Security Automation Soars to Top of Agenda

A surge in cyber-threats and the administrative burden involved in staying on top of data security management is putting pressure on enterprise IT departments that cannot afford to risk a serious data breach, reputational damage and operational disruption.

Faced with an ongoing cybersecurity skills shortage, organizations need a different approach to security provision unrestricted by manual processes – one that reduces their dependence on hard-pressed humans by harnessing automation, machine learning, artificial intelligence, predictive analytics and other innovative technologies to help identify, filter, neutralize and remediate cyber-threats before they have a chance to do significant harm.

By integrating orchestration processes, automation, incident management and collaboration, visualization and reporting under a single interface, SOAR can give security operations center (SoC) staff a faster, more accurate way to process large volumes of data produced by cybersecurity systems and help identify and remediate attacks which may be imminent or underway.

Mixed state of SOAR readiness

In its Innovation Insight for Security Orchestration, Automation and Response report published in November last year, Gartner forecasts that by the end of 2020, 15% of organizations with a security team larger than five people will use SOAR tools, up from an estimated 1% in 2017.

The scale and rate of that adoption suggests two things: firstly that many businesses may be unprepared for the security management challenges they face, and secondly that awareness of SOAR and the benefits it can bring is still limited.

Any gap in education can lead to expensive mistakes when it comes to product procurement decisions which are invariably difficult and costly to rectify. So, it’s important that IT departments don’t rush into any implementation without taking a good look at their existing security architecture and processes and carefully consider where SOAR can work alongside them to help SoC analysts ease their cybersecurity workloads.

In many cases, IT departments remain unclear on what security processes can or should be automated for example, and which of their current security applications and systems lend themselves to the type of orchestration that SOAR enables – if existing tools from different vendors cannot be integrated efficiently using mechanisms like application programming interfaces (APIs), the quality of the data and recommendations being shared can be compromised and the ability to act fast on accurate intelligence diminished.

Steps to SOAR success

  1. An audit of existing security infrastructure should be a priority, including defences which routinely span on- and off-premise systems hosted in public, private and hybrid clouds, as well as fixed and mobile devices in distributed branch office environments.
  2. All systems should be properly assessed for SOAR readiness, and any opportunity to consolidate security systems to weed out extraneous security information that does not help with threat identification and remediation should be thoroughly explored.
  3. Additional filters can also be applied to further reduce the background noise that often distracts analysts from the real danger.
  4. IT departments should specify key performance metrics that frame what they want to achieve in terms of dwell and detection to containment times to make sure threats are neutralized before they have a chance to spread into other systems.
  5. Those KPIS should be aligned closely with in-house security analyst resources and skill sets, to give current staff the best tools and training to meet requirements.
  6. Organizations without in-house security analysts should consider outsourcing cybersecurity monitoring and management functions to managed security service providers (MSSPs) that use suitable SOAR tools able to integrate with on-premise security systems to maximize threat detection and remediation.

Conclusion

With so many different security tools and applications needed to protect large volumes of data, people and devices wherever they may reside, the cascade of logs and alerts analysts have to wade through to identify the priorities for their attention is only set to amplify.

Equally there remains a real danger that the benefits of machine learning and artificial intelligence when applied to cybersecurity automation and orchestration will be overstated unless IT departments are realistic about what can be achieved and where their weaknesses lie.

It is important to remember that while greater orchestration and automation can shoulder some of the burden currently carried by security analysts, it cannot replace them completely. At the end of the day, well-educated competent professionals will still be necessary, but their time can be optimized if machines take on some of the legwork.

Expereo named in the May 2018 Gartner Market Guide for Managed SD-WAN Services

Expereo has been named as one of 15 “Non-NSP Providers” of SD-WAN Managed Services in the latest Gartner “Market Guide for Managed SD-WAN Services”, published on 31 May 2018 by analysts Ted Corbett, Neil Rickard, Katja Ruud, Bjarne Munch, Danellie Young, Gaspar Valdivia and Mike Toussaint.

Non-NSPs include providers such as system integrators (SIs), value-added resellers (VARs) and managed network service (MNS) providers. These either partner with OEMs or are OEMs themselves, or both. These providers may also employ PoPs, but do not own WAN transport facilities.

Gartner recommendations

Enterprise leaders who are responsible for accelerating enterprise infrastructure innovation and agility should employ SD-WAN Managed Services to:

1) Optimize network expenses for digital business initiatives, reallocate key personnel and improve operations performance by adopting managed SD-WAN services.

2) Increase enterprise agility, performance and expense optimization by including both NSPs and non-NSPs in your managed SD-WAN services RFPs, and then align all provider proposals with your business objectives.

3) Get the most complete solution possible for your managed SD-WAN service needs by opening your RFP to include ancillary network functions (such as security and WAN optimization) and alternative platforms to SD-WAN-only appliances.

According to the report, “Managed SD-WAN services can improve operations performance and reduce an enterprise’s need to grow internal capabilities. This is because the managed SD-WAN service provider becomes the SPOC for monitoring, reporting, and incident and change management of the SD-WAN product, as well as all WAN transport, inclusive of access path diversity. This, in turn, allows the enterprise’s internal resources to focus on higher objectives.”

The report goes on to state, “For example, non-NSP providers allow enterprises to more easily change underlying WAN transport providers (e.g., for expense optimization or performance reasons) without changing the managed SD-WAN services. In contrast, NSP managed SD-WAN services increase enterprise dependency on the primary WAN transport provider’s operations, making it more difficult to change or maintain leverage in WAN transport price negotiations. NSPs are unlikely to continue to provide the managed SD-WAN service and, absent any WAN transport service revenue, may lose interest, resulting in diminished support. Whether the service is delivered by an NSP or a non-NSP, enterprises should analyse provider proposals and align these with their business objectives for achieving greater agility, operations performance and expense optimization.”

Read the research in full here (access to this document requires the appropriate Gartner subscription)

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Expereo has been named in March 2018 Gartner research

Expereo has been named in March 2018 Gartner research: “How to Choose the Right Level of Agility for Your Next Global Enterprise WAN” written by Bjarne Munch and Neil Rickard.

Key takeaways from the research:

• By 2020, approximately 10% of global enterprise WANs will use the internet as their only WAN service, which is an increase from fewer than 2% today.
• By 2020, more than 70% of global enterprise WANs will use a combination of MPLS/Ethernet and the internet in a hybrid WAN, which is an increase from the Gartner estimate of 50% today.
• The advent of software-defined WAN (SD-WAN) has led to increased enterprise interest in using public internet services for WAN connectivity, rather than MPLS or Ethernet.
• Enterprise I&O leaders should use only the public internet for global WAN, if they source this through an aggregator or a provider that can manage all local relationships.
• Avoid using consumer-grade internet services for interactive applications or business-critical applications. Instead, prioritize business-grade internet.

Read the research in full here (requires the appropriate Gartner subscription) or contact Expereo and bring agility to your WAN!

Expereo and SecureOps partner to deliver specialist SD-WAN security

Today Expereo, global provider of managed internet network, accelerated cloud access and SD-WAN solutions, announces a new strategic partnership with information security services company SecureOps.

SecureOps brings two decades of network security experience as a Managed Security Service Provider (MSSP) to Expereo’s XDN portfolio. SecureOps’ comprehensive suite of on-premise and cloud-based security services will empower multinational customers to securely operate internet-centric networks, deploy SD-WANs, and move to the cloud with confidence.

SecureOps and Expereo

Expereo and SecureOps have signed a strategic partnership to provide total network security for today’s business-critical digital landscape. As enterprises move to the internet and SD-WAN, many find that complex manual processes plus a lack of resources and skills prevents them from effectively keeping pace with the current security landscape. Expereo and SecureOps’ joint solution alleviates these challenges when adopting an internet-centric enterprise network and cloud access strategy.

Irwin Fouwels, Expereo CEO, comments:

“With SecureOps we bring a complete security suite to the Expereo XDN portfolio. We now offer our global SD-WAN solutions bundled with full managed security, enabling the multinational enterprise to deliver on its cloud strategy and deploy SD-WAN with confidence.”


Loren Goldig, SecureOps CEO & President, comments:

“Network security in 2018 must be adaptable. You can’t throw in firewalls and walk away; security needs are as complex and diverse as the businesses themselves. Today’s solutions must exactly meet the specific needs of each individual company. Working in strategic partnership with Expereo, our ability to deliver these tailored solutions is enhanced by Expereo’s commercial go-to-market and agile global delivery capability.”

The security offering

The Expereo and SecureOps strategic partnership for security and network service management is enhanced by vulnerability lifecycle management services. Enterprises will be able to easily integrate SecureOps’ flexible MSSP services into their network, bolstering Expereo connectivity with robust security. Expereo will offer the following Managed Security services:

 Security infrastructure management Secured, monitored internet break-out services via on-premises devices or secure cloud gateways across a number of security offerings, including security information and event management (SIEM), firewall management for SD-WAN, intrusion defense and prevention systems (IDS and IPS), universal threat managers (UTM) and more.

  • Threat monitoring and response Dedicated, 24/7 triage and incident handling and customer environment monitoring for potential threats, powered by a multi-layer detection process.
  • Vulnerability lifecycle management Enterprise WAN vulnerability management. Proactive scanning and analysis of customer infrastructure for threat determination and reporting, backed by assessment and remediation.

In addition, customers will also receive access to security consultancy services such as security audits, customer requirement facilitation, host protection and more.


About SecureOps

SecureOps is a high-end information security services provider and member of the Information Security Forum (ISF) with two decades of experience. The team offers specialist knowledge related to security and security-related networking technology.

SecureOps has built its global services on personalised solutions, preferring turnkey approaches to an off-the-shelf, one-size-fits-all approach. SecureOps will work directly with Expereo customers to understand their needs and deliver specialist security solutions tailored to their specific requirements. Customers can choose and deploy a suite of solutions that will sit under one accessible management framework specifically relevant to their organization.

SecureOps and Expereo are uniquely positioned to collaborate given their commitment to a customer-centric approach, cutting-edge technology, global capability, and agile customer deployment expertise.

9 reasons to reconsider MPLS

For two decades, Multiprotocol Label Switching (MPLS) has stood as the go-to solution for enterprises in need of stable connectivity. MPLS providers currently serve a market worth in excess of $30billion – despite a lack of innovation in the area. Why?

What is MPLS?

MPLS is a layer 2 communication switching protocol that relies on compact switching labels to relay payload to the next hop, as opposed to the layer 3 IP addressing used in common IP-routing protocol. Essentially, MPLS allows a router to place a ‘label’ on packets of internet traffic, each label explaining where the information needs to go next. A decade or so ago, this meant a reduction in processing time at each router – a speed augmentation that was welcomed by big business.

MPLS was originally designed to offer a stable, dependable connection – and it did, for a time. Yet the fact remains that MPLS no longer meets all the requirements of today’s enterprises working to an unprecedented global scale.

Today, when large businesses look to connect branch offices with company headquarters, there are a number of things they should consider about MPLS before continuing to rely entirely on this connectivity solution.

Here are nine reasons why enterprises should reconsider MPLS and instead shift to a hybrid or internet-centric network, particularly to support the move to cloud and if they are considering solutions such as SD-WAN.

  1. MPLS takes a long time to deploy

MPLS providers will always be able to guide customers through any implementation process. However, the reality with MPLS is that most deployments can take a number of months, or longer, in some cases. The process isn’t exactly easy and implementations can sometimes be extremely complex. For remote or international locations, deployment can take in excess of a year. For example, MPLS services must be deployed to a single customer premises before it can be installed in the next. This creates substantial lag time before the next branch can be up and running.

  1. It’s expensive

It may be hard to put a price on the productivity customers enjoy using either MPLS or SD-WAN, but the former is inarguably no longer cost competitive with the latter. And this isn’t even counting the additional costs (e.g. WAN optimisation hardware) associated with MPLS contracts.

In most cases, internet connectivity is also cheaper than MPLS with higher bandwidth speeds easily available. For example, we generally see savings of between 30 – 40% when moving from MPLS to internet, and in terms of speed, higher bandwidth connections are more and more common. We see demand growing substantially for dedicated internet access 500Mb/1Gb/2Gb connections, and more requests for 10Gb. Higher bandwidths on MPLS are harder to achieve and you’ll need routers and circuits that cost a significant portion of your IT budget.

  1. It’s Ineffective for small or remote sites

Remote international sites may find MPLS is not available, or prohibitively expensive. With many major enterprises operating numerous branch locations across the globe and expanding into new territories through mergers and acquisitions, this can be unacceptable in today’s digital landscape.

  1. MPLS does not allow internet traffic to be routed locally

As layer 3 routing is required for traffic to travel externally, packets in and out of the MPLS network are routed through the gateway at the service provider core, rather than locally. Even web traffic and traffic to the public cloud has to go through expensive circuits, just to connect. It all adds up to more cost and a less efficient user experience.

  1. Lower performance with MPLS

A single network connection, static Class of Service (CoS) settings, and the inability to easily throttle low-priority traffic or use the fastest route (rather than the predetermined route) can all add up to a sub-par user experience. As you may have guessed, these are limitations in MPLS, and business today doesn’t want to put up with these limits anymore.

  1. There’s limited uptime

Not all MPLS providers offer a failover to a secondary internet connection if the primary connection is compromised – and almost none have a tertiary option. Even when moving to a secondary connection, the switch is not typically instantaneous. Whichever way you look at it, MPLS does not offer a seamless connection.

  1. MPLS requires the same service provider across the network

It’s a shocking truth, but it is mandatory that the same MPLS service provider operates across all locations in your network. And, as we’re all well aware, switching provider is no easy task. In this context, MPLS severely limits your options for growth and relocation. It’s an all-or-nothing relationship with MPLS. A single service provider and single transport also means a single point of failure…

  1. Security is a bigger issue with MPLS

MPLS lacks built-in data protection and can expose your network to vulnerabilities if it isn’t configured correctly. It can open you up to attack, and isn’t as safe as some providers would have you believe. MPLS security may also become worryingly obsolete or, at least, increasingly complicated and expensive thanks to the capability of SD-WAN to provide, among other things, Centralized Security Policy Management.

  1. MPLS has limited bandwidth and long lead times

Not only are bandwidth upgrades extremely costly, they aren’t always possible. Long installation and upgrade lead times also make MPLS restrictive and inefficient.

What’s the solution?

In the 20 years MPLS has existed, a raft of progress has very much changed the online landscape. In the 90s, mission-critical applications were not in the cloud, and users were not accessing corporate applications from mobile devices. MPLS was an adequate workaround for yesterday’s challenges but not today’s.

The WAN is being revolutionised by enterprise’s growing adoption of cloud and SaaS services, which are largely public internet based. This is where using MPLS can put you at a disadvantage. Knowledge-based, cloud-fueled, global, and mobile enterprises demand a high performance, agile, application-agnostic, quick to deploy, affordable to own, and managed network solution.

SD-WAN – ultimate networking

SD-WAN (Software-Defined Wide Area Network) presents a new, flexible and exciting option for those looking for an alternative to MPLS-based networking, or a hybrid network configuration.

This differs by providing multiple high-bandwidth connections simultaneously, or by utilising a combination of MPLS and internet. These are cost-effective, and can be aggregated to allow for faster connections. This aggregation can include WAN connections to a single site, and, by bonding different types of connection together, performance is optimised.

SD-WAN gives the ability to intelligently control the traffic from one location to another and load-balance to the highest-performing available link, offering application surety. SD-WAN can also deploy quickly when requirements change in order to bring bandwidth in line with an application’s needs.

As it’s possible to breakout from remote locations with SD-WAN, there’s no need to force traffic through a data centre to access SaaS or other web services. Need to add a new branch or integrate with acquired or remote offices? SD-WAN is provider agnostic, so you’ll see these benefits whatever access technology is being used – and you can add or remove connectivity at any time without hassle.

And the benefits don’t stop there. Improved SLAs, increased network visibility, end-to-end encryption across the network (including the internet) – so much is possible – SD-WAN is simply the more efficient and secure option for today’s global enterprise business.

SD-WAN isn’t going anywhere. This is the future of networking and Expereo is delivering fully managed SD-WAN service to enterprises today.

Read more about how Expereo SD-WAN can benefit your business.

Expereo announce Gartner partnership

Expereo has announced the signing of a strategic Product Management & Marketing partnership with Gartner, the world’s leading technology research and advisory company.

The partnership grants Expereo greater access to the global Gartner analyst and research network.

Sander Barens, VP Commercial Development, Expereo comments: “As Expereo continues to grow, it’s important to have a partner like Gartner to provide guidance and independent feedback from their unique ‘insider’ perspective into markets and from clients.”

In addition, Expereo expects to benefit from Gartner’s analysis of their XDN (Expereo Defined Networking) portfolio of products and services, their go-to-market expertise and to increase Expereo’s market awareness amongst potential enterprise customers.

Expereo expands pan-African reach with new Cloud Acceleration Hubs

Today Expereo, the global provider of managed Internet network solutions, has announced a major expansion into the growing African market.

Numerous strategically located Cloud Acceleration Hubs are planned to launch across 2018 in pivotal pan-African locations. A Johannesburg, South Africa, hub recently opened, with more locations to follow in East, West and North Africa throughout 2018.

The new Africa Cloud Acceleration Hubs will enable Expereo to connect more customers across the Internet on an enhanced global scale, with optimised Internet connectivity for the highest availability and performance of SD-WAN, IPSec and Cloud/SaaS acceleration via Expereo’s XCA and XCA Edge platforms.

Irwin Fouwels, CEO, Expereo comments: “Across Africa, we see enormous opportunity for the cloud to accelerate innovation, allow governments to provide better services, and drive economic growth for both African-based businesses and global corporates operating on the continent. To succeed, they need guaranteed performance and reliability from their Internet. That’s why we are expanding our reach with these strategically located African hubs, providing our customers with the best options for cloud connectivity on a truly global scale.”

Africa expansion

Expereo’s 2018 Cloud Acceleration service expansion will focus primarily on Africa, enabling enhanced connectivity and reliability for enterprise companies in the area. The recently launched Johannesburg hub is soon to be bolstered by new locations across East, West and North Africa.

Previously, African Internet traffic was dominated by “northbound” traffic, with data routed primarily via Europe due to the structure of the global cable systems, before arriving at its destination. Expereo expects to see a reversal of this trend, with “southbound” traffic increasing as the economies of African countries continue to grow, thus creating more cloud demand and SaaS adoption.

Major SaaS providers such as Microsoft and AWS are already opening cloud data centers in South Africa to meet this demand. Domestic Internet requirements within African countries are rising and corporates continue to expand their business into the area, all of which will drive this ongoing change.

Expereo hubs list

  • North America: Seattle, Los Angeles, Dallas, Miami, Ashburn, New York, Chicago, Toronto
  • South America: Sao Paulo
  • Europe: London, Paris, Madrid, Amsterdam, Frankfurt, Milan
  • Africa: Johannesburg, East Africa (2018), West Africa (2018), North Africa (2018)
  • Asia-Pacific: Tokyo, Hong Kong, Singapore, Sydney

Enhanced Internet connectivity

Expereo provides market-leading technology in Internet performance-based routing, such as XCA, which delivers optimal user productivity for Cloud Applications by optimizing Internet routing through Expereo’s global and growing network of Cloud Acceleration Hubs.

XCA actively probes all destination networks for performance metrics including packet loss, latency, historical reliability, and peering capacity, and continually selects the best routing in real-time based on these statistics.

By leveraging this technology, Expereo’s African Cloud Acceleration Hubs will deliver improved Internet connectivity optimisation, increased application performance, employee productivity benefits and much more.

Hub location and data center selection

Expereo partners with data center providers to locate their hubs on a case-by-case basis. Its hubs are strategically chosen to leverage the best service in each location, with robust connectivity to the major Internet exchanges, and with the best proximity to the Internet’s major nerve points. They are built to meet the demand of global customers who require optimal connectivity for their SD-WAN, Cloud applications and network operations as their business grows in the African area.

The Internet is everywhere – but the challenges remain

In every business, the story is the same. More cloud, more SaaS, and the move to Internet-centric networks to deliver them, in conjunction with MPLS – or replacing it.

“Move to the Internet.” It seems like a simple solution, but for many reasons the www is still the ‘wild wild west’ for many people, and understandably so.

The internet itself is made up of 50,000+ individual Autonomous Systems that mesh together, across which your traffic is directed using a routing protocol that makes decisions based on the number of systems it has to ‘hop’ across.

An efficient enough system, but one with endemic problems. Latency, packet loss, delays and other performance issues have always been there and most likely always will.

What’s different today is the requirements of business. To remain competitive they demand performance, agility and resilience, everywhere. Which means these constant performance issues are becoming unacceptable to CIOs, network administrators and the employees who work with an enterprise’s Cloud and SaaS applications.

In fact, you can get the performance and reliability you need from the Internet. To understand how, let’s first discuss a few basic concepts about the workings of the Internet.

Dedicated Internet vs Broadband Internet:

Cheap broadband has captured the imagination of many an SD-WAN vendor. What we like to say is, the true costs of broadband are not found on the ISP price pages.

There are hidden costs with contended broadband, depending on what value you put on performance and availability. Plus, the unknowns of monitoring and management of the service from within your own network can create unforeseen costs.

I’m not saying that paying more is a guarantee of a quality, but you want to work with a connectivity provider who knows the ISP landscape in your geographies.

Provider management in a DIY setup can also be a costly headache, particularly when dealing in-country with different cultures and capabilities.

Internet and SD-WAN

SD-WAN is an overlay service. For the overlay to work well, and to realise the full benefits of an SD-WAN implementation, you need an underlay network that also works well, for your IPSec tunnels for example.

Optimised IP or BGP optimisation can also play a vital role in delivering a high performing Internet based undelay network. Either way, we believe that the right internet strategy is fundamental to a successful SD-WAN strategy.

Diversity

The perception is that a couple of broadband links from different ISPs gives you diversity and the ability to avoid issues.

The reality is you could be paying 2 (or more) different ISPS for broadband that will run on the same line and have the same problems at the same time.

The shortest path can be the longest:

The peering decisions made by your providers may be seen by the Internet as the path with the fewest hops, with the fewest systems to move between, but your data could be going out across an ocean and then coming back across a continent, without you even realising it.

Without the right tools to see this you can spend a lot of time wondering where your problems are coming from.

“I pay for premium”

Unfortunately, paying for premium ITPs does not give you any guarantee of performance. From the tools we use in Expereo to monitor the Internet we know that every provider will experience issues at some time during any given day, regardless of who or where they are.

The last mile challenge:

Connecting your branch offices to the network is still one of the fundamental challenges. How do you connect to the network and make SD-WAN work in your branches? As an example, even in Germany DSL availability is not at 100% coverage.

So that’s a quick look at some concepts that can trip up even the most experienced network operators when you move to the Internet. However, with the right tools, insight and knowledge you can make the Internet work for you.

Expereo expands global Mobile Connectivity

High speed mobile data networks deliver access to branch sites, remote workers, vehicles or kiosks using the latest 4G/LTE Mobile Connectivity technology, for businesses that require anywhere, anytime global connectivity.

Expereo deliver this agility, bundled with dynamic or public static IP addressing, allowing mobile connectivity to be integrated into any network design, across the globe.

Sander Barens, VP of Commercial Development, Expereo: “Mobile Connectivity can play an essential role in SD-WAN and Internet of Things deployments, thanks to its quick deployment capability and technical diversity. With mobile connectivity, you can get connected fast with a robust solution that complements any network design or methodology.”

LTE-enabled hardware extends the range of traditional WAN and SD-WAN deployments to include remote offices, smaller sites, and to any device that relies on mobile data connectivity as a transport method.

IOT projects also benefit from LTE connectivity when access to narrowband services are not available, or higher bandwidth is required.

Expereo Global Mobile Connectivity delivers several benefits to business; fast deployment, flexibility, and is an effective last-mile access technology.

  1. Fast Deployment: compared to terrestrial deployments, Mobile Connectivity can be in use far more quickly than other access methods. This allows business to deploy new access quickly, and to ensure business continuity when required.
  1. Greater flexibility: with Mobile Connectivity, you avoid contract lock-in; use it for as long as you need it for temporary ‘pop-up’ type implementations, use it for a few months until you install more permanent fixed network access, or for a project timeframe.
  1. Last-mile access: without the restrictions of wired access you can provide connectivity to branches, kiosks, devices or vehicles virtually anywhere, with the reliability and redundancy of 4G/LTE technology.

Expereo provides managed Mobile Connectivity services to Canada, 18 countries within Asia-Pacific and 30 countries within Europe.

LTE access has established itself as a strong alternative to legacy connectivity services. Network coverage continues to expand and overall coverage is now well beyond wired access. In many cases, multiple cell towers serving a location ensure service resiliency.

LTE network speeds also continue to increase and can be more cost-effective in many cases for remote locations or backup use, when compared to wired solutions or satellite.

Want to learn more about our Mobile Connectivity services? Contact us today.

BGP Optimisation — Why do we need it?

Border Gateway Protocol (BGP) is today’s Internet routing protocol. What this means is that BGP determines the path your traffic takes across the Internet to its destination — and back.

BGP is effective and stable, and was developed more than 20+ years ago (that’s last century, BTW).

As a route selection process BGP relies on a single metric: AS-PATH. This metric selects routing based on the fewest ‘hops’ between Autonomous Systems (AS). Today, more than 60,000 AS make up “the Internet”.

As you can imagine, BGP’s job is becoming increasingly harder as the number of AS continue to grow.

BGP doesn’t look at any other performance factors to make routing decisions. It doesn’t know if an AS is short or long (does it cross a state, a country or go across an ocean?) and is likely to route traffic through a path with high round trip delay, even though a more efficient path exists. BGP is also not able to detect packet loss, saturated transit services, or other performance limitations across networks.

The protocol also cannot detect and mitigate traffic bursts that go above any committed data rates, leading to unpleasant cost surprises.

How do BGP limitations affect a business and its customers?

BGP does not have the ability to detect failures and poor performance, and in many cases can contribute to these issues.

BGP Limitations

BGP does not take into consideration several performance issues facing the Internet today:

1. Long paths:

· Large delays cause frustration to users

· Corporate SaaS application users can suffer from low productivity and low morale as a result of constant delays

· B2C e-commerce application users do not tolerates delays and this will directly affect the actual sales conversion rates

· Gaming applications will also suffer with delays

· Delays also severely impact the quality of voice communication and are another source of user frustration

2. Packet loss:

· Packet loss rates usually produce the same issues and frustrations as high delays.

· Packet loss turns into a bigger issue with corporate video conferencing quality, and applications that provide document collaboration capability

· Corporate training video services or consumer video streaming can also be negatively impacted

3. Broken links:

· Routing equipment can malfunction or experience inconsistencies in the routing and control planes

· Even in this situation, BGP still sees the network as properly functioning, even though the routing process is not actually forwarding packets

· Users cannot access their applications until the network equipment is restored

· Similar situations also occur when operators implement incorrect access-lists, or flood protection mechanisms actually block legitimate user traffic

What can you do about it?

WAN optimisation, Cloud Acceleration: these are some of the terms you’ll hear to describe BGP optimisation services. These have become increasingly important as SaaS application adoption increases, and Internet becomes the default network connectivity method.

What’s important to know is that you can deliver great Quality of Service (QoS) from the Internet with these tools.

Expereo Cloud Acceleration

Expereo Cloud Acceleration services — also known as XCA — optimises BGP with performance and traffic measurement based analysis, detecting any abnormal routing situation and working around it in milliseconds.

XCA will improve both the application performance and availability by probing all internet destination networks for performance metrics including packet loss, latency, historical reliability, throughput, and peering capacity, and continually selects the best routing in real-time, based on these statistics, not just the shortest path between the individual networks that make up the Internet.