make sure you understand how they can work in your organization.

Editor's note: This is the third in a three-part series examining the evolution of the hybrid WAN. This installment describes some of the dos and don'ts when setting up hybrid WAN architectures. Part one examined the benefits of the technology while part two described popular techniques used within the hybrid approach. For additional information, request Robert Sturt's step-by-step MPLS procurement Field Guide.

hybrid WAN benefits are clear. But what are the questions IT should ask before deploying a hybrid WAN architecture?

The principal idea behind hybrid WANs is to present a single circuit that encompasses a variety of connectivity options along with security and performance enhancements tailored to each application. These options -- among them leased lines, public broadband and 3G/4G wireless -- are further cloaked with MPLS, security, firewalls, quality of service (QoS) and other service enhancements.

A hybrid WAN architecture offers organizations a versatile way to transmit their data with the added benefit of rapid provisioning and flexible failover. It can be the best of both worlds, providing enterprises with QoS-enabled connectivity, along with Internet access to public cloud products.

The first step an organization should take when evaluating hybrid WANs is to ensure that whatever approach it decides to deploy meshes with its overall corporate goals. This alignment is incredibly important. Application access is only one component. Your type of business and associated regulations may also determine which hybrid WAN design to pursue. For example, PCI DSS rules may dictate that only a specific type of hybrid WAN can be deployed. If voice and video quality is important, then your hybrid WAN architecture may need to include an MPLS-anchored leased line segment. Other apps -- think customer relationship management -- may be just fine over the public Internet.

A hybrid WAN is well-suited for times when fast activation is required: Broadband and wireless links can be set up within days. That said, as with most WAN-related service provider offerings, don't expect to see your Ethernet circuits right away; today, most providers want between 60 and 100 working days before circuits are provisioned and ready to use.

A hybrid WAN incorporates multiple links.
A hybrid WAN incorporates multiple links.

Managing multiple WAN services

Although a hybrid WAN architecture may consist of multiple links, managing the network is simpler because the platforms are consolidated into a single conduit (or high-availability pair). Common WAN capabilities -- among them WAN acceleration, security and remote user termination -- are all implemented as part of the core hybrid functionality, depending, of course, on the provider's product features.

Keep in mind that hybrid connectivity is based upon a logical separation of traffic -- virtually connected to the provider's resources via virtual leased lines or Layer 3 VPN. How each subsequent virtual LAN (VLAN) is separated and provisioned depends on how many -- and what type of-- links an enterprise uses to build its hybrid WAN. Regardless, it's vital to ensure that each separate VLAN is maintained -- at an interface level -- through to your firewall or security appliance to uphold end-to-end security.

Finally, remember this: To exploit the full potential of hybrid WANs, define critical application performance and security objectives. Earmarking your traffic flows is a critical element of hybrid WAN connectivity. Company-sensitive applications should not share the same logical traffic flow as, say, less secure Internet-delivered traffic.

Next Steps

WAN optimization: What's the best technique?

WAN aggregation takes root

Internet as WAN catching up to MPLS?

Dig Deeper on WAN technologies and services

Unified Communications
Mobile Computing
Data Center