Zero Trust Network Access (ZTNA)

Moving to a New Network Topology: Cloud Area Networks

Current corporate network topologies – LANs (Local Area Networks) in main offices and branches, connected by WANs (Wide Area Networks) – have been left behind by the cloud revolution. Cloud Area Networks (CANs) provide a new architecture tailored to the realities of how companies run today – a reality in which everyone expects to connect to any app, data or coworker instantly, easily and securely.

First, a little history

In the beginning, there was the Wide Area Network (WAN). The very first WAN was created by the US Air Force in the late 1950s. Its purpose was to connect sites that were part of the Semi-Automatic Ground Environment (SAGE) radar defense system. The network was based on phone lines that connected the sites with both modems and phone connections.

Local Area Networks (LANs) were created in the late 1960s to provide high speed connections between computer systems on a single campus.

The development of personal computers in the late 1970s and early 1980s and their widespread adoption spurred a drive to connect all these devices, resulting in rapid evolution of WANs and LANs.

As corporations increasingly networked their offices with LANs, they were also seeking ways to connect between different offices – a need that WANs answered. This demand, in turn, drove evolution of WAN technologies that reduced cost, including Frame Relay, ATM (Asynchronous Transfer Mode) and MPLS (Multi-Protocol Label Switching). But the basic topology remained the same: Each office had a LAN which was connected to other offices and headquarters via a WAN.

SD-WANs (Software Defined-WANs)

Initially, internet speed and reliability were far too low for businesses to consider it as a way to connect their offices. For decades after the internet became an indisputable fact of corporate life, WANs, typically powered by MPLS, continued to be the dominant means to connect branch offices with each other and headquarters.

SD-WANs, which were first introduced in 2009, use software to define links that allow organizations to seamlessly switch communications between different technologies, including leased lines, MPLS, and the public internet, as needs dictated.  With much-improved internet speeds and reliability, many SD-WANs today have done away with older and more costly technologies and rely solely on the public internet. To ensure that performance and reliability commitments are met, they leverage multiple connections with different ISPs (Internet Service Providers).

SD-WANs have greatly reduced networking costs, but the LAN and SD-WAN combination is still not up to the challenges of today’s complex IT environment – one in which users working from the office, from home or from virtually anywhere else need quick, reliable access to resources that may be located on premises in private or public clouds.

Problems with WANs and LANs and VPNs

Legacy networking approaches were based on the assumption that corporate data resources reside on on-premises servers, and are accessed by users who work in a company’s offices, with occasional remote users connecting from the road via VPN. This model has been on its way out for over a decade, and the COVID pandemic finished it off: Remote work has gone from an occasional need to completely mainstream, and the evolution of SaaS apps and cloud-based services has rendered traditional network structures obsolete.

Remote workers must be able to securely and reliably access cloud-based apps, yet their home internet connections (or worse yet, public WiFi) are rarely secure. They could use a VPN to connect to the nearest local office, then route over the WAN to a central server for authentication. However, such a setup is highly insecure, complex, introduces latency and delays, and has multiple points of failure.

Introducing the Cloud Area Network

Of course, there’s a better way – it just requires thinking about the challenge from a different perspective, rather than trying to adapt old models to a reality that is entirely new. Using the internet as your corporate network, each person or device can be a node, with a permanent, location-agnostic IP address. With this cloud-based approach, cybersecurity is no longer dependent on backhauling internet traffic to central servers. Network connectivity is now paired with cybersecurity and managed in the cloud, with policy-based controls, malware scanning, data loss prevention (DLP) and more applied in real time, as traffic’s enroute.

Conclusion

The increasing importance of cloud-based apps and vast growth in remote work have combined to make this the right time to move to a new cloud-native approach to networking – one that integrates a state-of-the-art, Zero Trust approach to cybersecurity that enables users, wherever they are, to access the data and apps that they need, wherever they are.

To learn how you can implement this exciting new Cloud Area Networking approach for your business, download our white paper, “The Cloud Area Network Reinvents LANs for an All-Local World.”

Gerry Grealish

Gerry Grealish

Chief Marketing Officer | Ericom Software
Gerry is a security industry veteran, bringing over 20 years of Marketing and product experience in cybersecurity and related technologies. Responsible for marketing and business development, Gerry previously was at Symantec, where he was responsible for the go-to-market activities for the company’s Network Security portfolio. Prior to Symantec, Gerry was at Blue Coat, which he joined as part of Blue Coat’s acquisition of venture-backed CASB innovator, Perspecsys, where he was CMO.