Home Sponsored Announcements Next-generation branch office architecture resolves remote issues

Next-generation branch office architecture resolves remote issues

The challenges of running a branch office continue to escalate, since it is neither efficient nor cost effective to maintain IT staff and resources at every location. Yet a significant percentage of offices require local compute, storage and networking resources to meet business needs.

Attempts deliver the ‘lean’ branch office have either resorted to public cloud services that might fail to meet IT requirements for control and security; or appliance vendors trying to integrate branch functions into expensive, proprietary shared infrastructure platforms that package the physical infrastructure – server and storage – with the requisite IT software.

These all-in-one appliances appear to provide competent solutions, but often offer limited feature innovation, restrict software choice and lock the buyer into a future of costly hardware upgrades.

Time for a vendor rethink: and at least one data acceleration provider has developed a more promising branch office architecture that leverages developments in server architectures and virtualisation to lower costs and improve agility. This next-generation branch office architecture is designed for rapid deployment and extreme adaptability that can accommodate all types of business requirements.

Branch issues

Although remote offices differ, certain challenges are common to most environments:

         Need for increased resource costs of the branch compute, storage, and networking infrastructure.

         Protracted provisioning time as IT delivers, configures and installs equipment before the branch becomes operational.

         Branch survivability as WAN infrastructure failure can cause branch office failure.

         High management and maintenance costs, given the lack of IT expertise on-site.

         Limited data protection and security, as effective safeguards may be lacking.

         Data restoration may take far too long, particularly for tape-based backup.

         Delivering physical appliances may be expensive and time-consuming, particularly for overseas or remote locations.

In attempting to address these issues, some vendors have consolidated infrastructure functions into their appliances, or into WAN optimisation hardware. Such approaches can simplify network deployments, but often rely on proprietary technology that can double the cost of comparable off-the-shelf servers, or triple costs if high availability (HA) is included.

Next generation architecture

While the theoretical benefits of an integrated appliance remain sound, often the execution has been flawed – until now. Next-generation branch architecture avoids these problems by separating the underlying hardware from the software and leveraging advances in virtualisation and branch server designs. Organisations gain a cost-effective, powerful deployment architecture that allows the continued use of existing tools and software.  

Central to this strategy are shared infrastructure platforms from server vendors that combine all the core branch office services - compute, storage and networking - in a single, integrated unit. These branch office platforms leverage the manufacturing and production expertise of server providers to lower costs, giving IT exceptional manageability and value without sacrificing agility.  Specific branch office and data components in this architecture include following:

Hardware – The new architecture is platform independent, allowing a range of hardware implementation. A shared infrastructure platform provides the ideal hardware platform, simplifying deployment and management, but a next-generation branch can also leverage the advances in virtualisation that allow a conventional server to run most if not all of a branch office’s functions. Available local storage may be delivered inexpensively through a virtual SAN, and server uptime achieved through an HA server cluster.

Hypervisor - All branch software will run on a hypervisor: VMware vSphere, Microsoft Hyper-V or KVM. Host and infrastructure management continues to be performed via the same native tools that exist in the data centre, e.g. VMware vCentre.

Data Protection - Virtual data protection software, such as VMware vCentre Site Recovery Manager (SRM), Veeam Backup and Replication, and Zero Virtual Replication, allows IT to backup and restore branch office locations easily if disaster strikes. Restores can be achieved randomly, so offices can resume work in minutes, not hours, after an event.

Perimeter Security – Distributed firewalls, from vendors such as Cisco, Juniper, Palo Alto Networks or Dell-SonicWall, allow IT to secure branch network access. A centralised platform provides the necessary security policy management and control.

Thin and Zero Clients - For maximum control and security at the desktop, IT can use virtual desktop infrastructure (VDI) such as Citrix XenApp, Dell Wyse Thin Clients, Windows RDP, and VMware Horizon View.

Connecting the branch

Data acceleration technology, including Silver Peak’s software, addresses the core performance, availability and security challenges of delivering services to the branch. Three factors determine the performance of services over the WAN: latency, congestion and bandwidth:

         Latency is mitigated by streamlining the protocols underlying enterprise applications. TCP applications are improved through window scaling, HighSpeed TCP, and other technologies. Windows file-sharing and other CIFS-based applications are improved using technologies such as, CIFS read-ahead and CIFS write-behind.

         Congestion is overcome by dynamically choosing the least-congested path to a location for an application. Lost or out-of-order packets are recovered and re-sequenced in real time, avoiding retransmission delays. Traffic shaping and QoS mechanisms ensure that applications including voice, data protection and thin clients receive the necessary bandwidth.

         Bandwidth usage is minimised with real-time, byte-level deduplication. Data acceleration software in each location inspects, compresses and stores a single local copy of all outgoing traffic in real time. Subsequent instances of the traffic are delivered from the local data accelerator instance rather than the WAN, saving bandwidth.

While WAN optimisation technology addresses network availability by balancing traffic across multiple connections, data acceleration software dynamically assesses the paths between locations, selecting the path most closely matching the application’s availability, loss and latency characteristics.

Real time intelligence monitors paths for increases in packet loss or latency, and can switch traffic to an alternative line before a failure occurs. Seek a vendor that provides accelerated IPSec, which protects data through virtual private network (VPN) tunnels between locations.

Management costs may be reduced and deployment cycles shortened by using the shared infrastructure platform to consolidate all branch office storage, networking and compute requirements in one device. A consolidated architecture, such as the Dell VRTX, gives IT remote management and control of the infrastructure.

Branch resources run within the shared infrastructure platform as virtual machines on a standard hypervisor, and IT can enforce best practices while still locating critical resources at the branch. The hypervisor management platform can be used for automating server maintenance tasks and monitoring resources. These remote management capabilities minimise the need to troubleshoot remote servers and desktops in person.

The consolidated branch

Deployment specifics will vary with requirements. While full resource consolidation may be tech­nically possible, it’s not always feasible. Where compute cycles must be located in the branch, organisations can use conventional servers, though they can reduce management costs and shorten deployment cycles by using shared infrastructure platforms.

Branch resources run within in the servers or shared infrastructure platform as virtual machines on a standard hypervisor. This way IT can enforce best practices while still locating critical resources at the branch. The hypervisor management platform can be used for automating server maintenance tasks and monitoring resources. These remote management capabilities minimise the need to troubleshoot remote servers and desktops in person.

A virtual data protection engine assures data protection, allowing IT to backup and replicate data in the background to the data centre. IT can then restore the data in minutes or even seconds in the event of an outage, and can even provide users with specific versions of lost files. Since the data is replicated to the data centre, best practices can include off-site storage and making double or even triplicate copies of files.

Network security is ensured on multiple levels. A distributed firewall, such as Palo Alto Networks’ VM series or a Dell Son­icWall SRA virtual appliance, secures the branch office from external attack. An IPSec VPN, included in Palo Alto’s VM series or Silver Peak’s VX or VRX software, allows for secure transmission of all data back to the data centre. Email services and security technologies such as anti-virus and malware protection are still provided through the data centre.

For more information

David Frost,

PR Deadlines, for Silver Peak.

+61.2.4314 5021




Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?