HPE Discover 2018

Join the Expereo team at HPE Discover 2018 in Madrid to experience a world where everything computes.
Held from 27th–29th November, this annual networking conference explores the explosion of built-in intelligence, hyper-connectivity, and edge-to-cloud innovation.

Visit Expereo at booth #246 to find out how Global Internet, XCA, and SD-WAN can assist your business. Intelligent networking is essential if you want to maintain efficiency and agility in this fast-paced, competitive digital age.

HPE Discover seeks to advance the way we all live and work by exploring network trends, complete with hundreds of training sessions, technology demos, and tours. Nine content tracks span the key topics driving today’s digital transformation.

As one of HPE Discover’s sponsors, we are excited to offer industry-leading joint solutions for your enterprise, with unmatched global reach.

Contact us to schedule a meeting

Gartner Symposium/ITxpo Barcelona

Join our team at Gartner Symposium/ITxpo Barcelona (4-8 Nov) where Expereo is exhibiting new ways to network at booth #419.

Explore the latest in Cloud-managed internet and hybrid networks, SD-WAN, and Cloud connectivity solutions.

Thousands of Europe’s leading Senior IT Executives will come together at Gartner events to explore the strategic trends and technologies that are shaping the future of business; from analytics to artificial intelligence, cybersecurity, and more.

Find out how XDN can future-proof your network as we unveil solutions for 2019 and beyond:

  • SD-WAN – Your next evolution in network management; cost-effective, flexible, consistently high-performance
  • XCA – Smart routing for smart businesses
  • SECURE XDN – Network security tailored to a new threat landscape
  • GLOBAL INTERNET – Worldwide access for an age of international collaboration

Contact us to schedule a meeting

6 growing threats to network security

The modern, globally connected digital world demands that business applications, data and services be constantly available from any location, which means networks must span multiple hosting environments, fixed and mobile devices and other forms of IT infrastructure. But just as networks are a key enabler for the enterprise, they are also a source of extended risk. Hackers, cyber criminals and state-sponsored actors are constantly spawning new network attacks to compromise, steal or destroy critical information and disrupt organizations for their own ends.

The network has become not only a target, but also a channel for disruption: It’s a primary route of distribution for distributed denial of service (DDoS), phishing, ransomware, worms and other types of malware attacks.

Last year was arguably the most dangerous ever to be a network administrator, given the growth in new attack methods being directed at public and private-sector IT systems. Cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017, according to the Online Trust Alliance. And there is every sign 2018 will end up just as perilous as new threats emerge.

Network managers should take a good, long look at their security infrastructure and upgrade plans as they prepare to respond to the following six network threats:

1. DDoS attacks are proliferating

The volume and strength of DDoS attacks are growing as hackers try to bring organizations offline or steal their data by flooding websites and networks with spurious traffic. Two factors are helping criminals in their endeavors.
One is the widespread availability of “DDoS for hire” services, whereby hackers rent out their skills for very low sums of money. The other is the growing volume of internet-of-things products with poor security defenses that are being attached to device-to-device, edge and core networks.
Botnets that hijack vulnerable IoT devices can spread quickly via the network and quickly infect hundreds or thousands of products before directing spurious traffic at target websites and infrastructure.

Remedy: Be sure to create a DDoS mitigation plan. Protect networks against DDoS attacks by monitoring and controlling LAN/WAN traffic flows and device bandwidth consumption to receive earlier warnings of attack.

2. Network-based ransomware is designed to destroy systems … and data

Self-propagating ransomware attacks that quickly spread across systems do not rely on humans to click a button, download a file or plug in a USB stick. They just need an active and unpatched workstation (think WannaCry and NotPetya) and an automated software update. Many security researchers believe that the primary purpose of some ransomware attacks is not to extort money but to deliberately destroy data on infected systems.

Remedy: Perform regular backups of mission-critical data, ensure all systems and applications are patched and up to date and use vulnerability assessment tools to find gaps in defenses. It’s basic stuff, but it couldn’t be more vital.

3. Malware is evolving, with activity masked by legitimate cloud services  

Today’s business needs have changed the way enterprises send and store sensitive data, with more organizations using off-premise cloud-hosted repositories and services (with or without the consent and direction of the resident IT department). But these are also popular services hackers can use to register accounts, start web pages, encrypt their malware, hide domains and IP addresses and cover their tracks by deleting the account afterwards – all at low cost, pay-as-you-go prices. And popular cloud services like Google, Twitter and DropBox are also difficult for security managers to block, leading to a multitude of vulnerabilities.

Remedy: Threat intelligence monitoring and analytics are more advanced than ever before. These services can identify suspicious behaviour that could indicate legitimate services disguising hacking activity.

4. Insider threats show no sign of diminishing 

Insider threats are said to be responsible for anything from 25 to 75 percent of enterprise data breaches and are usually driven by financial gain, industrial espionage or just plain incompetence or misuse. But the majority of network security defenses remain configured to protect the perimeter from external, rather than internal, hackers — those who already have legitimate, authorized access to their organization’s networks and often operate under the radar with few or no limitations on the information they can access or transfer.

Remedy: Prioritize critical assets, implement a formal insider-threat program, document and enforce security policies and controls, monitor employee activity at the network and host level, and raise inside threat awareness among staff through training.

5. Encryption is meant to enhance security,  but it’s also helping hackers to conceal their communications.

We’ve seen a big rise in the percentage of network traffic that is encrypted — a natural consequence of organizations protecting sensitive data by scrambling communications. But this approach to securing data cuts two ways, with threat researchers also noticing a threefold increase in the volume of encrypted network communication employed by malware in 2017. Encryption gives hackers more time and space to operate prior to their eventual detection and remediation.

Remedy: Use machine learning and artificial intelligence to identify unusual patterns in encrypted web and network traffic and send automatic alerts to security staff if issues merit further investigation. Automation really is the future of network security.

6. Cyber attacks get personal as social engineering targets executives and HR. 

Malicious emails are vital tools for hackers because they take malware straight to the end point. Hackers are identifying high-value (and vulnerable) individuals within organizations, commonly hiding code in Microsoft Word, PowerPoint and Excel file extensions as well as PDF documents and archive files. Business email compromise attacks are increasingly being employed to impersonate a trusted identity (like CEOs, HR departments or tax authorities) to encourage targets to make payments or share sensitive information.

Meanwhile, email account compromise tools can usurp a hacked (but legitimate) email account to circumvent other cybersecurity defenses and deceive intended victims. It’s a continually growing concern.

Remedy: Raise user awareness of the risks through formal training programs and email usage policies, set email spam filters to high and keep software and systems up to date. Network security is a continual process — agencies must stay on top of it to stay ahead of the hackers.

Security Automation Soars to Top of Agenda

A surge in cyber-threats and the administrative burden involved in staying on top of data security management is putting pressure on enterprise IT departments that cannot afford to risk a serious data breach, reputational damage and operational disruption.

Faced with an ongoing cybersecurity skills shortage, organizations need a different approach to security provision unrestricted by manual processes – one that reduces their dependence on hard-pressed humans by harnessing automation, machine learning, artificial intelligence, predictive analytics and other innovative technologies to help identify, filter, neutralize and remediate cyber-threats before they have a chance to do significant harm.

By integrating orchestration processes, automation, incident management and collaboration, visualization and reporting under a single interface, SOAR can give security operations center (SoC) staff a faster, more accurate way to process large volumes of data produced by cybersecurity systems and help identify and remediate attacks which may be imminent or underway.

Mixed state of SOAR readiness

In its Innovation Insight for Security Orchestration, Automation and Response report published in November last year, Gartner forecasts that by the end of 2020, 15% of organizations with a security team larger than five people will use SOAR tools, up from an estimated 1% in 2017.

The scale and rate of that adoption suggests two things: firstly that many businesses may be unprepared for the security management challenges they face, and secondly that awareness of SOAR and the benefits it can bring is still limited.

Any gap in education can lead to expensive mistakes when it comes to product procurement decisions which are invariably difficult and costly to rectify. So, it’s important that IT departments don’t rush into any implementation without taking a good look at their existing security architecture and processes and carefully consider where SOAR can work alongside them to help SoC analysts ease their cybersecurity workloads.

In many cases, IT departments remain unclear on what security processes can or should be automated for example, and which of their current security applications and systems lend themselves to the type of orchestration that SOAR enables – if existing tools from different vendors cannot be integrated efficiently using mechanisms like application programming interfaces (APIs), the quality of the data and recommendations being shared can be compromised and the ability to act fast on accurate intelligence diminished.

Steps to SOAR success

  1. An audit of existing security infrastructure should be a priority, including defences which routinely span on- and off-premise systems hosted in public, private and hybrid clouds, as well as fixed and mobile devices in distributed branch office environments.
  2. All systems should be properly assessed for SOAR readiness, and any opportunity to consolidate security systems to weed out extraneous security information that does not help with threat identification and remediation should be thoroughly explored.
  3. Additional filters can also be applied to further reduce the background noise that often distracts analysts from the real danger.
  4. IT departments should specify key performance metrics that frame what they want to achieve in terms of dwell and detection to containment times to make sure threats are neutralized before they have a chance to spread into other systems.
  5. Those KPIS should be aligned closely with in-house security analyst resources and skill sets, to give current staff the best tools and training to meet requirements.
  6. Organizations without in-house security analysts should consider outsourcing cybersecurity monitoring and management functions to managed security service providers (MSSPs) that use suitable SOAR tools able to integrate with on-premise security systems to maximize threat detection and remediation.


With so many different security tools and applications needed to protect large volumes of data, people and devices wherever they may reside, the cascade of logs and alerts analysts have to wade through to identify the priorities for their attention is only set to amplify.

Equally there remains a real danger that the benefits of machine learning and artificial intelligence when applied to cybersecurity automation and orchestration will be overstated unless IT departments are realistic about what can be achieved and where their weaknesses lie.

It is important to remember that while greater orchestration and automation can shoulder some of the burden currently carried by security analysts, it cannot replace them completely. At the end of the day, well-educated competent professionals will still be necessary, but their time can be optimized if machines take on some of the legwork.

Expereo named in the May 2018 Gartner Market Guide for Managed SD-WAN Services

Expereo has been named as one of 15 “Non-NSP Providers” of SD-WAN Managed Services in the latest Gartner “Market Guide for Managed SD-WAN Services”, published on 31 May 2018 by analysts Ted Corbett, Neil Rickard, Katja Ruud, Bjarne Munch, Danellie Young, Gaspar Valdivia and Mike Toussaint.

Non-NSPs include providers such as system integrators (SIs), value-added resellers (VARs) and managed network service (MNS) providers. These either partner with OEMs or are OEMs themselves, or both. These providers may also employ PoPs, but do not own WAN transport facilities.

Gartner recommendations

Enterprise leaders who are responsible for accelerating enterprise infrastructure innovation and agility should employ SD-WAN Managed Services to:

1) Optimize network expenses for digital business initiatives, reallocate key personnel and improve operations performance by adopting managed SD-WAN services.

2) Increase enterprise agility, performance and expense optimization by including both NSPs and non-NSPs in your managed SD-WAN services RFPs, and then align all provider proposals with your business objectives.

3) Get the most complete solution possible for your managed SD-WAN service needs by opening your RFP to include ancillary network functions (such as security and WAN optimization) and alternative platforms to SD-WAN-only appliances.

According to the report, “Managed SD-WAN services can improve operations performance and reduce an enterprise’s need to grow internal capabilities. This is because the managed SD-WAN service provider becomes the SPOC for monitoring, reporting, and incident and change management of the SD-WAN product, as well as all WAN transport, inclusive of access path diversity. This, in turn, allows the enterprise’s internal resources to focus on higher objectives.”

The report goes on to state, “For example, non-NSP providers allow enterprises to more easily change underlying WAN transport providers (e.g., for expense optimization or performance reasons) without changing the managed SD-WAN services. In contrast, NSP managed SD-WAN services increase enterprise dependency on the primary WAN transport provider’s operations, making it more difficult to change or maintain leverage in WAN transport price negotiations. NSPs are unlikely to continue to provide the managed SD-WAN service and, absent any WAN transport service revenue, may lose interest, resulting in diminished support. Whether the service is delivered by an NSP or a non-NSP, enterprises should analyse provider proposals and align these with their business objectives for achieving greater agility, operations performance and expense optimization.”

Read the research in full here (access to this document requires the appropriate Gartner subscription)

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Expereo has been named in March 2018 Gartner research

Expereo has been named in March 2018 Gartner research: “How to Choose the Right Level of Agility for Your Next Global Enterprise WAN” written by Bjarne Munch and Neil Rickard.

Key takeaways from the research:

• By 2020, approximately 10% of global enterprise WANs will use the internet as their only WAN service, which is an increase from fewer than 2% today.
• By 2020, more than 70% of global enterprise WANs will use a combination of MPLS/Ethernet and the internet in a hybrid WAN, which is an increase from the Gartner estimate of 50% today.
• The advent of software-defined WAN (SD-WAN) has led to increased enterprise interest in using public internet services for WAN connectivity, rather than MPLS or Ethernet.
• Enterprise I&O leaders should use only the public internet for global WAN, if they source this through an aggregator or a provider that can manage all local relationships.
• Avoid using consumer-grade internet services for interactive applications or business-critical applications. Instead, prioritize business-grade internet.

Read the research in full here (requires the appropriate Gartner subscription) or contact Expereo and bring agility to your WAN!

Expereo and SecureOps partner to deliver specialist SD-WAN security

Today Expereo, global provider of managed internet network, accelerated cloud access and SD-WAN solutions, announces a new strategic partnership with information security services company SecureOps.

SecureOps brings two decades of network security experience as a Managed Security Service Provider (MSSP) to Expereo’s XDN portfolio. SecureOps’ comprehensive suite of on-premise and cloud-based security services will empower multinational customers to securely operate internet-centric networks, deploy SD-WANs, and move to the cloud with confidence.

SecureOps and Expereo

Expereo and SecureOps have signed a strategic partnership to provide total network security for today’s business-critical digital landscape. As enterprises move to the internet and SD-WAN, many find that complex manual processes plus a lack of resources and skills prevents them from effectively keeping pace with the current security landscape. Expereo and SecureOps’ joint solution alleviates these challenges when adopting an internet-centric enterprise network and cloud access strategy.

Irwin Fouwels, Expereo CEO, comments:

“With SecureOps we bring a complete security suite to the Expereo XDN portfolio. We now offer our global SD-WAN solutions bundled with full managed security, enabling the multinational enterprise to deliver on its cloud strategy and deploy SD-WAN with confidence.”

Loren Goldig, SecureOps CEO & President, comments:

“Network security in 2018 must be adaptable. You can’t throw in firewalls and walk away; security needs are as complex and diverse as the businesses themselves. Today’s solutions must exactly meet the specific needs of each individual company. Working in strategic partnership with Expereo, our ability to deliver these tailored solutions is enhanced by Expereo’s commercial go-to-market and agile global delivery capability.”

The security offering

The Expereo and SecureOps strategic partnership for security and network service management is enhanced by vulnerability lifecycle management services. Enterprises will be able to easily integrate SecureOps’ flexible MSSP services into their network, bolstering Expereo connectivity with robust security. Expereo will offer the following Managed Security services:

 Security infrastructure management Secured, monitored internet break-out services via on-premises devices or secure cloud gateways across a number of security offerings, including security information and event management (SIEM), firewall management for SD-WAN, intrusion defense and prevention systems (IDS and IPS), universal threat managers (UTM) and more.

  • Threat monitoring and response Dedicated, 24/7 triage and incident handling and customer environment monitoring for potential threats, powered by a multi-layer detection process.
  • Vulnerability lifecycle management Enterprise WAN vulnerability management. Proactive scanning and analysis of customer infrastructure for threat determination and reporting, backed by assessment and remediation.

In addition, customers will also receive access to security consultancy services such as security audits, customer requirement facilitation, host protection and more.

About SecureOps

SecureOps is a high-end information security services provider and member of the Information Security Forum (ISF) with two decades of experience. The team offers specialist knowledge related to security and security-related networking technology.

SecureOps has built its global services on personalised solutions, preferring turnkey approaches to an off-the-shelf, one-size-fits-all approach. SecureOps will work directly with Expereo customers to understand their needs and deliver specialist security solutions tailored to their specific requirements. Customers can choose and deploy a suite of solutions that will sit under one accessible management framework specifically relevant to their organization.

SecureOps and Expereo are uniquely positioned to collaborate given their commitment to a customer-centric approach, cutting-edge technology, global capability, and agile customer deployment expertise.

9 reasons to reconsider MPLS

For two decades, Multiprotocol Label Switching (MPLS) has stood as the go-to solution for enterprises in need of stable connectivity. MPLS providers currently serve a market worth in excess of $30billion – despite a lack of innovation in the area. Why?

What is MPLS?

MPLS is a layer 2 communication switching protocol that relies on compact switching labels to relay payload to the next hop, as opposed to the layer 3 IP addressing used in common IP-routing protocol. Essentially, MPLS allows a router to place a ‘label’ on packets of internet traffic, each label explaining where the information needs to go next. A decade or so ago, this meant a reduction in processing time at each router – a speed augmentation that was welcomed by big business.

MPLS was originally designed to offer a stable, dependable connection – and it did, for a time. Yet the fact remains that MPLS no longer meets all the requirements of today’s enterprises working to an unprecedented global scale.

Today, when large businesses look to connect branch offices with company headquarters, there are a number of things they should consider about MPLS before continuing to rely entirely on this connectivity solution.

Here are nine reasons why enterprises should reconsider MPLS and instead shift to a hybrid or internet-centric network, particularly to support the move to cloud and if they are considering solutions such as SD-WAN.

  1. MPLS takes a long time to deploy

MPLS providers will always be able to guide customers through any implementation process. However, the reality with MPLS is that most deployments can take a number of months, or longer, in some cases. The process isn’t exactly easy and implementations can sometimes be extremely complex. For remote or international locations, deployment can take in excess of a year. For example, MPLS services must be deployed to a single customer premises before it can be installed in the next. This creates substantial lag time before the next branch can be up and running.

  1. It’s expensive

It may be hard to put a price on the productivity customers enjoy using either MPLS or SD-WAN, but the former is inarguably no longer cost competitive with the latter. And this isn’t even counting the additional costs (e.g. WAN optimisation hardware) associated with MPLS contracts.

In most cases, internet connectivity is also cheaper than MPLS with higher bandwidth speeds easily available. For example, we generally see savings of between 30 – 40% when moving from MPLS to internet, and in terms of speed, higher bandwidth connections are more and more common. We see demand growing substantially for dedicated internet access 500Mb/1Gb/2Gb connections, and more requests for 10Gb. Higher bandwidths on MPLS are harder to achieve and you’ll need routers and circuits that cost a significant portion of your IT budget.

  1. It’s Ineffective for small or remote sites

Remote international sites may find MPLS is not available, or prohibitively expensive. With many major enterprises operating numerous branch locations across the globe and expanding into new territories through mergers and acquisitions, this can be unacceptable in today’s digital landscape.

  1. MPLS does not allow internet traffic to be routed locally

As layer 3 routing is required for traffic to travel externally, packets in and out of the MPLS network are routed through the gateway at the service provider core, rather than locally. Even web traffic and traffic to the public cloud has to go through expensive circuits, just to connect. It all adds up to more cost and a less efficient user experience.

  1. Lower performance with MPLS

A single network connection, static Class of Service (CoS) settings, and the inability to easily throttle low-priority traffic or use the fastest route (rather than the predetermined route) can all add up to a sub-par user experience. As you may have guessed, these are limitations in MPLS, and business today doesn’t want to put up with these limits anymore.

  1. There’s limited uptime

Not all MPLS providers offer a failover to a secondary internet connection if the primary connection is compromised – and almost none have a tertiary option. Even when moving to a secondary connection, the switch is not typically instantaneous. Whichever way you look at it, MPLS does not offer a seamless connection.

  1. MPLS requires the same service provider across the network

It’s a shocking truth, but it is mandatory that the same MPLS service provider operates across all locations in your network. And, as we’re all well aware, switching provider is no easy task. In this context, MPLS severely limits your options for growth and relocation. It’s an all-or-nothing relationship with MPLS. A single service provider and single transport also means a single point of failure…

  1. Security is a bigger issue with MPLS

MPLS lacks built-in data protection and can expose your network to vulnerabilities if it isn’t configured correctly. It can open you up to attack, and isn’t as safe as some providers would have you believe. MPLS security may also become worryingly obsolete or, at least, increasingly complicated and expensive thanks to the capability of SD-WAN to provide, among other things, Centralized Security Policy Management.

  1. MPLS has limited bandwidth and long lead times

Not only are bandwidth upgrades extremely costly, they aren’t always possible. Long installation and upgrade lead times also make MPLS restrictive and inefficient.

What’s the solution?

In the 20 years MPLS has existed, a raft of progress has very much changed the online landscape. In the 90s, mission-critical applications were not in the cloud, and users were not accessing corporate applications from mobile devices. MPLS was an adequate workaround for yesterday’s challenges but not today’s.

The WAN is being revolutionised by enterprise’s growing adoption of cloud and SaaS services, which are largely public internet based. This is where using MPLS can put you at a disadvantage. Knowledge-based, cloud-fueled, global, and mobile enterprises demand a high performance, agile, application-agnostic, quick to deploy, affordable to own, and managed network solution.

SD-WAN – ultimate networking

SD-WAN (Software-Defined Wide Area Network) presents a new, flexible and exciting option for those looking for an alternative to MPLS-based networking, or a hybrid network configuration.

This differs by providing multiple high-bandwidth connections simultaneously, or by utilising a combination of MPLS and internet. These are cost-effective, and can be aggregated to allow for faster connections. This aggregation can include WAN connections to a single site, and, by bonding different types of connection together, performance is optimised.

SD-WAN gives the ability to intelligently control the traffic from one location to another and load-balance to the highest-performing available link, offering application surety. SD-WAN can also deploy quickly when requirements change in order to bring bandwidth in line with an application’s needs.

As it’s possible to breakout from remote locations with SD-WAN, there’s no need to force traffic through a data centre to access SaaS or other web services. Need to add a new branch or integrate with acquired or remote offices? SD-WAN is provider agnostic, so you’ll see these benefits whatever access technology is being used – and you can add or remove connectivity at any time without hassle.

And the benefits don’t stop there. Improved SLAs, increased network visibility, end-to-end encryption across the network (including the internet) – so much is possible – SD-WAN is simply the more efficient and secure option for today’s global enterprise business.

SD-WAN isn’t going anywhere. This is the future of networking and Expereo is delivering fully managed SD-WAN service to enterprises today.

Read more about how Expereo SD-WAN can benefit your business.

Expereo expands pan-African reach with new Cloud Acceleration Hubs

Today Expereo, the global provider of managed Internet network solutions, has announced a major expansion into the growing African market.

Numerous strategically located Cloud Acceleration Hubs are planned to launch across 2018 in pivotal pan-African locations. A Johannesburg, South Africa, hub recently opened, with more locations to follow in East, West and North Africa throughout 2018.

The new Africa Cloud Acceleration Hubs will enable Expereo to connect more customers across the Internet on an enhanced global scale, with optimised Internet connectivity for the highest availability and performance of SD-WAN, IPSec and Cloud/SaaS acceleration via Expereo’s XCA and XCA Edge platforms.

Irwin Fouwels, CEO, Expereo comments: “Across Africa, we see enormous opportunity for the cloud to accelerate innovation, allow governments to provide better services, and drive economic growth for both African-based businesses and global corporates operating on the continent. To succeed, they need guaranteed performance and reliability from their Internet. That’s why we are expanding our reach with these strategically located African hubs, providing our customers with the best options for cloud connectivity on a truly global scale.”

Africa expansion

Expereo’s 2018 Cloud Acceleration service expansion will focus primarily on Africa, enabling enhanced connectivity and reliability for enterprise companies in the area. The recently launched Johannesburg hub is soon to be bolstered by new locations across East, West and North Africa.

Previously, African Internet traffic was dominated by “northbound” traffic, with data routed primarily via Europe due to the structure of the global cable systems, before arriving at its destination. Expereo expects to see a reversal of this trend, with “southbound” traffic increasing as the economies of African countries continue to grow, thus creating more cloud demand and SaaS adoption.

Major SaaS providers such as Microsoft and AWS are already opening cloud data centers in South Africa to meet this demand. Domestic Internet requirements within African countries are rising and corporates continue to expand their business into the area, all of which will drive this ongoing change.

Expereo hubs list

  • North America: Seattle, Los Angeles, Dallas, Miami, Ashburn, New York, Chicago, Toronto
  • South America: Sao Paulo
  • Europe: London, Paris, Madrid, Amsterdam, Frankfurt, Milan
  • Africa: Johannesburg, East Africa (2018), West Africa (2018), North Africa (2018)
  • Asia-Pacific: Tokyo, Hong Kong, Singapore, Sydney

Enhanced Internet connectivity

Expereo provides market-leading technology in Internet performance-based routing, such as XCA, which delivers optimal user productivity for Cloud Applications by optimizing Internet routing through Expereo’s global and growing network of Cloud Acceleration Hubs.

XCA actively probes all destination networks for performance metrics including packet loss, latency, historical reliability, and peering capacity, and continually selects the best routing in real-time based on these statistics.

By leveraging this technology, Expereo’s African Cloud Acceleration Hubs will deliver improved Internet connectivity optimisation, increased application performance, employee productivity benefits and much more.

Hub location and data center selection

Expereo partners with data center providers to locate their hubs on a case-by-case basis. Its hubs are strategically chosen to leverage the best service in each location, with robust connectivity to the major Internet exchanges, and with the best proximity to the Internet’s major nerve points. They are built to meet the demand of global customers who require optimal connectivity for their SD-WAN, Cloud applications and network operations as their business grows in the African area.

The Internet is everywhere – but the challenges remain

In every business, the story is the same. More cloud, more SaaS, and the move to Internet-centric networks to deliver them, in conjunction with MPLS – or replacing it.

“Move to the Internet.” It seems like a simple solution, but for many reasons the www is still the ‘wild wild west’ for many people, and understandably so.

The internet itself is made up of 50,000+ individual Autonomous Systems that mesh together, across which your traffic is directed using a routing protocol that makes decisions based on the number of systems it has to ‘hop’ across.

An efficient enough system, but one with endemic problems. Latency, packet loss, delays and other performance issues have always been there and most likely always will.

What’s different today is the requirements of business. To remain competitive they demand performance, agility and resilience, everywhere. Which means these constant performance issues are becoming unacceptable to CIOs, network administrators and the employees who work with an enterprise’s Cloud and SaaS applications.

In fact, you can get the performance and reliability you need from the Internet. To understand how, let’s first discuss a few basic concepts about the workings of the Internet.

Dedicated Internet vs Broadband Internet:

Cheap broadband has captured the imagination of many an SD-WAN vendor. What we like to say is, the true costs of broadband are not found on the ISP price pages.

There are hidden costs with contended broadband, depending on what value you put on performance and availability. Plus, the unknowns of monitoring and management of the service from within your own network can create unforeseen costs.

I’m not saying that paying more is a guarantee of a quality, but you want to work with a connectivity provider who knows the ISP landscape in your geographies.

Provider management in a DIY setup can also be a costly headache, particularly when dealing in-country with different cultures and capabilities.

Internet and SD-WAN

SD-WAN is an overlay service. For the overlay to work well, and to realise the full benefits of an SD-WAN implementation, you need an underlay network that also works well, for your IPSec tunnels for example.

Optimised IP or BGP optimisation can also play a vital role in delivering a high performing Internet based undelay network. Either way, we believe that the right internet strategy is fundamental to a successful SD-WAN strategy.


The perception is that a couple of broadband links from different ISPs gives you diversity and the ability to avoid issues.

The reality is you could be paying 2 (or more) different ISPS for broadband that will run on the same line and have the same problems at the same time.

The shortest path can be the longest:

The peering decisions made by your providers may be seen by the Internet as the path with the fewest hops, with the fewest systems to move between, but your data could be going out across an ocean and then coming back across a continent, without you even realising it.

Without the right tools to see this you can spend a lot of time wondering where your problems are coming from.

“I pay for premium”

Unfortunately, paying for premium ITPs does not give you any guarantee of performance. From the tools we use in Expereo to monitor the Internet we know that every provider will experience issues at some time during any given day, regardless of who or where they are.

The last mile challenge:

Connecting your branch offices to the network is still one of the fundamental challenges. How do you connect to the network and make SD-WAN work in your branches? As an example, even in Germany DSL availability is not at 100% coverage.

So that’s a quick look at some concepts that can trip up even the most experienced network operators when you move to the Internet. However, with the right tools, insight and knowledge you can make the Internet work for you.

Group 11Stroke 1Clip 4Stroke 3Stroke 5Stroke 6Stroke 7Stroke 8Stroke 9Stroke 10Stroke 10Stroke 9Stroke 8Stroke 7Stroke 6Stroke 5Stroke 3Clip 4Stroke 1 Interested?