If you have ever been responsible for a network with multiple branch locations, the idea of a “branch in a box” is probably something you have given some thought to. You might have called it by a different name, but generally the concept is pretty common. The goal being to create a standardized deployment model that reduces cost, effort, time, and mistakes when you are required to add, move, or change a branch location’s infrastructure. On paper it seems like a fairly straight forward endeavor, but in reality the end product is usually more complex and error prone than we would hope for.
Why is the branch in a box concept challenging?
Considerations like procurement, shipping, configuration templates, and physical deployment all need to be addressed and managed through process and procedure. All of these considerations have their own challenges and not getting them exactly right either adds complexity or points of failure to a deployment.
A good example is the configuration of the devices. If your branches are truly repeatable, you likely have standard configuration templates on hand with just a couple of variables that make the branch unique (IP addresses, VLANs, naming, etc.). If a member of your engineering staff isn’t going to be on site for the deployment, you need to consider how you are going to get the configurations on to the equipment. Some resellers offer a service to pre-load a configuration on a device before shipping, but what happens if you have multiple vendors? What if your vendor doesn’t offer those services? Do you ship the equipment to yourself first, configure it, and then send it off (incurring extra cost/time) or do you trust a less experienced technician to load pre-built configurations on the equipment once it arrives on site?
Is Branch-in-a-Box Easier? And What Does This Have To Do with SD-WAN?
If you’ve read this far you’re probably wondering why I’m talking about branch network deployment models in a Tech Talk about Riverbed’s SD-WAN product line. Take a second to think about what SD-WAN is promising from a deployment and management perspective. True zero touch hardware deployments with centralized configuration and policy enforcement for all WAN devices. Now picture this deployment model extended, beyond the WAN router, and applied to the switching and wireless networking components of your branch networks.
The concept isn’t far fetched as cloud management of switching and wireless devices is a quickly growing market, especially in businesses with many remote office locations. It makes perfect sense if you work in retail, medical, banking or any other line of business that could have hundreds or thousands of branches, all managed by centralized or regional IT staff.
It’s an intriguing idea, combining SD-WAN with cloud managed LAN services, and it has some potential benefits that go beyond what you could do if the branch LAN and SD-WAN portions of your network are managed separately. I see the biggest benefit being unified policy enforcement all the way down to the client. More specifically, being able to enforce isolation of regulated information (PCI, HIPAA) all the way to the client device whether it is wired or wireless. Or possibly isolating guest wireless access or kiosk style machines from your corporate network to keep your business critical assets safe. It’s not that any of this is new conceptually, but being able to enforce such policies globally from a centralized controller will be appealing to many.
How does Riverbed fit in?
If you’ve been following this tech-talk series on Riverbed’s SD-WAN solutions, you will know that one of the key things that has happened recently was their acquisition of an SD-WAN focused company named Ocedo. Ocedo brought several unique components to the SD-WAN space, one of which is the combined management of the WAN and branch LAN under one controller interface. You can fully expect that Riverbed will be rolling this functionality into their platform as it clearly is a differentiator from a large majority of the other SD-WAN options on the market.
Final Thoughts
The very idea of centralized control of a WAN network is both exciting and disruptive to a large portion of the market. That being said, for many organizations the benefits of centralized control, consistent configuration, zero touch deployment, and deep levels of visibility aren’t likely to end at the WAN edge. The industry has already proven that there is a demand for cloud managed LAN infrastructure and I’m confident that same market segment is going to have significant interest in a platform that can provide a high level of intelligence all the way down to the branch access layer. While Riverbed hasn’t been overly public about the integration of technology gained through their acquisition of Ocedo, it would be pretty safe to believe that this hybrid SD-WAN/branch LAN approach is the direction they are heading. If a zero-touch “branch in a box” is something that sounds appealing to your organization, Riverbed may just be a company to keep an eye on.
Jordan Martin is a Principal Consultant of datacenter technologies based out of eastern Pennsylvania. His blog can be found at http://www.JordanMartin.net/ and followed on Twitter as @BCJordo.
This post is part of the Riverbed SD-WAN Tech Talk series. For more information on this topic, please see the rest of the series HERE. To learn more about Riverbed’s SD-WAN solutions, please visit http://Riverbed.com/sdwan.