With the development and improvement of IT information, especially the construction of data centralization, as the terminal node of the network, the position of the WAN branch in the network is becoming more and more important. It is particularly important to build an intelligent, integrated and flexible WAN branch.
Streamlining: only a small number of devices can provide the functions that multiple devices of the traditional branch networks can provide, making the branch network easy to maintain.
Manageable: The network management and maintenance personnel can manage the branch networks in the headquarters through WAN.
Flexible and reliable: It can ensure that branch users achieve reliable data exchange and business access via WAN by the private lines, Internet, 4G, and other modes.
Security: The branch network cannot become a weak link of the whole WAN, and cannot become the entrance of WAN to be illegally invaded.
2 All-In-One Streamlining the branch
Traditional enterprise branches are often deployed with many kinds of network devices, such as routers, switches, 4G Modem, and VPN Gateway. The increasing of network devices not only brings the increasing of deployment cost, but also aggravates the load of maintenance, because different network devices need different maintenance modes and need the support of different equipment manufacturers. In addition, some branches are limited by conditions, and there is not enough space to deploy these network devices reasonably.
Therefore, the best solution is to deploy the integrated device in the branch network exit. Through this device, routing and switching, wired and wireless, and data and security are highly integrated.
l The multi-service router supports 8/24/48 switching interfaces, realizing the integration of routing and switching
l Configure the 4G module on the multi-service router, and you can realize the backup of the WAN link.
l The multi-service router is inbuilt with the MPLS/IPSec/GRE/L2TP rich VPN functions.
l The multi-service router is inbuilt with the 802.1X access authentication function, avoiding the access of the illegal user.
So, deploy a multi-service router in the branch of the enterprise to realize the integration of routing and other network services, so as to reduce the number of network devices, network failure points, the cost of deployment, and maintenance costs.
3 Manageable branches
At present, the mainstream management schemes adopt the traditional SNMP network management platform for centralized management, but the routers of some small branches often adopt dialing (such as xDSL, 4G), and its WAN IP address is not fixed. The traditional SNMP network management mode is not suitable for such application scenarios.
Therefore, the intelligent branch management scheme based on TR-069 has become the ideal choice for the small branch management of the enterprise, and the TR-069 protocol can greatly reduce the maintenance workload. TR-069 supports branch routers to download the version and configuration automatically, realizing the centralized management of the center for all branches. TR-069 supports the rapid deployment of device configuration, simplifying the initial installation and configuration workload.
4 Reliable branches
For the traditional branch, the enterprise sets up E1/MSTP/Metro-E as the master line and also selects the standby link. When the master link fails, switch to the standby link.
At present, the ideal solution is to use 4G standby link. The 4G network can provide higher access bandwidth. When the master link fails, the 4G link can fully carry the branch business.
Meanwhile, the branch network must support good link quality detection ability, that is, when the master link fails, it can switch to the standby link in time. When the master link recovers, it can switch back to the master link in time. Therefore, it is necessary to enable the end-to-end full link detection function on branch routers to monitor the status of the entire link at any time.
4 Secure branches
As a part of WAN, the branch network also needs to provide a scheme to match the whole enterprise WAN security. Otherwise, the branch may become the entrance of the malicious personnel attacking and invading the enterprise WAN, bringing great harm to the security of the whole enterprise WAN.
Theft of confidential information: Deploy IPSec VPN in branches to ensure the security of enterprise data transmission on the public network.
Illegal access of users: Deploy 802.1X access authentication in branches to prevent unauthorized users from accessing the company network.
Remote security management of the device: Deploy the network device that supports the SNMP v3 or TR-069 protocol in branches, realizing the remote security management of the device.
In order to deal with all kinds of business challenges, modern enterprises need intelligent WAN branches to ensure the smooth operation of WAN services. Maipu provides a full range of security routers for enterprise branches, helping customers build an integrated, manageable, flexible, reliable and secure WAN solution.