Over the last few decades, with every improvement, upgrade or optimisation technology has undergone, the networks that connect them have also been evolving.
With time, these and other technologies were absorbed into enterprise architecture through the consumerisation of business technology. And it’s these staggered, iterative, rapid changes that have created the complex corporate infrastructure and networks we use today.
Lets look at how it all started…
The data centre shift
Enterprise networks began with data centre focused, wide area network (WAN) architecture. So, the network was just the office branches and the data centres which held their applications. There was a time when some of these applications even sat in a desktop in an office, where the business users would connect to it.
But as the network got bigger, and requirements got more sophisticated, applications eventually moved into data centres. With data centres, businesses had dedicated compute capacity, security and network bandwidth. Users (employees) simply went into the office to connect to these resources, and this was considered state of the art up until around 15 – 20 years ago.
Rise of VPNS and the first remote workers
By the 90s, enterprises were using virtual private networks (VPN) or MPLS networks to connect to their data centres. As the VPN encrypted the connection and there was no direct connection to the internet at the time, it was a secure method of protecting organizations. It also meant that, without changing the overarching architecture, some users could now work from home. They would need to install VPN software on their home desktop or use a laptop with it pre-installed to have access to the business network and applications. For these remote working pioneers, the experience of working from home was usually plagued by errors, and troubleshooting with IT was troublesome.
Because connectivity requirements for remote users were not that sophisticated at the time, this worked. Essentially, if you logged into the VPN from home, you would appear to be in the office. And everything connected to the office network was trusted, as network security was a much simpler problem. However, that would change with the emergence of cloud computing.
The rise of SaaS and the inefficiencies of private wan
By the turn of the millennium, we begin to see the start of the shift away from corporate data centres, which were based on a CAPEX (capital expenditure) funding model. Vendors began offering applications ‘as a service’ from the cloud, where you pay what you consume and communicate.
As IT teams became leaner and more efficient, many realised this Software as a Service (SaaS) consumption-based model was much more flexible as well as they absolved enterprises from having to spend funds on building and maintaining on-premise data centres. However, now the process of connecting to enterprise apps wasn’t as convenient as it used to be. The data centre-architecture was now inefficient as applications were no longer being hosted on the business’ data centre, but on that of the vendors. So, network traffic was now taking much longer, and often unnecessary routes. For example, if you worked in San Francisco for a company that was headquartered in New York. To access your company’s CRM app, your connection would have to go from San Francisco to New York, then up into the internet to access your vendor’s data centre, which may be based in the same region as your office (San Francisco). These long roundtrips began leading to poor user experiences, with more delays and errors such as timeouts. And with time, the bandwidth that went from office to the data centres started to get choked by increased bandwidth required by modern graphical user interface.
Businesses needed to breakout of this framework of long, inefficient network routes if they wanted to improve the working experience of their employees. And that’s exactly what they did.
The internet breakout
To get around these choked networks, businesses started using local internet breakouts as a way to connect straight to the internet. With an internet connection at branches that linked enterprise users directly to the internet, it meant shorter routes for network traffic and a better user experience when accessing cloud-hosted applications.
At first, most of the traffic still went through the data center, even if employees were using SaaS applications. That’s because at the time, only a handful of the business apps – such as CRMs or HR apps – were consumed as SaaS by enterprises. However, the turning point started when software companies decided to stop selling desktop versions of their apps altogether. An example is Microsoft which changed its product offering into Office 365, which was cloud first and viewed desktop clients secondary.
These sorts of decisions changed the scale of business networking needs dramatically.
Enterprises that previously only needed to manage an internet breakout from their data centre for maybe a fifth of their users were now having to do it for 80 – 100% of their users. The current architecture simply wasn’t sustainable for this way of working. It meant businesses had to put in more direct internet connections, increasing their complexity levels as they started needing to manage multiple connections at each branch.
More worrying however, was the fact that those branches now connected the business directly to the internet, which meant businesses had to focus more resources on cybersecurity. In the past, no one outside the organization could access the business network unless they somehow got in through the private network, which, along with the IP address, simply wasn’t available outside the organization.
But this had all changed and it was getting more and more complicated to secure and configure all business’ networks.
SD-WAN to the rescue
With hybrid network at branches, the configuration of each branch router became a more complex task. This also meant every time there was a change in policy, the arduous work of reconfiguring them had to happen again.
With the introduction of SD-WAN, that configuration was moved to a centralized cloud controller, so businesses had the ability to apply different configurations to routers based on an individual branch’s needs. So, say a business had hundreds of branches and 98% of them were regular internet branches, with a few data centers. With SD-WAN, a business could apply different network profiles to its different branches to optimize the user experience of employees.
The profiles were standardized as templates, making them a lot easier and faster to reconfigure branches. And with time, secured SD-WAN solutions with firewall features were introduced in a bid to further reduce complexity.
And that’s where we were until about three years ago.
We now need to look at the network developments that took us through to the present day of en masse remote working and look at some of the networking developments the future holds like intent-based networking.