© SidorArt/Shutterstock.
CHAPTER 12
Compliance Within the WAN Domain
THE PURPOSE OF A WIDE AREA NETWORK (WAN) is simply to allow any user in the world to connect to any application in the world. In practical terms, a WAN connects local area networks (LANs) across large geographical areas. The classic example is the home office with a data center needing to be connected to branch locations. This was traditionally achieved by each branch having a dedicated connection back to the home office to connect to the data center. This hub (i.e., the home office) and spoke (i.e., branch offices) is very reliable and has been the main network model deployed for the last 20 years. This hub-and-spoke network model approach is still widely in use today
With the increasing migration of applications to the cloud, a new WAN network model has emerged called software-defined WAN (SD-WAN). The problem is that the old hub-and-spoke network model, while reliable, is not very efficient to serve up Internet applications back to branches. This new network model does not replace the traditional WAN. The SD-WAN model extends the traditional WAN model by taking advantage of the distributed nature of the cloud and using the most efficient route to serve up cloud applications.
This chapter will review the key components of the WAN and SD-WAN network models. This chapter will discuss the trade-off between the models and best practices. Additionally, the chapter will examine how to monitor the WAN environment and what WAN components should be considered as part of an audit such as incident response.