Multi-protocol label switching (MPLS) is a solid networking technology that has powered enterprise networks for over two decades, connecting remote branch offices that require access to data or applications inhabited in the organization’s data center or headquarters. MPLS held many benefits over IP routing, however, it also became a challenge as the process consumes time and hardware resources, which results in degraded performance, especially for real-time applications. This challenge was further exacerbated during COVID times, which has significantly increased online usage and transactions.
Background
Multi-protocol label switching (MPLS) is a solid networking technology that has powered enterprise networks for over two decades, connecting remote branch offices that require access to data or applications inhabited in the organization’s data center or headquarters. MPLS held many benefits over IP routing, however, it also became a challenge as the process consumes time and hardware resources, which results in degraded performance, especially for real-time applications. This challenge was further exacerbated during COVID times, which has significantly increased online usage and transactions.
Compared to MPLS, Software-defined Wide Area Networks (SD-WAN) can be less expensive, more secure, provide higher performance, and better flexibility. The next phase of SD-WAN is elastic infrastructure and distributed edge access to better support remote branches. SD-WAN solution has the features to not only focus beyond branch connectivity, but also support more complicated access requirements for corporate resources, and provide multiple services in a software stack.
Requirements
Cinema chain enterprises rely on internet connections for a multitude of tasks, including ticketing and payment transactions at each branch site, and centralized management of data flow through the cloud, connecting each branch site to organization headquarters. An Asia-Pacific cinema and entertainment venue operator wanted to reform its network to provide high application performance and reliable access while lowering network costs. Migrating to an SD-WAN architecture was the solution, providing flexible configurations, increasing the network’s scalability, and providing secure optimized connectivity at each site. Lanner collaborated with a leading SASE software provider and regional system integrator to construct a uCPE platform, that meets the following requirements and benefits:
● Multi-Tenancy Structure: The multi-tenant design allows company headquarters to separate and secure each branch site’s network from each other, providing secure optimized connectivity with visible centralized management.
● High Availability (HA): Branch locations are provisioned with dual HA links, which use a combination of MPLS and broadband internet links, in addition to LTE/5G connection as backup connectivity.
● Simplified Management: Securing and simplifying network management by removing the need for a separate server device per location, as the uCPE platform shares a VM environment running Windows-based site services.
● Integrated Network Services: uCPE platform provides integrated network services including routing, switching, security, micro data center, Wi-Fi services
Solutions
Upgrading to the uCPE+SD-WAN network solution resulted in a higher-speed connection with better uptime and high application performance while decreasing operating costs. The SD-WAN solution also increased productivity across the company, reduced bandwidth costs, and increased scalability and security to be future-ready.
The solution was built with an NCA-4010 appliance based at headquarters and NCA-1515B appliances at each movie theater branch. The NCA-4010 is a 1U rackmount network security appliance fueled by Intel® Broadwell-DE SoC to deliver high networking and virtualization performance, large memory, external crypto accelerator, and scalable LAN configurations. The platform offers up to 16 RJ45 GbE ports, dual 10G SFP+ for high bandwidth, and system expansion features. The NCA-1515 is a desktop network appliance powered by Intel® Atom® C3000 (codenamed Deverton) CPU, featuring robust performance, Intel® QuickAssist Technology for cryptographic acceleration, commercial-grade LAN functions, and enhanced LTE/Wi-Fi connectivity.