There was a time when companies such as Blackberry and Nokia made the coolest portable communication devices on the market. Then, one day, everything changed. Apple’s iPhone reinvented the way mobile phones were viewed, and rival vendors who didn’t adapt didn’t survive.
Other established technologies have met a similar fate: from laptops to data centers, SSDs have replaced hard drives. The cathode ray tube, adorning living rooms and offices for nearly 60 years, has been replaced by larger, thinner, lighter and brighter LED flat panel displays.
It’s a form of technological Darwinism and it’s not just devices that are going extinct, the survival of the fittest extends to software as well. And as far as natural selection goes, surely the next one to go has to be the virtual private network (VPN). Yes, VPNs are more popular than ever, but so were Nokia and Blackberry phones, until something better happened.
In the beginning…
Dating back to 1996 and attributed to Microsoft, VPNs deploy tunneling technology that enables a reasonably secure form of network connectivity that has been widely adopted by telecommuters and privacy-conscious Internet users. Additionally, VPNs can wear a number of different hats, and for private browsing purposes, most will connect to a service that uses a different IP address to anonymize your online activity.
This may work for some, but has its quirks. Often, the alternate IP address will suggest that you are in a different geographic location, causing web pages to appear in foreign languages. Also, the bank now thinks you’re a hacker if you try to access your account online. Just disable the VPN for certain tasks, and you’ll be fine – maybe.
Widely used in corporate environments, VPNs enable a range of services, from remote desktop access to linking to offsite disaster recovery facilities. For remote desktop services, many companies will rely on the public internet for connectivity and configure VPN access for each user. Even if enterprise sysadmins are good at onboarding users, VPN faults are hard to trace, and the public internet has a lot of its own quirks, with latency being a big headache.
Aimed at businesses, MPLS (Multi-Protocol Label Switching) is an alternative network that is certainly more efficient and consistent than the public Internet. Developed in the mid-1990s, with initial deployments appearing around the same time as early VPNs, MPLS provides a level of transparency that allows a corporate WAN to be accessible from multiple locations and frequently involves specific VPNs to MPLS. To minimize congestion and maintain high bandwidth performance, MPLS eschews the public Internet and instead relies on dedicated private lines for connectivity. As such, provisioning is expensive and can take some time.
Additionally, global deployments will need to rely on multiple vendors to enable an end-to-end MPLS network, which can lead to service and security issues that really shouldn’t be tackled by such an expensive infrastructure solution. . Additionally, as enterprises increasingly use cloud-based services, traffic inefficiencies are introduced due to the hub and spoke network model based on MPLS.
As for the alternatives, maybe a Software Defined Wide Area Network (SD-WAN) is the solution? While SD-WAN potentially reduces costs by using the public Internet, the trade-off is that it cannot offer the performance guarantees of a dedicated MPLS network. That said, SD-WAN is more of a management service, which can combine multiple networking technologies, including MPLS. SD-WAN is described as a software “overlay”. In contrast, MPLS, with its hardware infrastructure, is an “underlay”. In its hybrid configurations, SD-WAN can help overcome some of the aforementioned traffic inefficiencies of link performance overhead for tasks such as accessing cloud services. However, when it comes to remote users and operations, access through a VPN is strictly.
In summary, software management of different network protocols still relies on legacy VPN technology to connect users and internet connectivity for SD-WAN to control the entire network, which still results in latency. SD-WAN’s capabilities may be well suited to enterprises with a diverse network infrastructure, but, in striving to be global, SD-WAN requires considerable technical expertise and comes at a price point beyond the reach of many enterprises with more modest needs.
The app that kills
If networking were to really evolve, it would exceed these constraints of cost and complexity, but what would it look like? Ideally, it would work invisibly and securely no matter where you are. The experience would be identical to using the office local area network (LAN), allowing access to the same resources but with consistent performance and minimal latency, all possible using its unique overlay over the public internet. Remote users would be part of a Virtual Wide Area Network (VEN) with end-to-end encryption and protected by standard LAN security protocols, both protecting the network and securing device endpoints.
Virtual WAN can be viewed here as an evolutionary step in software-defined networking (SDN) technology, which was previously confined to LAN environments. Scalable, affordable, easy to configure, and available for enterprise or as a managed cloud option, users’ computers or mobiles would simply need a lightweight background application to connect. Even global facilities could easily connect and behave as one, with reduced costs to link to disaster recovery sites configured for failover switching being one of many additional capabilities.
In fact, the Virtual Wide Area Network exists – designed and developed in the UK, Darwin’s homeland. VPNs are destined to become a dying breed; networking has evolved and natural selection is already developing in the wild. The origin of this species lies in industrial, educational and associative circles. And very recently, a quantum encryption option for intelligence services and financial institutions has emerged, part of the evolution of the virtual wide area network.
David Sweet, CEO of iQuila