ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells


Secure Branch Routing: Business Not As Usual

By Tony Rybczynski


Enterprises differ in the business role of remote sites. Some are customer-centric, while others are employee-centric; some are highly dependent on the head office; while others are more autonomous. In either case, your branch/remote office networking solution may have been established in preparation for Y2K and it may be time for a refresh. At the same time, new levels of security are required, traffic has increased and VoIP has become a reality. What should you do?

The Implications of IP Telephony on the WAN
IP telephony is not just another application on IP. IP telephony cannot tolerate packet loss, since there is no time to retransmit. End-to-end Quality of Service is required to ensure delays are kept below 150msec delay so that the interactive nature of human communications is not impacted. WAN bandwidth needs to be engineered appropriately with as much as 80Kbps required per voice call and typically 100200Kbps for desktop video. Service management capabilities are needed to provide proactive voice quality management solving quality problems before the user reports them. Security mechanisms need to be made aware of multimedia protocols and not introduce performance impairments that will affect the user quality of experience.

Unfortunately, branch routers that have evolved from a multi-protocol best effort data networking world may not be able to deliver the functionality, security, and performance required, or may significantly degrade in capacity when faced with voice traffic. But we are getting ahead of ourselves.

Branch and Remote Office Converged Branch Options
In looking to renew your branch and remote office environment, you need to consider whether your operation is more aligned with loosely versus tightly coupled operation with respect to the head office and the corporate data center. Tightly coupled branches rely on most intelligence being in the data center, including Internet firewalls and VPN (define - news -alerts) gateways for remote employee access, contact center servers, and even centralized IP Telephony servers. Because of increased centralization, WAN reliability is particularly critical, driving the need for multi-link technologies over the last mile and route diversity.

Loosely coupled remote offices interoperate with the head office but are generally more independent, including on-site provisioning of contact centers, unified messaging, and Internet firewalls.

Technology Considerations
General purpose Swiss army knife branch routers may not be well suited to meet reliability and performance needs of voice and multimedia. The fact that the packetization processes for voice, aimed at minimizing latency, create very short IP packets is a significant challenge for these routers, particularly when various security mechanisms, such as firewalls, VPNs, and Access Control Lists are activated. In fact, in most router architectures, turning on security functions and handling short voice packets results in a drop of up to 80 percent in packet handling capacity. Independent Tolly Group testing has demonstrated that secure router products, which incorporate routing, VPN and firewall functionality, can excel at the low-latency, small packet throughput demanded by real-time voice and multimedia applications. In fact, they showed these as capable of delivering two to seven times the throughput of equivalent routers from the leading router vendor, even when running integrated VPN acceleration, secure dynamic routing and stateful packet inspection.

Business Considerations
There are a number of procurement strategies you can follow. You can go with a single vendor for your branch and regional/HQ sites. There are two major proven vendors that can deliver end-to-end converged networks: Cisco and Nortel. Alternatively, you can go with one vendor for your branch network and another for your backbone/core network. Multivendor data networks are the norm across the Internet, and have been implemented in many enterprise networks, leveraging Ethernet and IP networking standards. Risk can be minimized by maintaining your backbone/core and going with a best in class solution at the edge of the network. Key criteria include WAN optimization and reliability capabilities (including multilink) and rigorous routing standards compliance; the ability to minimize latency and maximize throughput for (short) voice packets, while delivering wire-speed layered defense functionality; simplified installation and configuration, and centralized operations, a critical factor for remote sites; and the vendors ability to deliver rich telephony features without compromise, while providing evolution at your own pace to multimedia collaboration and mobility.

CXOs are faced with three high level business realities that represent key challenges in branch and remote office renewal.

The rules of the game have changed: meeting regulatory compliance and security requirements are table stakes.

Time to X is the key metric: reducing time to decision, time to service and time to revenues is the path to the real-time enterprise.

You have to do more with less: too much money and resources on day-to-day operation!

Blindly sticking to a single vendor without considering alternatives is not responsible action, particularly given security vulnerabilities and high costs associated with some vendors router products. CXOs should carefully evaluate the roadmap to convergence in their environments, the new requirements that convergence brings to their branch networks, and vendor partnerships for maximum competitive advantage. IT

Tony Rybczynski is Director of Strategic Enterprise Technologies at Nortel. He has over 30 years experience in the application of packet network technology. Phil Edholm is the Nortel CTO & VP Network Architecture - Enterprise and is responsible for vision and architectural directions. For more information, please visit (news - alerts).

If you are interested in purchasing reprints of this article (in either print or PDF format), please visit Reprint Management Services online at or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.

Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas