Wednesday, 25 March 2020 18:44

How to rapidly support a distributed workforce

By Adam Fuoss, Silver Peak

GUEST CONTRIBUTION* by Adam Fuoss, vice president technical sales Silver Peak: As Australian businesses adapt to the changing dynamics of Novel Coronavirus (COVID-19), the unprecedented shift toward remote working is creating a mass exodus of employees out of branch offices into their homes. Employees are quickly having to adapt to communicating and collaborating in new ways to maintain business productivity.

This shift is creating an entirely new set of challenges for many IT departments. In particular, connecting a distributed, remote workforce to business-enabling applications and services residing in the data centre and the cloud. Some users require access to VoIP systems, virtual desktops and video conferencing that require fast and highly reliable network connections.

As this new reality sets in, businesses are quickly figuring out how to best meet these changing organisational goals. A company that had 50 branch offices yesterday must now grapple with the idea that every user and their home network is a new branch they have to support, representing an exponential increase in the number of sites overnight.

It’s important to have an architecture that allows both non-SD-WAN and SD-WAN users to connect to applications and services remotely. These users have a shared set of requirements:

  • Reliable access to on-network applications (data centre and IaaS)
  • Secure and direct access to cloud services (SaaS)
  • Some have unique requirements of real-time applications such as voice, video and virtual desktop infrastructure (VDI).
  • Others require additional performance for high-throughput applications such as software development, large data applications and medical imaging.

Given the need to rapidly deploy, the architecture must have the ability to heavily leverage software and cloud computing wherever possible.

Connecting remote users

As more employees are sent home, businesses need to find a way to rapidly connect them back into the network and to applications. This is arguably the most difficult element of the architecture.

Many enterprises can simply leverage client-based software for connections to existing security infrastructure. For users that require additional reliability or performance, however, additional mechanisms of performance and reliability can be used. This might be for call centre technicians, users who upload and download large files or VDI users who stream their remote desktop.

There are two general architectures under the client software approach. The first is to deploy a client-based VPN and a series of geographically distributed concentrators. Cloud providers such as Amazon Web Services and Microsoft Azure offer client-based VPN solutions, and technology vendors such as Check Point Software or Palo Alto Networks offer remote access VPN solutions that may work with existing enterprise infrastructure.

The second option is to leverage cloud-based enforcement nodes and application connectors, through cloud-delivered security services like Zscaler ZPA.

In both remote connectivity scenarios, the focus is squarely on the security of both the user and the application. There are, however, a subset of users that may need a higher degree of performance and reliability not offered by these approaches.

For those users who require a higher quality connection, are pushing big workloads or need additional visibility and security, an SD-WAN edge platform can be leveraged at the home office. This enables services such as local internet breakout, QoS, path conditioning (packet loss and out-of-order packet correction), WAN optimisation, segmentation and a variety of other features, to be applied for a higher quality application experience.

In addition, IT administrators can centrally manage and delegate policies across the entire SD-WAN fabric. Remote and home users can realise the same or better quality of experience than they do working in the branch office.

Configuring regional cloud hubs and data centres

There can be performance limitations introduced when forcing many users into distant, overloaded VPNs. By building out a geographically distributed VPN infrastructure that leverages existing data centres or cloud services, businesses can connect users to the network as locally as possible.

Localising the user’s connectivity to the network provides the absolute best last-mile experience, while connecting them into a high quality, service-provider grade network. This also reduces the risk of overloading circuits by forcing everyone into the same location.

Once users are connected into a localised hub through VPN or SD-WAN, they can leverage the security, reliability, and performance features of an SD-WAN. A virtual or physical appliance can be deployed to manage policy and connectivity across the rest of network. As users try to access resources in data centres or branch offices, cloud hosted IaaS services or SaaS-based services such as Office365, they do so across a highly reliable and secure SD-WAN fabric.

Connectivity is easily established and policy simply delegated through the use of business intent overlays. Mission critical applications can be prioritised and protected, routing to SaaS services can easily be optimised and cloud-delivered security services can easily be added.

SD-WAN provides easy mechanisms for connecting branch users into the network and provides an easy mechanism for connecting them globally, without sacrificing performance or reliability.

Reliable access for users

While many of these problems aren’t new, businesses normally have more time to prepare for remote users to be incrementally added. Providing the same applications, services and reliable experience to thousands of users in their home offices in such a short period of time represents a herculean effort.

The cloud, combined with SD-WAN, provides an easy way to build a WAN that provides reliable access for users anywhere.

About the author

* Adam Fuoss is vice president of Technical Sales at Silver Peak. He has more than 15 years of experience working with customers and partners on server, storage, cloud, virtualisation and networking solutions. For more information, visit:


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.




Recent Comments