It’s OK For Network Managers To Give Up Their Security Blanket

In the popular comic strip Peanuts, Linus was always seen carrying his blanket.  Clearly, the blanket gave the young lad a sense of comfort and security even in the face of his sister Lucy calling it a “stupid blanket” and constantly urging him to ditch it.  To Linus, knowing the blanket was there was far more important than any kind of common sense that might make him consider giving it up.

In networking, a similar security blanket exists and it’s the branch office router.  There’s been plenty of chatter over the years of “server-less” or “storage-less” branch offices but there’s rarely any mention of having a router-less branch office.

Branch Routers: Essential Equipment or Needless Expense?

In years past, I understood why this was the case.  It was easy to take a server out and put the data in some sort of remote location, particularly after the advent of WAN optimization that gave users LAN-like speeds for file and e-mail access over the wide area network.  The network though, was a bit of a different animal, as it had to terminate a wide variety of connections such as T1s, E1s, DSL, ISDN for backup connections, DS3s, and other weird interfaces.  Even if you terminated the telco connection into some kind of CSU/DSU, like those old but widely-deployed Adtran boxes, you typically had some kind of serial link that came off the back and into the router.

Those days are long gone though.  Sure, there may be some branches with older connections that still have unique requirements, but nearly all services are now delivered with an Ethernet handoff, meaning today’s WAN termination is as simple as plugging an RJ45 into a box.

I want to be clear that in no way am I saying businesses don’t need routing capabilities in the branch, but there’s a world of difference between routing and a router.  A router is a physical box that is pretty expensive if bought from the de facto standard vendor today.  Routing is the process of moving traffic from one network segment to another, like from the WAN to the LAN.  Routers provide routing capabilities, but there are a number of other ways one could route without a physical router.

Alternative Options for Branch Routing

One could choose to deploy a multi-function box that includes a routing stack, like a Silver Peak SD-WAN appliance, which the Ethernet handoff could be plugged into.  Since the traffic needs to pass through the device anyway, why not have it route the traffic as it comes in from or it heads out to the WAN? One benefit of putting the routing stack in an SD-WAN appliance is that the organization will get routing plus high-performance WAN connectivity in a single product.

Another option would be to run a pure software version of a router on a branch office device.  There are many solutions out there, including Brocade’s Vyatta which has a free version of its products for basic routing that does not require high performance.  This could be run on a local server or on a virtual partition on another device already in the branch.

If the business requires a super high-end solution with advanced routing capabilities, then by all means deploy a dedicated router.  However, for the majority of branch offices — particularly those where the organization has moved to a “cloud first” model, which cuts down on the actual WAN traffic — a dedicated router is no longer required and remains costly and complex to deploy and manage.

As Linus grew up, I’m not sure if he ever gave up his security blanket or not. What I do know is that the world is changing, and the vision for most organizations is to simplify the network, since a simpler network is easier to manage and maintain.  A big step along that journey would be to give up the router in locations where it’s really not needed and move routing to a more cost effective platform.