Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
Larger organizations will more likely go the BGP route because many are using the protocol already. The Radware and F5 products are designed for smaller organizations that don't want to deal with the difficulties and costs of peering with the Internet. Our recommendation: If you are running BGP and have trudged over the protocol's learning curve, your best bet is to use a BGP-based route optimizer. If you are primarily looking for redundancy or just don't want to get involved in BGP, a DNS-based product will fill the bill while doing a better job of optimizing users' experience on your internal network. The disadvantage of the DNS-based devices is that you will have to use NAT, which can add its own problems for some applications (see a rundown of NAT foibles).
No matter which type you choose, these products will improve the user experience only if one of your providers' networks has noticeably better performance. Another factor to consider is ensuring that your ISPs have diverse routes through the Internet. You need to perform due diligence up front, and this is where the BGP-based products can help: In our tests, they were best at providing detailed reports and summaries about the overall performance of each ISP. This information could be used to justify switching to a better-performing ISP; to recover money for failure to honor an SLA (service-level agreement); to negotiate a better deal with a current provider; or to audition a prospective ISP via the device's monitoring features. You'll be able to see what traffic would be switched on or off the provider's network based on performance. To get the optimal balance between performance and cost among multiple ISPs, a BGP-based optimizer is your best bet.
The biggest problem with BGP is that, by default, it does not necessarily route traffic down the best-performing path. Instead, BGP chooses routes based on the number of networks--as defined by ASNs (Autonomous System Numbers)--that will be traversed. This limitation can be overcome because BGP comes with a lot of knobs that you can fiddle with to tune it--if you have the chops. It would mean manual intervention from a highly skilled network engineer for every network that needs improvement.
There's another problem that a route optimizer can fix: the feedback loop. Say customers in Chicago are experiencing dismal bandwidth on your site. It could be hours, or even days, before the problem is reported and addressed. By then you may have lost business. In our tests, all the products were able to beat this lag, rerouting traffic down a better path within a few minutes with no manual intervention, ensuring that the best-performing route is always utilized.
We'll admit that there are probably a few resourceful, BGP-literate network engineers who have put together slick PERL scripts to automate some of these tasks, but we wouldn't want to be the ones to make sense of the scripts if these gurus ever left the company. And, unless you have a BGP savant, it's unlikely that any home-grown utility will be as good as a route optimizer.
One disadvantage we found with the BGP-based route optimizers is that they were able to reroute traffic only as it left our private network, not on the return path. Although it is possible to manage both ends of a transaction with BGP-based devices, it takes a long time to propagate changes across the Internet. And, since it requires updates to all the Internet's routing tables every time you make a change, we don't recommend going down this road very often. As a result, BGP-based products are best suited for networks that are serving data to the greater Internet, such as Web servers, because they will optimize the path that most of the data will take. A BGP device may provide a slight improvement for those inside the network because their requests to external networks will be optimized, but their return data will not be--that is, unless the site with which they are communicating is using a similar product. Which brings us to one popular application for these products: site-to-site VPNs. By installing one route optimizer at each company location, the Internet can be used with much greater confidence to transport critical data reliably.
From infrastructure to app delivery, from data to applications, it’s past time to modernize your practices, processes, and providers to ensure you’re able to take advantage of AI and whatever comes next.
What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.
A full-stack approach to retail edge offers retailers a way to optimize operations and adapt to changes in a post-pandemic world.
