X

Need cloud computing? Get started now

Akamai logo
+1-8774252624
+1-8774252624
Login
Control Center
Access the Akamai platform
Cloud Manager
Manage your cloud resources
Try Akamai
Under Attack?
Login
Control Center
Access the Akamai platform
Cloud Manager
Manage your cloud resources

SD-WAN Integration: Routing Traffic to Optimize Network Performance

Jim Black

Written by

Jim Black

November 16, 2022

Jim Black

Written by

Jim Black

Jim Black is a Senior Product Marketing Manager in Akamai's Enterprise Security Group. He has spent his entire career in technology, with roles in manufacturing, customer support, business development, product management, public relations, and marketing. 

SD-WAN integration leverages Akamai mapping to automatically route traffic to the nearest Akamai Secure Internet Access Enterprise point of presence to help ensure optimal performance.

In the first blog post in this two-part series, I covered the various ways that you can on-ramp traffic to a cloud-based secure web gateway (SWG), and why having this flexibility allows organizations to handle a work-from-anywhere workforce as well as diverse security use cases. 

Along with these changes in working practices, organizations are rapidly moving from a data center–centric model to software as a service (SaaS) and infrastructure as a service (Iaas) models. Both SaaS and Iaas models dramatically reduce the amount of traffic hairpinning back to data centers and increase traffic sent directly to the public internet. 

Changing traffic patterns

This change in traffic has driven organizations to examine how they re-architect their existing wide area networks (WAN) to cope with this new paradigm. 

In the past, companies used expensive multiprotocol label switching (MPLS) links to connect branch locations to head offices, and all internal application traffic and public internet traffic was sent over these links. Companies then began using the software-defined networking (SDN) and network function virtualization (NFV) technology that was originally used in data centers. 

Today, companies have adopted software-defined wide area network (SD-WAN) technology for the networks that connect organizations — and it’s now the most popular networking technology that is used to reduce their reliance on MPLS.

In this blog, I’ll discuss how SD-WAN integration leverages Akamai mapping to automatically route traffic to the nearest Akamai Secure Internet Access Enterprise point of presence to help ensure optimal performance.

Selecting appropriate connections for each traffic type

Simply put, SD-WAN separates the data and control planes of the wide area network. SD-WAN monitors the performance of the mix of WAN data connections — MPLS, asynchronous transfer mode (ATM), and the internet — and selects the most appropriate connection for each traffic type based on current link performance, cost of the connection, and the needs of the application or service.

Although the reduction in backhauling traffic saves costs and improves WAN performance, it removes the ability to inspect and control traffic and apply security policies at a central location. 

One approach would be to replicate the central security controls at each branch location. However, this is costly and increases management time and complexity. Alternatively, internet traffic from branch or remote locations can be sent to a cloud-based SWG, such as Akamai Secure Internet Access Enterprise. 

Direct integration

Akamai worked with Hewlett Packard Enterprise to integrate its Aruba EdgeConnect SD-WAN solution with Akamai Secure Internet Access. Aruba EdgeConnect now integrates directly with Akamai Secure Internet Access service to provide companies with a secure, high-performance SD-WAN solution for branch locations that use standard broadband internet transport.

Network administrators can identify which specific traffic should be steered to the Akamai Secure Internet Access cloud service by using the Business Intent Overlay policy framework within Aruba Orchestrator. The default policy will forward all internet traffic to and from branch offices and mobile devices to Secure Internet Access. Branches can connect from EdgeConnect nodes to the Akamai cloud service using standards-based IPsec tunnels

Rapid security, optimized performance

This integration allows organizations that are deploying Aruba EdgeConnect SD-WAN to quickly and easily add security to branch locations’ direct-to-internet traffic. In addition, the integration leverages Akamai mapping to automatically route traffic to the nearest Secure Internet Access point of presence to help ensure optimal performance.

Key benefits of integration

The integration between Aruba EdgeConnect SD-WAN solution and Akamai Secure Internet Access also provides companies with a number of benefits, including:

  • Secured direct-to-internet traffic

  • Optimized WAN connections

  • Reduced appliance sprawl, cost, and complexity

  • Rapid, secure deployment

Secure direct-to-internet traffic

You can apply comprehensive security controls to protect direct-to-internet traffic regardless of where the user is located. Akamai’s SWG delivers multiple layers of protection to proactively block malware, ransomware, and phishing, ensuring users and devices can connect safely to the internet.

Optimize WAN connections

You can provide direct internet access for web traffic from branches. This helps eliminate  costly and inefficient backhauling to data centers.

Reduce appliance sprawl, cost, and complexity

EdgeConnect removes the need for additional hardware appliances, such as firewalls, and performs all of the functions of a WAN. Akamai Secure Internet Access is cloud-based, which eliminates the need for on-premises security appliances.

Deploy: rapidly and securely

Installing and commissioning new branch locations is as simple as adding an EdgeConnect appliance and using the automation capabilities of Aruba Orchestrator to automatically provision a pair of IPsec tunnels — primary and backup — to the Akamai cloud.

To learn more

Read more about how SD-WAN integration can automatically route traffic to the nearest Secure Internet Access point of presence to help ensure optimal performance.

Visit us to sign up for a free 60-day trial of Secure Internet Access Enterprise.

Find out more
Jim Black

Written by

Jim Black

November 16, 2022

Jim Black

Written by

Jim Black

Jim Black is a Senior Product Marketing Manager in Akamai's Enterprise Security Group. He has spent his entire career in technology, with roles in manufacturing, customer support, business development, product management, public relations, and marketing. 

Related Blog Posts

Enhanced visibility is essential for maintaining compliance, securing sensitive data, and fostering customer trust.
Enhanced visibility is essential for maintaining compliance, securing sensitive data, and fostering customer trust.

The Secret to Reducing Compliance Risk in Financial Services: Visibility

November 22, 2024
Enhanced visibility is key to managing compliance risk in financial services. Discover how a unified view can improve resilience, protect data, and build trust.
by Steve Winterfeld
Read more
A good bot management strategy will allow you to take action on one specific bot within a category.
A good bot management strategy will allow you to take action on one specific bot within a category.

Managing AI Bots as Part of Your Overall Bot Management Strategy

November 20, 2024
Learn about the potential impacts of AI bots and the importance of having a holistic bot management strategy.
by Ilia Bromberg and Christine Ferrusi Ross
Read more
A primary goal of Zero Trust is to minimize the attack surface — and microsegmentation is key to achieving this.
A primary goal of Zero Trust is to minimize the attack surface — and microsegmentation is key to achieving this.

Segmenting Hybrid Clouds: What to Look for in a Solution

November 19, 2024
Learn how to select a microsegmentation solution to fortify your organization’s cloud security strategies and protect your assets across multiple public clouds.
by Jacob Abrams
Read more