Skip to content
Be excellent.
  • My Account
  • My Wishlist
Menu
  • My Account
  • My Wishlist
$0.00 Cart
  • Customer Solutions
    • Application & Data Experience
    • End User Experience
    • Security & Risk Mitigation
  • Who We Are
    • Our Commitment to You
    • What Our Clients Say
    • Our Partners
    • Careers
  • Knowledge Base
  • Get in Touch
Menu
  • Customer Solutions
    • Application & Data Experience
    • End User Experience
    • Security & Risk Mitigation
  • Who We Are
    • Our Commitment to You
    • What Our Clients Say
    • Our Partners
    • Careers
  • Knowledge Base
  • Get in Touch
Value Center
WAN Router Lifecycle Strategy
Office of the CIO
Office of the CIO

WAN Router Lifecycle Strategy

  • August 24, 2020
  • From the Experts
  • No Comments
  • Network Architecture and Execution, Network Virtualization, SD-WAN, Security & Risk Mitigation, Strategy

Many businesses are in a cycle where it’s time to replace the majority of their routers. Typically, these routers are the ISR G2 (2900 and 3900 series). These products have been solid, battle-tested and reliable, but are soon end of life – the absolute last date of support is December 2022. If you haven’t already, it’s time to start thinking about the future of your WAN router lifecycle strategy.

First, consider what services your router is running. It’s likely that since your router was first installed (possibly 10 years ago!), the requirements for that device have changed. Common branch router or aggregation router services are:

  • Static Routing
  • Dynamic Routing
  • Site-to-Site VPN
  • Dynamic Multipoint VPN (DMVPN)
  • Network Address Translation (NAT)
  • Voice/Unified Communications
  • Security/Firewall
  • SD-WAN

Does your router need to run the same services it did when it was initially deployed? What additional services are needed? Which can be removed? A common theme we’re seeing is the removal of voice services from the branch router. Also, it’s likely you no longer need a T1 card in your branch router, but you may need LTE or 5G.

Changes in WAN Architecture

There have been many changes in WAN options and architectures, particularly in recently years. Here is a brief overview of what we’re seeing.

SD-WAN

SD-WAN is the most obvious one. It’s likely that SD-WAN will a part of your WAN strategy, but what it is and where it fits depends on a number of factors. Understanding the business needs for connectivity and services will help determine which SD-WAN products to look for.

We already covered the basics of building a strategy around SD-WAN in depth in a previous post. Feel free to dig into it here.

The likes of Cisco, Cisco Meraki, Fortinet, HPE Aruba and Palo Alto Networks have platforms designed for this outcome. Their strategies likely vary slightly. We can help identity fit and build a plan to execution if it helps clear up the space for you.

Network Function Virtualization (NFV)

When virtual routers and firewalls first came out, performance was severely lacking. Thanks to technologies like DPDK and SR-IOV, performance for virtualized routers, firewalls, and other network devices has significantly increased. If you have other services running on x86 hardware at all your sites, consider virtualizing your entire stack. This allows you to separate your hardware and software life cycle and gives you lots of flexibility.

Security

Security is top of mind for everyone. The WAN is an important security choke point and a possible entry point for attackers. As business try to move quickly and embrace IoT, automation, smart buildings, digital transformation, and other buzzwords, more and more devices come online. This can place stress on WAN links and internet head-ends. This also creates a challenge of providing secure access to different constituents at the branch. Also, Secure Access Service Edge, or “SASE,” is gaining momentum for branch connectivity. For your branch WAN, this often means placing a cheaper, less-capable device in the branch and tunneling traffic to a regional hub for firewall-as-a-service and other network security services.

Understanding where security fits into your branch WAN is crucial for a successful deployment and a secure enterprise.

Cloud

As more and more services are delivered from the cloud, the demand for bandwidth only increases. This can impact your branch, WAN, and your data center depending on your network topology. Depending on the business’s cloud adoption, it may drastically improve user experience to have local internet breakout.

Selecting a Course of Action

With changes in business requirements, connectivity options, and WAN architecture options, where do you start? Here are four WAN router lifecycle strategies we’ve seen customers adopt. One of these may be a good fit for you, or maybe it’s a hybrid of multiple.

Business as Usual

Stay the course and upgrade hardware, keeping your architecture and connectivity in place. If this is the right option for your business, we recommend you invest in hardware and tooling that enables next-generation features.

For example, build your WAN on hardware that can later be leveraged for SD-WAN. This may make sense if you need to upgrade your hardware due to equipment end-of-life but aren’t ready for an architecture change. This also may make sense if you need legacy connectivity options, such as a serial WAN interface. Purchasing the right upgrade can prepare your network for SD-WAN without having to embrace it right away.

SD-WAN

Embrace SD-WAN. This is a great option if your business heavily invested in cloud or needs the feature set (dynamic traffic steering, active/active links) of SD-WAN products. This technology is mature and ready for production.

Network Function Virtualization

This is not exclusive of the other options, but an interesting one to consider.

If your business is seeing the move from client to server to edge to cloud and has local compute at all WAN sites, this can be a great way to consolidate hardware and take advantage of a small cluster to provide hardware redundancy to a site. As a result, you can run your firewall and/or SD-WAN appliance on the virtualized infrastructure and have no need for a physical gateway.

Secure Access Service Edge (SASE)

Centralizing your WAN at cloud endpoints or regional hubs to provide security services can be a cost-effective way to provide next-generation security services to the branch without hauling all traffic across the country back to a single (or double) data center. The SASE framework also includes plenty of other technologies and can incorporate all of the above options.

As you navigate all the options for your WAN Router Lifecycle Strategy, it’s often difficult to align the best strategy to your current state. We recognize that people need good help, and we pride ourselves on identifying and aligning these outcomes to your business.

Hit us up in the chat! Give us a call. We are here to help you on your WAN architecture and deployment journey.

 

Share This Post
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Leave a Comment Cancel Reply

Your email address will not be published. Required fields are marked *

PrevPreviousCloud Migration: A Path to the Future
Linkedin Twitter Envelope
Get a Customized Solution

616.202.6518

  • My Account
  • Privacy Policy
  • Terms & Conditions
  • Apply For Credit
  • Careers
  • Contact Us
Menu
  • My Account
  • Privacy Policy
  • Terms & Conditions
  • Apply For Credit
  • Careers
  • Contact Us

Sign Up For The Latest

Sign up for our blog and product updates and receive an instant online coupon code.

© 2021 Elevate Technology Partners LLC. Designed & Developed by Kynda.
Apply For Credit
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsAccept
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.