Cloud Web Security For Branch Offices Without Data Backhaul
Branch office Internet access is typically secured by routing all data through private and expensive connections to centrally hosted web gateway appliances. This is slow, inefficient, expensive and worst of all does not scale as bandwidth consumption continues to increase. Use iboss cloud to secure branch offices directly in the cloud, eliminating the need to back-haul data resulting in increased Internet speeds and substantially reduced costs.
Back-hauling traffic to centrally hosted on-prem Secure Web Gateway appliances is more expensive than you might think. At the core, purchasing, installing, hosting and managing the appliances becomes exponentially expensive as bandwidth demands continue to increase from mobile users and branch offices.
Bandwidth consumption will continue to increase as the use of cloud applications continues to rise and bandwidth availability in quantity is available at commodity prices for mobile users. As bandwidth increases, the need for bigger and more expensive appliances becomes a necessity which leads to a vicious cycle of increasing costs.
The cost of premium bandwidth at the data center also increases costs dramatically as more data is back-hauled from mobile users and remote offices to the data center which requires purchasing more bandwidth at the data center to support it.
As connectivity moves into the terabit era, the amount of gear and bandwidth that will be required will be cost prohibitive. Moving to iboss cloud alleviates this burden by eliminating the data center footprint needed for web gateway appliances and reducing the amount of data center bandwidth from back-hauled data from mobile users and remote branch offices.
- Users Go Mobile
Desktops change to laptops and users are no longer in the network perimeter.
- Encrypted Traffic
Unencrypted traffic shifts to encrypted HTTPS traffic due to mobility.
- Cloud Applications and Files
Applications move from servers to SaaS, and data & files move to online storage & access.
- Bandwidth Explosion
Increased bandwidth usage due to remote users accessing remote cloud data needed for productivity.
- Security Moves to Cloud
Data Center network security moves to the cloud where the users, applications, and data live.
Data from branch offices is secured by sending data from the branch offices to iboss cloud before heading out to the Internet. As the traffic traverses the iboss cloud, the data is scanned to apply web filtering, prevent malware, detect infections and prevent data loss. There are several ways to redirect data to the cloud from branch offices. Popular methods include configuring devices to use proxy settings with SAML authentication, leveraging light-weight iboss cloud agents, DNS or configuring GRE or IPSec tunnels to send data to iboss cloud for protection.
Securing branch office connectivity directly in the cloud eliminates the need to send the data to centrally hosted web gateway appliances. This increases speed and productivity at remote offices as well as reduces costs by drastically reducing the bandwidth needed at the data center as well as eliminating the web gateway appliances. In addition, the load on private links including MPLS and SDWAN is substantially reduced as unnecessary back-haul from Internet bound data no longer traverses those connections and instead is routed directly through iboss cloud. As bandwidth consumption increases at the branch locations, the cloud automatically scales to handle the load without requiring IT resources or extra expenditures on web gateway appliances or the labor needed to deploy them.
The costs incurred from hosting web gateway appliances in central data centers includes more than just the cost of the web gateway appliances and the recurring costs incurred at the data centers to host them. The labor costs incurred from managing the web gateway appliances, patching them and managing the infrastructure is not only a direct cost but results in lost time that could be used providing other valuable IT services for the company.
Back hauling traffic from remote offices to centrally located secure web gateway appliances results in bottlenecks and costs which will continue to rise. As the need to access cloud applications increases by employees at branch offices, the amount of bandwidth consumed by the branch offices also increases. Typically with a hub-and-spoke model, traffic from branch offices is back hauled to centrally hosted web gateway appliances. In this model, productivity in branch offices decreases due to the inability to access cloud resources with speed due to the bandwidth choke-point created at the central data center where the web gateway appliances are located.
Securing branch offices in remote regions where bandwidth is limited or latency is a concern can also be achieved with ease by leveraging the iboss cloud which provides cloud gateway capacity near the office. This increases performance dramatically and provides the flexibility IT teams need to provide secure connectivity.