A large retail company solves the vexing complexity inherent in security, cloud resource access, and cloud application performance by going with a cloud-delivered, hosted management and gateway SD-WAN solution. Zscaler security integration became a cinch, VPN tunnels were reduced from 2500 to 5, and application access directly over branch office Internet links to cloud locations was optimized by leveraging cloud-based gateways.
This large retail company with more than 500 Internet-connected sites uses cloud-based UCaaS, Office 365 and other cloud-based resources hosted by Amazon Web Services (AWS).
While Office 365 improved overall employee productivity, this company found that they lost control and visibility of traffic flowing from branch locations directly to cloud-based services. They desired to optimize application performance by steering traffic directly to the SaaS applications—therefore, not to backhaul traffic through the data center—but this impaired network efficiency as there was no longer a head-end performance bookend, the traditional role of the data center, for this cloud-destined traffic.
As the branch office sites were Internet-connected, they wanted to leverage cloud-based security, but found the integration complex and cumbersome to manage—integration with Zscaler required a VPN tunnel from each branch office site to Zscaler to enable cloud security services.
Another byproduct of their desire not to backhaul traffic through the data center was that each traffic flow from a branch site to each of the five AWS instances required a separate VPN tunnel. This created onerous VPN configurations and management: 500 sites, with 5 tunnels for each of the AWS instances results in 2500 tunnels to manage.
A cloud-delivered, hosted management and gateway SD-WAN solution—the orchestrator and controllers are hosted in the cloud, along with leveraging cloudbased gateways already in place to front cloud applications such as UCaaS, Office 365 and AWS-based resources—improved the company’s application performance, significantly simplified their deployment, and enabled them to leverage Zscaler cloud security
Instead of building individual VPN tunnels to Zscaler and each SaaS application, they now only needed to have a single VPN tunnel—automatically established by the cloud-based SD-WAN—from each branch site to the cloud-based SD-WAN gateway. This simplified a 2500-VPN-tunnel configuration down to 5 tunnels.
Traffic on the cloud-delivered SD-WAN is steered directly over the branch offices’ existing Internet connections to the SD-WAN gateways—already in place for the SaaS applications—to meet the company’s goal of not backhauling traffic via the data center. The cloud-based gateways also provide the bookend for optimizing application performance. The gateways act as a bridge between the company’s own network and cloud-hosted resources such as UCaaS, SaaS and AWS (current resources or new ones in the future), including all these pieces into a single, secure, virtual domain controlled by centralized access and security policies.
The hosted SD-WAN management solution delivered simple, one-click access to deploy new sites, to make changes to existing sites, to integrate with Zscaler security, and to add new cloud applications.
Benefits and Results
This company realized the following benefits from choosing a VMware SD-WAN™ solution:
CUSTOMER CASE STUDY (PDF)
At VMware, our customers are the priority. Explore how other companies streamline their WAN infrastructure, realize significant cost-savings, and able to deploy in a matter of minutes.