As organizations implement remote work at scale, a lot of organizations that sized their firewall based on how many branches they have, and not on how many users might need to log in remotely, are facing severe issues related to scalability. Fortunately, FortiGate customers have been able to leverage its inherent scalability due to its use of custom security processors to provide more VPN connections – both connections per second and concurrent connections – than any comparable solution.
Connectivity alone, however, isn’t enough. Even for those organizations that have managed to scale out SSL or IPSec VPN connections from remote workers to the core network, getting business-critical applications to run the way they need to be is still a challenge.
Application traffic that used to run over the high-performance internal LAN is now having to utilize the scarce bandwidth resources of WAN connectivity. For example, the use of video conferencing is so high right now that remote user experience is often severely degraded. This means that all of those connections between remote workers and the core network through a free VPN connection also need to be balanced and managed. And critical applications – whether on the local network or in the cloud – need to be prioritized, which is precisely the sort of challenge that SD-WAN was designed to address.
The problem starts with the limitations of many home networks. Most of those networks need to support a variety of devices and technologies, often because there is more than one adult who needs to work at home. At the same time, there may be children participating in distance learning, interacting with their peers through social media or gaming systems, or want to stream entertainment.
Under most circumstances, a home network can support having a user participate in a video conference. But when multiple people need to use the same video application at the same time – especially if one or more of them needs to, for example, also have screen sharing on – performance can degrade rapidly. Working with an ISP to upgrade available bandwidth is a possible workaround. But even then, application prioritization remains critical.
This challenge is especially difficult for remote super users in an organization. They may be systems administrators remotely managing segments of the network, help desk personnel who need to troubleshoot the devices of remote workers or executives who need real-time access to large volumes of data. Their ability to do their jobs – responsibilities that other workers rely on – can be especially impacted by poor application performance due to limited bandwidth.
In these circumstances, a small desktop FortiGate appliance can be a powerful solution for managing limited bandwidth while optimizing and prioritizing application use. A desktop FortiGate solution includes SD-WAN and built-in LTE by default, so when a video conferencing app starts to experience packet loss and jitter because another device on the home network is consuming bandwidth, it can detect that the connection is degrading and automatically switch to the built-in LTE connection to ensure application integrity. The same functionality is available for thousands of SaaS applications, from Office 365, to Salesforce, to cloud-based storage.
These powerful desktop devices can also provide reliable, high-performance WiFi connectivity for wireless devices, enabling them to be isolated from the open home network. And they also support and secure voice traffic, enabling super users to have full access to all of the phone services they rely on for their jobs through a softphone application – all supported by an extra path of LTE connectivity to ensure application continuity. And their centralized management function allows administrators to fine-tune security, connectivity, and application performance so changes can be made on-the-fly based on a variety of parameters.
Once we emerge from this crisis, things may not ever return to the way they were. Some users may insist on the option of working from home, at least on occasion. Many organizations will appreciate the flexibility of a workforce that can respond to business demands, whether on-premise or at home. And the teams tasked with BCDR will need to consider that providing remote workers with sufficient remote access technology needs to be part of their business continuity and disaster recovery plans. And for many of those workers, VPN access alone will not be enough. There is a known business impact in not having the right level of performance or application availability, especially for specific users.
The critical advantage of extending SD-WAN functionality to individual teleworkers, especially super users, is not only that they can enjoy on-demand remote access, but dynamically scalable performance regardless of their local network availability. And when others in the organization rely on these individuals to do their jobs quickly and efficiently, SD-WAN functionality can make all the difference.
Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.
Read more about how FortiGate Secure SD-WAN helped Fortinet optimize network performance in this case study.