Managed Network & Voice Archives - Interface Systems

Network Modernization – A Practical Guide for Multi-Site Enterprises

Bud Homeyer — Fri, 23 Feb 2024 05:59:31 +0000

Managed Network & Voice

Bud Homeyer

Chief Operations Officer

Managed Network & Voice PCI Compliance Restaurants Retail

Network Modernization – A Practical Guide for Multi-Site Enterprises

What’s Driving Network Modernization in Multi-Location Enterprises?

Multi-site enterprises and consumer-facing brands such as retail and restaurant chains have bounced back from the shock of COVID-19. In hindsight, the winners are those retail and restaurant brands that could adapt to dramatic shifts in customer preferences, high frontline staff attrition rates, and a slew of unexpected physical security and supply-side challenges.

The only way businesses can deal with future uncertainty is by investing in human capital and technology infrastructure that can support rapid changes in operating models.

Here are the key reasons why network connectivity and security hence take center stage in any program that aims to build an agile multi-location business.

Industry Disruption

Why Network Modernization is Needed

Challenges in Hiring & High Employee Turnover

According to the National Restaurant Association, the restaurant industry is currently operating with a labor shortfall of 540,000 employees. The US Bureau of Labor Statistics reported the annual average total separation rate for the retail industry was 5% compared to 3.9% across all industries in May 2023.

Boost Employee Productivity

Retail and restaurant operators have to keep a sharp focus on boosting employee productivity at every touchpoint and automating mundane activities. A scalable network backbone is critical to deploy time-saving productivity and collaboration applications and improve application performance.

Changing Customer Expectations

According to Brandwatch, in 2023, consumers are placing a lot more emphasis on convenience. There is a 12% increase in social media chatter about convenience and shopping experience compared to the previous period.

Create Superior Customer Experiences

Restaurant brands have to reimagine the dining space with a focus on enhancing the speed of service, offering greater convenience, and a wide range of digital ordering services. Similarly, retailers have to invest in delivering superior in-store experiences and last-mile fulfillment across channels. None of these are possible without the underlying network and connectivity infrastructure.

Rising Food Prices and Inventory Glut

The US Department of Agriculture reported that the restaurant consumer price index in July 2023 was 7.1% higher when compared to the same period in 2022. This has impacted both retailers and restaurants. Rising prices also mean unsold inventory. Markdowns and discounts help move them but leave a serious dent in the bottom line.

Invest in Streamlining Operations

Retailers and restaurant brands want to streamline every aspect of their operations to cut costs. Economies of scale are needed in the entire supply chain and the underlying tech infrastructure to take advantage of standardized processes. Well-designed network backbones can optimize operating costs and support advanced analytics solutions to streamline the business.

Violence & Theft

Business locations, especially those in high-risk areas, face significant threats in the form of violent customers, robbery, and gun violence. Internal theft and cash handling risks have historically been a concern for retail and restaurant operators

Invest in Intelligent Security Solutions

Retailers and restaurant chains have to invest in intelligent security systems that provide advanced warnings and are capable of zeroing in on anomalies across millions of POS transactions. This requires investment in a wide range of cloud-based, AI-enabled sensors and data analytics. None of these applications can be deployed with outdated network infrastructure.

As multi-site businesses attempt transformative initiatives, they are faced with practical issues that go back to network design, labor-intensive network operations, management protocols, hardware procured from diverse vendors with differing capabilities, and network security vulnerabilities across the infrastructure.

Employees are becoming more mobile, accessing the network from various locations and endpoints beyond corporate IT control. They are also connecting to public clouds for essential business applications like Office 365.
IoT devices, widely distributed in remote and unsupervised locations outnumber human-controlled endpoints opening the door for new security threats.
Cloud service providers have expanded their presence across numerous branches, which connect directly to the cloud, bypassing corporate data centers.
With ever-tightening Payment Card Industry (PCI) requirements and data privacy regulations, restaurants and retailers face tremendous risk when migrating data from on-premise POS to cloud-based solutions that offer easier integration with inventory management, online ordering platforms, and the extended supply chain.
Support for bandwidth-intensive applications such as video management systems and devices with edge computing capabilities that deliver critical real-time data on store operations (such as security cameras) can be challenging when the last-mile connectivity is not properly handled.

The goal of any network modernization program should not only take into consideration the evolving technology solutions that drive transformation but also aim to create a resilient technology operating system that can change rapidly without creating bottlenecks in the future.

Challenges in Managing Legacy Network Infrastructure

There aren’t clear-cut answers. Most likely, retail and restaurant chains always have some part of the network designed decades ago and other parts that were added recently.

Outlets with legacy network components can still run online ordering operations, support in-store applications, and manage their supply chains. The real problem is in administering the network and the penalty it imposes through inefficiencies, downtime, latency, and security vulnerabilities. The limits of what a network infrastructure can support efficiently determine whether a network upgrade is needed or not (Refer to Exhibit 1).

Flat Network Architecture

Restaurant chains with a flat network architecture face significant challenges as the business grows and new requirements emerge.

1. Limited Segmentation

Without dividing the network into security zones, all devices and systems within the organization, such as point-of-sale (POS) systems, employee workstations, and guest networks, are interconnected. This lack of segmentation increases the attack surface, making it easier for an attacker to move laterally across the network. For example, a malware infection in a POS system could spread to the corporate network, compromising sensitive data and systems.

2. Increased PCI Audit Scope

In a flat network, the scope of the PCI audit expands, encompassing the entire network infrastructure, rather than just specific segments. This can increase the complexity and cost of compliance efforts.

3. Weakened Access Control

Without segmentation, it becomes challenging to implement role-based access controls, network segmentation based on user roles, or least privilege access principles. This can result in unauthorized access to critical resources, data leakage, and a higher risk of insider threats.

4. Performance and Scalability Bottlenecks

A flat architecture can hinder performance and scalability. Broadcast and multicast traffic, typically limited to individual segments, can quickly propagate throughout the entire network, leading to congestion, reduced bandwidth availability, and degraded performance.

5. Difficult Troubleshooting

Lack of segmentation makes it challenging to pinpoint the root cause of network problems. This results in increased downtime, extended troubleshooting efforts, and potential business disruptions.

Manual Failover

Manual failover relies on the availability of personnel to identify and respond to network failures promptly. There are serious risks of not upgrading to automated failover systems.

1. Limited Scalability

As the network grows in complexity, manually managing failover becomes increasingly challenging. The need for human intervention in every failover event can limit the network’s scalability and agility.

2. Increased Operational Complexity

Implementing manual failover requires detailed documentation, well-defined processes, and trained personnel who understand the failover procedures. It also increases the reliance on specific individuals or a limited group of staff members with the necessary expertise.

3. Prone to Human Error

There is an increased risk of human error during the transition, such as misconfiguration or oversight, which can lead to service disruptions or unintended consequences. Human error becomes more likely in high-pressure situations, potentially impacting the network’s availability and stability.

Centralized Network Security

Some retail and restaurant chains continue to rely on the security infrastructure at the data centers to do the heavy lifting. This approach can stifle application performance and increase network administrative complexities.

1. High Latency

Routing all traffic through the data center for security scans can increase latency and reduce the performance of internet-dependent applications, affecting productivity and user experience.

2. Increased Network Complexity

Implementing a centralized traffic backhauling architecture requires complex network configurations, including routing, load balancing, and secure tunnels to redirect traffic to the data center for security scans. This complexity can make network management and troubleshooting more challenging.

3. Limited Local Response Capability

Backhauling all traffic for security scans to a central data center can limit the ability to respond quickly to local network security incidents. Any network threats or anomalies that require immediate attention or localized mitigation experience delays due to the traffic redirection and the need to wait for security scans performed in the data center.

Legacy Routers, Modems, and Firewalls

Basic routers, modems, and consumer-grade firewalls lack advanced security functionalities, such as deep packet inspection, intrusion prevention systems (IPS), or advanced threat protection. This leaves the network vulnerable to sophisticated attacks and exploits targeting higher layers of the network stack.

1. Insufficient Traffic Visibility

IT teams may struggle to identify and address anomalous or malicious traffic patterns, making it harder to detect and respond to security incidents promptly.

2. Limited Scalability

As the network expands with additional branches, devices, and users, legacy routers, modems, and firewalls may struggle to handle the increased traffic volume and advanced security requirements. This can lead to performance issues and network bottlenecks.

3. Limited Support and Vendor Updates

Basic routers or consumer-grade firewalls often receive limited vendor support. This can result in outdated firmware, unpatched vulnerabilities, and a higher risk of security incidents due to the lack of ongoing security updates and patches.

Unmanaged Switches and Network Installation

Unmanaged switches offer limited or no visibility into network traffic and lack advanced monitoring features. Using them often results in ad hoc cable installations that hinder maintenance, troubleshooting, and overall network management efforts.

1. High Failure Rates & Poor Manageability

Unmanaged switches typically have a lower build quality that can lead to higher failure rates, increased downtime, and the need for frequent replacements.

2. Limited Scalability and Security

They lack features such as VLAN support, access control lists (ACLs), or traffic segmentation, which are essential for implementing network security policies and isolating different segments of the network.

3. Cable Loops and Performance Issues

Without proper cable management and oversight, unmanaged switches can contribute to cable loops leading to network broadcast storms, increased network congestion, and degraded performance.

Legacy WiFi Technologies

Businesses relying on legacy WiFi technologies are saddled with lower speeds, and limited bandwidth compared to newer standards like 802.11ac or 802.11ax (Wi-Fi 6 and Wi-Fi 6E). They may not offer the same level of coverage as newer standards resulting in dead zones or areas with weak signals within the premises.

1. Lack of Support for Critical Applications

Modern restaurant and retail chains often rely on various advanced applications and technologies like mobile point-of-sale (mPOS) systems, inventory management systems, order management systems, kitchen automation systems, and IoT devices. Legacy WiFi technologies may not offer the necessary capabilities to support these applications efficiently, limiting the potential for digital transformation and innovation.

2. Inability to Support High Device Density

As the number of devices connecting to WiFi networks continues to rise, legacy WiFi technologies may struggle to handle the increased device density as they operate on crowded and congested frequency bands, such as 2.4 GHz. This can lead to interference from other devices using the same frequency, resulting in degraded performance and unreliable connections.

3. Security Vulnerabilities

Legacy WiFi technologies may lack the advanced security features available in newer standards. This leaves the network more susceptible to unauthorized access, data breaches, and other security threats.

How Business Needs Can Be Mapped to Network Modernization

According to a 2023 retail industry CIO survey by Gartner, 35% of retailers surveyed cited “growth” as their priority, 27% said they will focus on customer experience, and 20% of the retailers surveyed are doubling down on technology modernization. In the restaurant industry, customer convenience and labor shortage were the key drivers for modernization. According to a survey of 300 restaurant operators by SpotOn, 75% of all restaurants surveyed planned to invest in technology modernization in 2023 to combat key labor shortages and offer better customer experience. These business imperatives are completely reliant on network modernization as highlighted below (Refer to Exhibit 2).

Business Drivers

Network Improvement Needed

Support for increasing transaction volumes, new store openings, and geographic expansion.

Ability to launch new locations using network templates and automation.

Minimize network downtime to ensure uninterrupted POS transactions and customer service.

Redundancy and fault tolerance mechanisms to mitigate the impact of hardware failures or network outages.

Strengthen network security to protect sensitive customer data and payment transactions.

Compliance with industry regulations, such as Payment Card Industry Data Security Standard (PCI DSS).

Enable smooth integration of online and offline channels to support unified commerce.

Connect in-store systems with ordering platforms, inventory management, and customer relationship management (CRM) systems. Support the integration of IoT devices for inventory tracking and layout analytics.

Improve visibility and connectivity across the supply chain for inventory management, logistics, and order fulfillment.

Build integration with vendors, suppliers, logistics, and delivery partners for real-time data exchange and coordination.

Elevate customer experience at the restaurant and the store.

Deploy reliable and fast Wi-Fi for customers and enable mobile device usage. Support dynamic or personalized menu boards, and enhance drive-thru and checkout experiences.

Streamline network operations, reduce maintenance costs, and optimize network resource utilization.

Monitor network performance, security, and compliance from a single dashboard.

Network Transformation Case Studies

The below case studies for a hypothetical multi-site business highlight two different approaches to upgrading the network based on business requirements.

Expand Drive-Thru and Phone Orders for a QSR

FeastOn was operating in a highly competitive QSR segment with a growing digital footprint. The company wanted to deploy a cloud-based POS integrated with an online ordering system, improve its ability to handle phone orders, and expand drive-thru services.

Network Requirements

FeastOn IT team identified the need for a high-availability design with 4-hour hardware replacement, WAN failover, redundant 48 port POE switches, 1 access point (guest and company use), VoIP with 4-6 corded phones, loud ringer, caller-ID integration with POS, integration of phones with text messages for order management. They required the ability to deliver drop-free calls during a WAN failure and to keep online orders (web and POS integrators, 60-70% of all orders) working while running on their backup connection. The current POS integration required a single public IP address that could be used over any circuit at each location for this to work.

Solution

FeastOn implemented two different network solutions based on traffic volumes and the growth potential of the location. One set of locations had a 4-hour hardware replacement SLA and the other set of locations came with a high-availability design that did not require immediate hardware replacement. The solution also included a cloud gateway SD-WAN solution that ensured phone calls did not drop during network failure and orders were able to flow seamlessly via the POS integrator that switched to the backup circuit. There were extra redundancy factors added to protect against any cloud gateway failures. This solution provided FeastOn with both WAN and hardware resiliency and met all application and phone failover requirements. This setup allowed them to continue to use some older POS setups while they transitioned to the cloud-based POS in phases.

Eliminate Downtime and Improve Network Security for a Retail Chain

QualityM realized that store operations were always hobbled by patchy network infrastructure nationwide. Network downtime was commonplace, network security management was a headache, and the legacy POTS phone system kept customers unhappy. PCI compliance kept them on their toes because of poor network design.

Network Requirements

QualityM hired a managed network services vendor to come up with a requirement for WAN redundancy, next-day hardware replacement, secure POS traffic, managed next-gen firewall, 24 port switch, two access points (guest and company use), and three cordless phones with an auto attendant that rings a group of phones to place orders.

Solution

The managed services vendor implemented a broadband circuit with automatic failover to an LTE backup. Every store had a single next-gen firewall, a 24 port switch (4 port POE injector used for the APs to keep cost down), and three cordless phones with auto attendant setup. The POS firewall sat behind the next-gen firewall in its security zone. This allowed the POS to use the WAN redundancy setup and still be secure from other network devices, which were separated into four other networks. This network design provided QualityM with a WAN-resilient and secure network.

Thumb Rules for Network Modernization

Irrespective of business needs or management expectations, there are several key factors and objectives retailers need to consider when evaluating network modernization solutions including:

Design the network to ensure high availability and minimize downtime.
Implement redundant network components such as routers, switches, and firewalls to prevent single points of failure.

Incorporate backup connectivity options, such as failover to secondary circuits or LTE backup, for uninterrupted operations.

Design the network to accommodate future growth and increasing network demands.

Consider the scalability of network devices, bandwidth capacity, and network architecture. Plan for potential expansion, new store openings, and increased customer traffic.

Conduct a thorough assessment of each store’s infrastructure and requirements. Ensure sufficient power supply, cabling, and physical space for network equipment.

Address any environmental factors that may affect network performance, such as temperature control and ventilation.

Evaluate and negotiate contracts with bandwidth providers to ensure reliable and cost-effective network connectivity.

Establish Service Level Agreements (SLAs) for uptime, latency, and bandwidth guarantees.

Maintain ongoing communication and relationship management with providers to address any issues or changes.

Assess existing contracts with vendors and hardware providers that are no longer needed.

Plan for a smooth transition to new vendors and hardware, including contract termination and equipment returns.

Ensure proper coordination between the network design and procurement/contract management teams.

Prioritize critical store applications, like POS (point of sale), inventory management, and sensitive IP traffic.

Allocate appropriate bandwidth and network resources to ensure optimal performance for these applications.

Implement QoS mechanisms to prioritize real-time traffic and minimize latency or packet loss.

Implement robust network security measures to protect sensitive customer data and maintain PCI DSS (Payment Card Industry Data Security Standard) compliance.

Utilize firewalls, intrusion detection and prevention systems (IDPS), and secure remote access mechanisms.

Apply secure segmentation to isolate critical systems and restrict unauthorized access.

Optimize network bandwidth utilization by leveraging caching, compression, and content delivery networks (CDNs).

Implement traffic shaping and bandwidth management techniques to prioritize business-critical applications and limit non-essential traffic.

Segment the network to enhance security, improve performance, and isolate different store functions.

Separate guest Wi-Fi networks from the corporate network to ensure data confidentiality and prevent unauthorized access.

Segment store operations, point-of-sale, and back-office functions to limit the impact of potential security breaches.

Provide reliable and high-performance Wi-Fi connectivity throughout the store premises.

Plan for adequate coverage and capacity to support customer Wi-Fi, mobile devices, and IoT deployments.

Implement secure guest Wi-Fi with captive portals, authentication, and encryption mechanisms.

Develop a detailed migration plan outlining steps for transitioning from the legacy network to the new infrastructure.

Conduct thorough testing and validation of the new network before the switchover. Plan for minimal disruption to store operations during the migration process.

Roll out a proof of concept (POC) at a limited number of stores to validate the effectiveness of the network design.

Measure the performance, reliability, and security of the new infrastructure in real-world scenarios.

Gather feedback and insights from store staff and IT teams to refine the design before full-scale implementation.

Implement network monitoring tools to proactively identify and troubleshoot network issues.

Utilize network management systems to centralize network configuration, monitoring, and reporting.

Ensure real-time visibility into network performance, availability, and security events.

Adhere to industry-specific regulations such as PCI DSS, GDPR, and HIPAA, based on the retail chain’s operations.

Design the network to meet compliance requirements and implement appropriate security controls.

Maintain audit trails, access controls, and security documentation to demonstrate compliance.

Provide training sessions to educate retail staff on the new network infrastructure and its benefits.

Offer guidance on network usage, security best practices, and troubleshooting common issues.

Ensure that staff members understand how to utilize new applications and tools enabled by the upgraded network.

In-House Vs Managed Services Providers for Network Modernization

Can retailers and restaurant brands choose to implement complex network modernization projects internally or should they choose to work with managed service providers? While there will always be opportunities for in-house network transformation projects, most Businesses are choosing to partner with managed network services vendors. According to Gartner, “Enterprises struggling to balance expense reduction with greater WAN and LAN agility and performance are increasingly turning to managed network services.” Also, the need to lower capital spending and gain access to specialized skillsets needed for digital transformation make managed network services vendors a compelling option to consider. Here are some additional insights on what’s driving retailers to hire managed network services vendors.

The demand for diverse network management skill sets and the ability to hire and retain employees with specialized network engineering skills can be a tough challenge for enterprises who would rather spend the time and money to strengthen core business operations and build products or services.

For example, a medium-sized retail chain or a restaurant chain looking to design and roll out an SD-WAN solution will probably need highly skilled network engineering talent during the initial design and roll-out phase. Once the solution is stable, the IT organization’s focus will be on ongoing maintenance and periodic updates.

Network technologies are increasingly becoming complex and involve integrating solution components from a diverse set of hardware, software, and bandwidth providers. Implementing a sophisticated network connectivity backbone for optimal business application performance will involve a mix of third-party vendors and OEMs specializing in different aspects of the solution. Troubleshooting performance issues with a POS machine at any location can involve packet tracing across multiple devices, networks, and the ISP serving the location. Coordinating troubleshooting involving multiple vendor entities can be a significant drain on the internal IT team’s productivity. It can even compromise routine tasks that the IT team is primarily responsible for due to lack of time.

Retail and restaurant chains manage hundreds of geographically dispersed locations or branches. Relying just on internal capabilities and skill sets to manage IT/network operations is not practical for a multi-location enterprise. It’s not feasible for internal network engineers to travel across states or international borders to set up or troubleshoot network issues at branch locations.

In addition to managing a complex security environment, enterprises have to also comply with various data management regulations that are directly related to how secure and compliant the underlying network is. Compliance regulations such as PCI and SOX impose a significant burden on retail IT teams that are focused on complex network modernization challenges. Most retailers face significant cybersecurity challenges as they embrace the cloud and grapple with a combination of lower-than-average staff focused on security operations and inventive cybersecurity attacks that target POS and loyalty management systems.

The urgent need to transform business operations is felt a lot more in consumer-facing industries such as retail. In most cases, investments and upgrades in network technologies cannot be handled in-house due to the lack of skills or tools needed for such complex projects across multiple locations. Multi-location enterprises have complex networks that are often difficult to upgrade. Managed network services providers with proven expertise and the backing of the solution providers or hardware vendors are well suited to pilot untested technologies, demonstrating ROI before implementing the solution on a large scale.

For a more in-depth understanding of why businesses should hire a managed network services provider, please read this informative blog post.

Ready to Upgrade Your Network?

Your network can be a competitive advantage. Talk to our experts to find out how you can upgrade your network infrastructure and maximize ROI for your investments.

Get a Free Consultation

Share this article

About the author

Bud Homeyer

Chief Operations Officer

Bud Homeyer is the Chief Operations Officer at Interface Systems. Having worked as an IT and security leader for leading consumer-facing brands like Michaels, Brinker, and Bank of America, Homeyer has a proven track record of solving complex enterprise-wide challenges to drive growth, productivity, and profitability. He spearheads Interface’s efforts to help customers embrace new technologies while minimizing risks.

Top SD-WAN Vendors in 2024 & How to Select One for Your Enterprise

Steve Womer — Sat, 07 Jan 2023 12:40:16 +0000

Managed Network & Voice

Steve Womer

SVP, Customer Operations

Managed Network & Voice

Top SD-WAN Vendors in 2024 & How to Select One for Your Enterprise

Introduction

Cutting through the Noise

When you look at the vast landscape of SD-WAN vendors, there are a plethora of features and differentiators each vendor touts as part of their marketing pitch. It’s extremely challenging for the IT department to navigate claims and counterclaims by SD-WAN vendors while keeping an eye firmly on the business needs.

In this blog, we cut through the noise to give you an unbiased insight into the specific capabilities of top SD-WAN providers that we believe have demonstrated solution maturity, implementation success and scale.

This article aims to highlight the key elements of each vendor platform and their differentiators. For the purpose of simplicity, we categorized SD-WAN vendors into two:

SD-WAN Complete Branch
SD-WAN Edge Only

In addition to vendor comparison, we have created a handy checklist that you can download and use as a template for evaluating SD-WAN solutions for your enterprise.

SD-WAN Vendor Categories Included in This Evaluation

1. SD-WAN – Complete Branch

This category of SD-WAN platform includes solutions with a unified architecture that offers:

SD-WAN orchestration and traffic control
Native Next-Generation Firewall (NGFW) capabilities
Single vendor branch infrastructure (Switching and wireless access points (WAPs) controlled via a common orchestration platform)

The main benefits of leveraging these platforms is that there is a much lower total cost of ownership (TCO) when compared to edge only solutions and a separate cloud security solution. This is not only achieved through the fact that the SD-WAN and NGFW functions are bundled, TCO is also lower because the licensing is typically less expensive and is not throughput based.

2. SD-WAN – Edge Only

This category includes solutions that are purpose-built to perform edge SD-WAN functions. Their main features include:

SD-WAN orchestration and traffic control
Application performance monitoring

Edge Only platforms are focused on application delivery and reliability as their main function. Some of the edge only SD-WAN platforms offer network administrators a sophisticated application monitoring and analytics capability to help identify root causes of performance problems.

Edge Only platforms typically have a higher TCO than complete branch solutions.

Top Vendors SD-WAN – Complete Branch

There are two main players in the SD-WAN complete branch category, Fortinet and Cisco Meraki.

Fortinet

Founded in the year 2000, Fortinet has been building security products for 20 years. Their flagship product is an enterprise firewall platform called a “FortiGate”. SD-WAN features have been added to the flagship products and are available in the latest firmware revisions. As an SD-WAN solution, Fortinet has ascended to the top right corner of the Gartner Magic quadrant for WAN Edge Infrastructure. This is a benefit to clients already leveraging the platform as enabling best in class SD-WAN may be as simple as upgrading to a later revision of FortiOS, assuming the existing devices support it.

Fortinet also has a wide range of switches and wireless access points, allowing for a homogeneous branch infrastructure.

Evaluation Factors

Observations

Initial Configuration and Deployment

Achieved through FortiDeploy and FortiManager.

Templates/policy packages are created in FortiManager and are either pushed to the device during enrolling or can be automatically associated with the FortiManager by using FortiDeploy.

Speed and Reliability

Per-session and per-packet steering are available.

Users can define SLAs and the configuration of prioritization is very granular.

Supports SSL decryption and steering based on user identity, which is a plus when network administrators want complete control over how applications and users are treated.

Network Visibility and Control

Achieved through FortiAnalyzer. Provides real time and historical statistics not only on network availability, but also security functions like; compromised endpoints, IPS/IDS events, blocked URLs, to name a few.

Pros

First Packet Identification
Active Steering
SD-WAN edge, switching, and WAPs controlled through single pane of glass
Best of breed security
No SD-WAN throughput licensing
Deep, granular control over application SLA and steering
SSL decryption
Easy configuration of remote VPN users using Forticlient

Cons

Orchestration and visibility require separate licenses
Limited application performance monitoring.

Summary: Fortinet is a platform for businesses that need best of breed security and flexibility to support non-standard designs and standard designs alike. Not overly difficult to configure but will work best when configured and administered by experienced network engineers.

Cisco Meraki

Meraki was founded in 2006 as a wireless access point platform and added switching and edge routing to the technology stack as the company grew. After being acquired by Cisco in 2012, Meraki has grown substantially and has operated largely as an independent platform and as a lower cost alternative to Cisco native products. Meraki added SD-WAN to their marketing materials as the demand grew. Similar to Fortinet, Meraki has a wide variety of switching and wireless access points.

Evaluation Factors

Observations

Initial Configuration and Deployment

Achieved through the Meraki controller.

Organizations and networks are configured, and templates are established for device profiles.

Configuration variables are applied to the Meraki devices when they are added to an organization and templates applied.

Speed and Reliability

Per-session steering is available. However, per packet steering or duplication is not available.

Has DPI and SSL decryption.

SLAs for steering can be user defined, although custom applications are not currently supported.

Network Visibility and Control

Achieved through the Meraki controller.

Provides real time and historical statistics on network availability.

Ease of use for configuration is a high point for the Meraki controller at the expense of some granularity and flexibility.

Pros

SD-WAN edge, switching, and WAPs controlled through single pane of glass
Advanced security license includes important security features
No SD-WAN throughput licensing
Meraki Controller included in license
Ease of use and configuration
SSL decryption

Cons

Organization scale becomes an issue for larger clients, sometimes requiring multiple organizations for a single customer WAN
Limited application performance monitoring
No forward error correction
No dynamic bandwidth detection
No identity-based steering

Summary: Meraki is a platform for businesses that have a straight forward network design with limited security considerations, do not need the SD-WAN dynamic path selection bells and whistles that other platforms have, and need a network stack that is easy to configure and support.

Top Vendors SD-WAN – Edge Only

There are two main players in the SD-WAN complete branch category, Fortinet and Cisco Meraki.

VMware Velocloud

VeloCloud was founded in 2012 with a vision to use cloud and virtualization to reinvent the WAN. Their fundamental differentiator early on was their ability to virtually bond multiple underlay circuits on a single virtual overlay link as well as enhance the user experience on a single connection using forward error correction and other proprietary mechanisms.

Their unique delivery model that included cloud gateways and a strong marketing strategy helped VeloCloud to grow rapidly until it was acquired by VMware in 2017.

Evaluation Factors

Observations

Initial Configuration and Deployment

Achieved through the VeloCloud Orchestrator (VCO). VCO templates are built and applied to VeloCloud Edges (VCE) upon activation.

Speed and Reliability

VeloCloud has deployed VeloCloud Gateways (VCG) in large data centers distributed globally and can provide on-demand link steering for cloud applications without passing through a customer data center.

Per packet steering, per session steering, and packet duplication are available but SLAs are pre-defined, so the user selects from one of the available traffic classes to assign priority for each policy.

Network Visibility and Control

Achieved through the VCO, ease of use is a big plus for VeloCloud.

Menus are easy to navigate and configuration changes are easy to deploy.

Has network performance as well as application performance monitoring.

Pros

Easy to configure
Cloud hosted gateways allow for easy implementation of multi-path session survivability
Application performance monitoring
First packet identification

Cons

No SSL decryption
Canned application SLA configuration
No NGFW capabilities

Summary: Early entrant with a mature and stable platform. Ease of configuration and management at the expense of some flexibility. A good platform for customers with straight forward network requirements that are considering a DIY SD-WAN solution.

Silver Peak

Silver Peak Systems was founded in 2004 and their first product was an NX-series hardware appliance and their focus until launching an SD-WAN platform was WAN Optimization. In 2015 Silver Peak launched the Edge Connect platform for SD-WAN. As of this writing HPE has announced its intent to acquire Silver Peak.

Evaluation Factors

Observations

Initial Configuration and Deployment

Silver Peak uses the Unity Orchestrator for template management.

Templates are created based on business intent and applied to Edge Connect devices with location specific variables.

Speed and Reliability

Per-session steering, per-packet steering, and packet duplication are available.

Users can define SLAs and the number of applications for steering is extensive (industry leading as of this writing).

Does not support SSL decryption and steering based on user identity.

Also has a license add-on for boost which enables WAN Optimization functions like TCP optimization and de-duplication.

Network Visibility and Control

Network statistics and health can be obtained through Unity Orchestrator. Has application monitoring (MOS) (Mean Opinion Score).

Pros

Granular control over application SLA and prioritization
Application performance monitoring (Mean Opinion Score)
First packet identification
Full featured SD-WAN path control including duplication

Cons

No SSL decryption
No NGFW capabilities
MOS monitoring but no MOS steering
Requires deep knowledge of platform to properly configure

Summary: Silver Peak is an SD-WAN platform with all the path selection bells and whistles you would expect in an industry-leading solution with a high level of configurability for those that want to be able to turn knobs and levers to fine tune performance. Option for WAN Optimization is beneficial for businesses that will benefit from it. However, the high level of configuration variables requires a high level of expertise to successfully implement this solution.

Cisco Viptela

Viptela was founded in 2012 as an SD-WAN edge company. Viptela’s orchestration platform (vManage) was built to be a comprehensive but easy to use tool and provides more familiar functions (Command Line interface, granular configuration, and SLA control) to network engineers when compared to some other early entrants to the SD-WAN market.

Viptela was acquired by Cisco in 2017 and Cisco has undergone a process of supporting the Viptela software on their ISR platform. As of this writing Cisco still offers Viptela native hardware.

Evaluation Factors

Observations

Initial Configuration and Deployment

Templates are built in vManage and provisioned using vBond.

vSmart is used to authenticate vEdges (Viptela hardware + software) for provisioning or now cEdges (Cisco ISRs running Viptela software).

Requires network engineering expertise and/or assistance from Cisco engineers for set-up.

Very flexible but not as simple as some other platforms that are GUI only.

Speed and Reliability

Viptela uses traditional routing protocols rather than proprietary software and has session-based steering but no per packet steering.

Packet duplication is available.

vSmart controller functions as the routing engine and SLAs can be user defined.

Viptela has extensive applications for steering, although the vEdge supports more applications than cEdge/ISR.

Network Visibility and Control

Network statistics and health provided through vManage (vAnalytics) and has an extensive knowledge base on the Cisco website.

Pros

Granular control over SLA
Familiar tools for network engineers (CLI, common routing protocols)
Single dashboard for visibility and control
Packet duplication
Software can be loaded on existing supporting ISRs
NGFW (Available when deployed on ISR)

Cons

No SSL decryption
No NGFW on vEdge platform
No custom applications or application monitoring

Summary: A platform for die-hard Cisco fans that want SD-WAN features but also want functions that are familiar like a command line interface and routing protocols like BGP/OSPF/VRRP for SLA management.

Palo Alto CloudGenix

CloudGenix was founded in 2013 and has built what they call a “Gen 2” SD-WAN platform. The solution is focused on application-level visibility and performance management rather than traditional transport layer prioritization that some other platforms use. CloudGenix was acquired by Palo Alto Networks in 2020 to help round out the company’s SASE strategy.

Evaluation Factors

Observations

Initial Configuration and Deployment

CloudGenix’s orchestration platform allows you to configure templates and deploy devices (IONs) based on standard configuration rules.

Speed and Reliability

Per session steering is available, packet steering and duplication are not.

Allows customization of SLAs and applications.

Does not support SSL decryption but does have identity-based steering.

Network Visibility and Control

Visibility and analytics (Clarity platform) is the biggest differentiator of the CloudGenix platform.

While the SD-WAN path control may not be as advanced as some of the other platforms, the ability to measure and make on the path selection decisions based on application performance (like MOS based steering) is a differentiator.

Pros

Active and passive performance monitoring provides extensive analytics on application flows
Cloudblades platform allows easy deployment of approved 3rd party branch infrastructure services like cloud firewall and UCaaS
Granular control over SLA and custom applications
Application-performance based steering

Cons

No packet level steering or duplication
No SSL decryption
No first packet identification
No NGFW
PAN (Palo Alto Panorama) integration is still a separate license and orchestration platform

Summary: A flexible SD-WAN platform geared towards customers that need a tool allowing visualization and analytics around application performance.

Versa

Founded in 2012, Versa has offered an SD-WAN solution with built-in security since inception. Several carriers chose Versa as their go to SD-WAN solution for enterprise clients before they moved to offering alternative solutions.

Evaluation Factors

Observations

Initial Configuration and Deployment

Versa uses Versa Director for template and lifecycle management.

Device templates are configured, and service templates are used for steering, security, and Quality of Service (QoS).

Both are applied to appliances during activation.

Speed and Reliability

Versa has per-session and per packet steering, as well as packet duplication.

SLAs and applications are customizable, providing a high degree of flexibility in configuring policies for maximum network performance.

SSL decryption is supported but user identity-based steering and first packet identification are not.

Network Visibility and Control

Versa has Versa Director and Versa Analytics, providing a view into real time network and application performance as well as analytics with actionable insights on network security and application performance.

Pros

All of the SD-WAN path selection features with a high degree of flexibility
NGFW included
MOS based steering
SSL Decryption
Application performance monitoring

Cons

No identity-based steering
No first packet identification

In summary: Versa works well for companies that need all the traffic steering functionality that SD-WAN offers and want to administer security and SD-WAN in a single pane of glass.

Checklist for Evaluating SD-WAN Solutions

When evaluating SD-WAN solutions, there are three critical criteria that enterprises should consider:

Initial and ongoing configuration aka orchestration
Path selection and steering
Security

Here is a checklist that’s designed for mapping SD-WAN feature sets offered by vendors to business needs.

Cost & Licensing

Determine Overall Budget Goals

Do you have the budget for active/active or active/passive connectivity?

Would you be using DIA/Broadband?

What are your connectivity options -wired/wireless?

Do you have aging/unmanaged switches and/or WAPs?

If so, consider replacing them at the same time as the WAN edge.

Bandwidth Sizing

Determine the throughput requirements and ensure proper sizing is factored into TCO.

Path Selection & Steering

Custom Applications

Do you have in-house applications that require prioritization? If yes, ensure the SD-WAN platform can identify that traffic.

Active Steering/Session Survivability

If required, look for solutions that either have packet based steering or duplication.

Custom SLAs or Category SLA

Determine if you need the ability to define SLAs rather than using canned priority classes

Identity Based Steering

Do you need to steer traffic based on a user identity?

Security

NGFW Capabilities

Do you prefer to have security enforced at the WAN perimeter or do you prefer to send all traffic to the cloud for inspection?

SSL Decryption

Do you require SSL inspection?

Configuration & Maintenance

Deployment / Configuration

If using an SD-WAN integrator, ensure they’re familiar with your existing architecture for a smooth transition.

If deploying using internal resources, ensure you have the level of expertise required to configure and implement the solution.

Visibility

Do you need to continually measure application performance and modify business policies to use the best path?

SLA Management

Do you need the ability to measure SLAs to provide reports to carriers to request SLA credits?

Alerting

If using an SD-WAN integrator, ensure their monitoring and management includes everything required to maintain the SD-WAN edge, including connectivity.

If self managed, ensure you have the tools and personnel to deal with last mile issues.

The SD-WAN market continues to mature and is now a mainstream component of network refresh projects.

When looking at SD-WAN vendors, there is a large amount of feature parity and a majority of the differences are nuanced, for example, where to go in the Orchestrator to create a business policy.

That being said, understanding whether or not you can tolerate a dropped session when a primary connection fails or whether or not you need the ability to add custom applications are just a few examples of the decision criteria you should use when comparing SD-WAN vendors.

4 Practical considerations for SD-WAN design

Get in-depth insights

Free Ebook Download

Share this article

Take the pain out of SD-WAN selection and implementation

Interface experts are ready to help you streamline drive-thru operations.

Learn More

About the author

Steve Womer

SVP, Customer Operations

Steve Womer has experience designing and deploying WAN/LAN infrastructure for distributed enterprise clients since 2008 and has served in various engineering, sales engineering, and operational roles for industry leading managed services providers.

Explore more blog articles

Business Security Video Analytics

Business Video Surveillance Insights for Loss Prevention Teams

Learn how enterprise loss prevention teams should choose cameras for video surveillance.

Read Blog Post

Business Intelligence Restaurants Video Analytics

7 Groundbreaking Drive-Thru Concepts and Trends for QSRs in 2024

What’s Propelling Restaurant Drive-Thru Innovations?

Read Blog Post

Managed Network & Voice Retail

Retail Network Transformational Insights

Infographic that explains how COVID-19 is driving network transformation among retail chains.

Read Blog Post

View All Blog Articles

Connect with Our Experts

Interface solution experts are ready to help you solve challenges. Set up a no-obligation, exploratory call now.

Get a Free Consultation

7 Reasons to Hire a Managed Network Services Provider

Bud Homeyer — Tue, 03 Jan 2023 09:32:37 +0000

Managed Network & Voice

Bud Homeyer

Chief Operations Officer

Managed Network & Voice

7 Reasons to Hire a Managed Network Services Provider

Introduction

What does a Managed Network Service Provider do?

A managed network services provider manages some or all aspects of design, implementation, support, maintenance, security, performance, and availability of the customers’ network infrastructure.

The components of the network infrastructure outsourced to a managed network services provider could include internet access, data circuits, customer premises equipment (CPE), cabling, covering LAN/WLAN and WAN.

The scope of these services can vary greatly depending on the size and complexity of the network to be managed and the customer’s choice of what aspects of the network services are to be outsourced.

Why Enterprises Rely on Managed Network Services Providers

Digital transformation and the need to lower capital expenditure are probably the primary reasons for the relentless growth in the managed network services market which is expected to be worth a whopping $95 billion worldwide by 2027^[1]. According to Gartner^[2], “Enterprises struggling to balance expense reduction with greater WAN and LAN agility and performance are increasingly turning to managed network services.” Here are the 7 primary drivers for enterprises to outsource network management to managed network services providers.

1. In-House Network Management Skills Gaps

Below is a sample of the high-level responsibilities required to manage a network in any mid-sized to large enterprise.

Managed Network Service Domains

Skills and Tasks

Network Engineering

Network architecture and design
Router configuration
Switch configuration
Wireless access point configuration
Firmware updates
Software patches
Troubleshooting

Security Engineering

Firewall architecture and design
Firewall configuration
Firewall firmware updates
Firewall software updates
Firewall rule management
Content filtering configuration
Content filtering maintenance
Compliance (PCI, SOX, etc)

Field Support

Project management
Onsite installation
Onsite troubleshooting
Onsite repairs
Spare parts management
Warranty management
Asset management

Help Desk

Incident response
Troubleshooting
Call center management

In most cases, it is impractical for enterprises to hire and retain in-house teams to perform all of the above tasks.

Unlike enterprises with periodic spurts in demand for network management skills, managed network services providers are able to deploy their teams across multiple client engagements giving them the ability to hire, retain and motivate a broad group of network engineers with diverse skill sets.

2. Difficulty in fixing network issues in a multi-vendor setup

Network technologies are increasingly becoming complex and involve the integration of solution components from a diverse set of hardware, software, and bandwidth providers. Invariably, implementing a sophisticated network connectivity backbone for optimal business application performance will involve a mix of third-party vendors and OEMs who specialize in different aspects of the solution.

For example, a typical retail store has numerous devices, applications or solutions that need to work together.

Devices in a typical retail store

Troubleshooting performance issues with a POS machine at any location can involve packet tracing across multiple devices, networks, and the ISP serving the location. Coordinating troubleshooting involving multiple vendor entities can be a big drain on the internal IT team productivity and can even compromise routine tasks that the IT team is primarily responsible for due to lack of time.

With a managed network services companies, enterprises have a single point of contact and can do away with managing different SLAs across vendors. The problem of accountability and finger-pointing among providers is pronounced when there is no single entity to take ownership for all solution components – a role, managed network service providers are suitable for.

3. Limited Geographical Reach and Access to Partners

Retail chains, restaurant brands or franchisees, financial services, and hospitality brands manage hundreds of geographically dispersed locations or branches.

In spite of the COVID-19 pandemic, Most multi-location enterprises are expanding operations. According to Coresight Research, by March 2021, US retailers had announced 3199 store openings compared to just 3,298 openings for the whole of 2020^[3].

Relying just on internal capabilities and skill sets to manage IT/network operations is not practical for a multi-location enterprise. It’s not feasible for internal network engineers to travel across states or international borders to set up or troubleshoot network issues at branch locations.

The quantum of work it takes to manage a network often drives enterprises to choose a managed network service provider as it’s often a question of prioritizing core business.

Most established managed network service providers have extensive partnerships and relationships with network carriers, hardware OEMs, and network software vendors that are useful to tackle large-scale network challenges. In addition, some managed service providers also have a local presence in multiple states and geographies thereby offering customers an extensive support network.

4. Network Security Threats and Compliance Challenges

Research studies have validated what’s clearly a problem in enterprises – the ever-growing network complexity and the associated security challenges. Here are a few insights from surveys conducted by the Enterprise Strategy Group^[4]:

27% of cybersecurity professionals declared that each security technology demands its own management and operations, straining many organizations’ resources.
51% of organizations have a problematic shortage of cybersecurity staff and skills.
24% of survey respondents say their organization needs different solutions for different infrastructure environments such as cloud applications, data centers, endpoints, networks to name a few. This creates operational inefficiencies and leads to security loopholes.

For example, a retail or restaurant chain may have to comply with the following regulations:

Payment Card Institute (PCI)
Health Insurance
Portability and Accountability Act (HIPAA)
European General Data Protection Regulation (GDPR)
California Consumer Compliance Protection Act (CCPA)
Personally Identifiable Information (PII)
Sarbanes Oxley (SOX)

According to the Cost of Data Breach Report 2021, system complexity and compliance failures were found to be the top causes that amplify the cost of a security breach. Businesses with low levels of compliance incurred $2.3M more in costs associated with security breaches when compared to businesses with higher levels of compliance^[5].

Managed network service providers have the ability to address complex network security and compliance challenges holistically. Some of them specialize in designing network solutions that address industry-specific compliance regulations or security requirements such as those applicable for healthcare.

5. Network Cost Reduction Challenges

Enterprises view technology and automation not only as growth drivers but also as key tools for cost optimization. According to a PwC survey, about 20% of CFOs in the US say they rely on technology as a tool for cost reduction^[6]. One way enterprises can optimize network management cost is by leveraging multi-functional network solutions such as an SD-WAN with built-in firewall and routing capabilities. Even this approach demands specialized skills. That’s why relying on in-house know-how and cost-cutting programs alone cannot deliver cost reduction in network management. In fact, enterprises that don’t have the size or scale to demand better SLAs or negotiate favorable contracts with vendors often find that internal IT cost reduction programs often result in degraded network performance or increased security vulnerability as routine maintenance, patches, or updates end up being compromised. Degraded network performance and downtime can have a serious impact on sales and will cost the business a lot more than the cost to hire a managed network services provider.

The true cost of network cost-cutting:

Depending on the brand, category, location, or size, a retail location generates sales in the range of $1,000-$10,000 per day with big-box retailers earning a lot more. Degraded network performance or availability as a result of cost-cutting programs can have serious consequences.

POS terminals cannot process a debit/credit transaction
Online orders and phone orders can go out of service
Customers will encounter service issues and delays
There are other serious productivity and security implications as well.

Even if the POS system has the capability to store and forward credit authorizations, the network has to be up and running before the transactions are settled. The fall-back option also elevates the security threat if the credit card data is not handled the right way.

Employees end up spending a lot of time with the IT help desk and the IT teams in turn spend a lot of time troubleshooting the issue across multiple vendor-provided infrastructures.

All these issues drive up the cost of business, hurt sales, negatively impact customer satisfaction and employee productivity.

In general, managed network services providers have significant leverage and buying power with equipment manufacturers as they place large orders to cater to different customer projects.

The scale of operations results in lower technology spend.

Some managed network services vendors offer a flat rate billing for standard maintenance and monitoring services. This model simplified the IT operations for the customer and offers predictability in forecasting costs as the customer expands to new locations.

A managed network services provider can further optimize costs and set up a financial model that’s tailormade for every customer’s capital expenditure or operating expense goals or priorities.

Large capital spend can be softened by creating a model where the cost of equipment and implementation are expensed over the life of the contract improving cash flow.

6. Flexibility to Execute Business Transformation

The COVID-19 pandemic has highlighted the pressing need for businesses to rapidly adapt to changing consumer expectations. The urgent need to transform business operations^[7] is felt a lot more in consumer-facing industries such as restaurants and retail. The table below highlights some of the trends that retail chains^[8] are grappling with and how these changes require significant investments in technology or network solutions. In most cases, these investments and upgrades cannot be handled in-house due to the lack of skills, tools, or manpower needed for such complex projects across multiple locations.

Trends in Consumer-Facing Markets

IT and Network Impact

Technology will continue to revolutionize online and physical retail, forcing rapid change and innovation.

IT Infrastructure to handle larger online transaction volumes and Buy Online Pick Up In-Store (BOPIS)

Consumers will expect frictionless, tech-enabled experiences.

Real-time integration between critical applications – ordering, inventory, marketing.

Traditional channels will continue to blur as retailers and manufacturers embrace a direct-to-consumer model.

Wireless WAN infrastructure to support connectivity needs outside the walls of the store.

The fulfillment experience will become an increasingly critical execution point.

Expanded physical security coverage outside the store.

Rapidly changing consumer expectations and behaviors are forcing supply chains to be more responsive and transparent.

Sophisticated demand forecasting applications that rely on real-time data feeds.

Omnichannel shopping, multiple fulfillment points, and geopolitical issues will add to supply chain challenges.

Integrate inventory, shipping, and schedule data from different applications.

End-to-end visibility will be the number one requirement for effective supply chain management.

Track and trace systems to provide real-time visibility on lead times.

Case Study –

Why Network is Critical for Digital Transformation

A fast-growing restaurant chain that was managing the network infrastructure in-house faced major challenges during COVID-19 as there was no standardized network infrastructure or bandwidth availability across the various locations.

Network downtime and degraded performance were frequent issues and the in-house IT team did not have the resources to troubleshoot the problems with any predictability.
The customer experience at every touchpoint – phone ordering, tracking online orders, curbside pickup, and POS transactions, was below par.
Employees spent a lot of time on the phone troubleshooting issues instead of focusing on the customer.
Network downtime directly impacted sales and customer service.

The customer chose to standardize and upgrade the network infrastructure, added redundant internet lines, all managed by Interface. This strategy paid off as the restaurant chain was able to eliminate network downtime thereby driving up customer satisfaction and sales.

The internal IT team could now focus on the IT transformation roadmap instead of getting bogged down with day-to-day operations.

7. Reduced Complexity for Predictable Outcomes

Network technologies are evolving faster than ever and the changing consumer preferences are forcing enterprises to embrace new networking technologies faster than ever before. According to Hype Cycle for Enterprise Networking, 2021^[9], the concept of building a stable network infrastructure that will last for 5 to 10 years is no longer in practice.

As you can imagine, by the time an enterprise stabilizes the implementation of a brand new network solution, there are a dozen other technologies promising better results and greater flexibility to ramp up business operations!

The rapid evolution of networking technologies also gives rise to increased complexity as enterprises are forced to rely on point solutions if the primary solution provider is behind the curve in critical emerging technologies.

Managing complex systems is expensive and often requires access to niche talent which increases the cost of network operations.

That’s why enterprises are embracing managed network services providers as they attempt to keep pace with emerging network technologies while minimizing implementation and support risks.

For example, there is already a significant uptick in enterprises relying on managed network service providers for SASE. According to Gartner, “By 2024, 30% of enterprises will adopt cloud-delivered SWG, CASB, ZTNA and branch office firewall as a service (FWaaS) capabilities from the same vendor, up from less than 5% in 2020.”

Multi-location enterprises have complex networks that are often difficult to upgrade. Managed network services providers with proven expertise and the backing of the solution providers or hardware vendors are well suited to pilot untested technologies, demonstrating ROI before implementing the solution on a large scale.

Identifying the most relevant technology and successfully implementing it is just one side of the coin. The ROI of the new technology implementation is dependent on predictable outcomes on an ongoing basis.

Network service providers with the required domain expertise and process maturity can ensure the ongoing success of any new solution implementation that’s measured through service level agreements (SLAs).

In general, SLAs cover the following aspects of service delivery:

Scope of services
Performance metrics
Reporting procedures
Roles and responsibilities/division of responsibilities
Escalation process
Penalties and remedial steps including legal recourse
Engagement governance

SLAs are meant to provide clarity on the success or failure of the engagement and in some cases can also be tied to business metrics. Enterprises should definitely put in the effort upfront to have well-defined SLAs in place and also review the performance for streamlining the process and graduate to a more meaningful set of SLAs as the business evolves.

Managed Network Service Providers Can Be Game Changers

As enterprises pivot to new business models and accelerate digital transformation, there is a major demand for implementing complex solutions. Solution complexity brings with it an array of challenges that makes hiring a managed network services provider a necessity.

With proper due diligence, enterprises can gain significant competitive advantages by partnering with a managed network services provider.

Maximize ROI on technology investments by reducing capital expenses and focusing on business outcomes.
Build a lean and agile IT team that has the capacity to bring to bear specialized expertise offered by the managed network services vendor.
Validate new and emerging technologies before scaling or making additional investments thereby minimizing implementation risks.
Build custom network management solutions that are designed for unique business workloads and customer demands.
Ensure the success of mergers or acquisitions even when inheriting legacy network infrastructure from the acquired entity.
Put into practice the lessons learned by the managed services vendors who are exposed to network challenges faced by other customers.

Share this article

Get the Interface Advantage

Interface’s managed network services can help multi-location enterprises leapfrog competition and delight customers. Talk to our experts.

Learn More

About the author

Bud Homeyer

Chief Operations Officer

Explore more blog articles

Business Security

5 Essential Steps to Create a Lone Worker Safety Policy

In-depth lone worker safety policy guide with actionable steps and templates

Read Blog Post

Restaurants Retail

Making IT Happen – The Interface Blog for Distributed Enterprises

The worldwide climate is uncertain right now. We are facing a health crisis unlike anything we’ve seen

Read Blog Post

Business Security Managed Network & Voice

5 Technology Solutions For Essential Business Services

Technologies IT and Loss Prevention Leaders Should be Adopting or Evaluating

Read Blog Post

View All Blog Articles

Connect with Our Experts

Interface solution experts are ready to help you solve challenges. Set up a no-obligation, exploratory call now.

Get a Free Consultation

Retail Network Transformational Insights

navin@cyces.co — Wed, 14 Dec 2022 19:34:57 +0000

Managed Network & Voice

Don Fruhwirth

Director of Product Management

Managed Network & Voice Retail

Retail Network Transformational Insights

Introduction

Explore some of the key insights that network and security leaders should know as they transform their IT infrastructure to embrace new ways of doing business.

Interface’s network services partner, Fortinet, and Canam conducted a survey among network and security professionals in the retail industry to understand how the COVID-19 pandemic has changed consumer preferences and how these changes have created new network and security challenges.

Share this article

About the author

Don Fruhwirth

Director of Product Management

Don Fruhwirth is Director of Product Management at Interface Security Systems. He brings more than 20 years of expertise in security integration strategies, next-generation networking design and wireless system architecture. Don has enabled numerous enterprises in transforming their IT and asset protection system infrastructures. Don is an industry thought leader and frequent speaker on topics such as SD-WAN, cloud video architectures, remote video surveillance and advanced network security. Prior to joining Interface, Don has held senior solution engineering positions for regional security and global cellular telecommunications companies. In addition to his security background, Don holds advanced networking certifications from Cisco, Fortinet and Cradlepoint.

Explore more blog articles

Business Intelligence Retail Video Analytics

6 Game-Changing Retail Technology Trends in 2024

Retail technology trends in 2024 - Contactless Stores, AI-Enabled Security Cameras, Retail Video Analytics, Metaverse, Retail Demand Planning

Read Blog Post

Managed Network & Voice

Top SD-WAN Vendors in 2024 & How to Select One for Your Enterprise

We reviewed all the top SD-WAN vendors for 2024 and included a handy guide to help you choose a SD-WAN solution that will meet your business needs.

Read Blog Post

Business Intelligence Retail Video Analytics

Retail Store Layout Optimization with Video Analytics

Get actionable tips to leverage video analytics for retail store layout optimization to improve customer satisfaction, sales, and compliance.

Read Blog Post

View All Blog Articles

Connect with Our Experts

Interface solution experts are ready to help you solve challenges. Set up a no-obligation, exploratory call now.

Get a Free Consultation

5 Technology Solutions For Essential Business Services

Don Fruhwirth — Mon, 12 Dec 2022 14:14:01 +0000

Managed Network & Voice

Don Fruhwirth

Director Product Management

Business Security Managed Network & Voice

5 Technology Solutions For Essential Business Services

Introduction

What are Essential Business Services?

Essential business services are a list of businesses that the federal, state of the local Government considers as critical to the functioning of the society even when there is a declared public emergency. The list of essential business services will vary based on the situation. In general, hospitals, emergency services, grocery or convenience stores, gas stations, utilities and critical manufacturing and industrial units.

Why Essential Businesses Should Work with Managed Service Providers

As essential services businesses continue to operate throughout the global health crisis, they are bracing for an expected spike in IT and physical security challenges.

Operations, IT and asset protection professionals are being asked to identify and evaluate the key technologies that will help them stay connected and protected and that make the most sense to integrate into their operations. Already stretched, as they deal with smaller teams and tighter budgets, it’s hard for these industry professionals to stay on top of all the latest advancements.

Here is how having a managed service provider can help essential businesses cope with these challenges.

A managed service provider can act as an extension of the in-house team to help assess needs and evaluate new technologies to see if they would be the right fit.
Managed service providers with a strong OEM relationship base or technology partner network can act as a bridge between customer requirements and new technologies or toolsets developed by vendors.
The experience gained by working with multiple customers in an industry segment allows managed service providers to cross-pollinate ideas and best practices across projects to deliver ROI faster.

5 Technologies Essential Businesses Should Adopt Now

Here’s a look at 5 standout technologies essential businesses should consider to safeguard their people, customers and assets, transform network connectivity and drive operational efficiencies.

1. Interactive Monitoring Systems for Pervasive Security

Move over, passive camera feeds. Interactive video systems directly address safety and security concerns for employees and customers.

These systems, which offer live video and two-way audio, have been critical for many businesses and are gaining considerable momentum. For businesses that are either lightly staffed or have no security guard, a virtual guard solution that includes an interactive monitoring system with remote monitoring by security professionals, offers safety at a fraction of the cost of a live, on-premises security staff.

For many essential businesses that are still open and operating throughout the pandemic, this solution provides a security team that can see, hear and communicate with employees in a store, restaurant or other business.

In some of the newer applications, the voice down feature provides the ability to not only make public announcements during store openings, closings or cash drops but can also address social distancing, food safety compliance issues.

Throughout the day, remote intervention specialists can conduct virtual guard tours by tapping into live audio and video feeds to check the premises, similar to what an on-premises security guard would do. Once complete, the specialist might then ask the location if all is well and seek an affirmative response from the employees. The purpose of this is three-fold.

It lets customers know there’s a security presence watching over the location and provides them with peace of mind.
It also alerts potential shoplifters and other threat actors that they are being watched.
Finally, it provides the employees of the store with a sense of security knowing that they are not alone.

Many businesses that are still operating are also offering new and/or alternative services such as curbside pickup. They are looking to expand their current security solutions to go beyond what’s inside their location to also cover areas just outside their doors. The interactive video monitoring solution might be the best bet to tackle these emerging needs.

2. Artificial Intelligence to Unearth Operational Insights

Something we’re often asked about is how artificial intelligence applications can be leveraged to make business processes more effective.

We have been testing out some really great facial recognition technology that has the potential to be a game changer. Businesses can marry facial recognition technology with video monitoring to enable new applications such as people counting at stores.

While stores are under mandatory capacity constraints, this could be used to create alerts around exceeding capacity without manually counting people with a clicker at the door. With a camera pointing out and another pointing in, we can subtract those leaving from those entering to get a net number of people in the store.

The same technology can be used to thwart shoplifters by creating alerts that are tied to specific suspect faces based on previous issues. If a person with a tagged face is identified as they enter a store, an immediate alert can be provided to a monitoring center for quick intervention.

As described earlier, making an announcement when that suspected shoplifter enters is a great way to let that person know they are being watched and that will likely change their behavior. While this technology has the potential to really enhance the security space, it also triggers significant questions over privacy concerns and requires restrictions on storing and handling a facial image, so caution is also urged.

3. 4G/5G/Wireless WAN to Gain Operational Flexibility

Operations and IT professionals are trying to help their businesses get enough bandwidth to run more applications over their network and enable seamless performance.

Terrestrial broadband connections are often expensive or not available. 4G LTE is a ‘right here, right now’ technology that works very well as a fixed location broadband service.

While 5G is being deployed by the big three carriers, they are initially focused on dense cities and mobile customers, and not yet on fixed location broadband solutions. 5G has some technological challenges with signal reception inside buildings that are still being resolved. With that said, 5G isn’t quite ready yet, but we’re keeping our eyes on it because of its great potential.

Meanwhile, we provide thousands of locations with dual 4G LTE connections where all store applications rely on that connection—even VoIP— and performance and reliability have been excellent.

One caution with wireless is that the wireless carriers offer the service as a metered plan or with caveats on their “unlimited” plans. For now, the key is to be smart with what’s being deployed, and which applications are appropriate.

For example, a business offering guest Wi-Fi might want to avoid a metered use 4G/5G connection which can get very expensive very quickly.

One strategy we recommend that solves the bandwidth challenge is to combine 4G with cable or high-speed DSL, using 4G as a backup or for business-critical applications, and running the bandwidth intensive applications on the terrestrial circuit with some intelligent routing.

Something else on our radar that’s becoming increasingly important across a variety of businesses, are pop-up networks. They’re innovative new ways of doing business for workforces in the field or temporary locations and are pushing for secure and easy to deploy connectivity that can be remotely monitored and managed.

On a side note, Interface has strategic partnerships with both Cradlepoint and Fortinet, as well as various wireless carriers, to deliver a fully managed wireless service to businesses.

Look out for more exciting announcements and promotions in the upcoming months!

4. SD-WAN to Leapfrog Limitations of a Traditional WAN

Another technology that is gaining a lot of attention is SD-WAN.

Many IT leaders have either already adopted it or are in the process of evaluating the various offerings. Since many of the SD-WAN solutions can be rather pricey, it’s smart to understand what does SD-WAN mean for a typical business that is on a tight budget?

As essential businesses look to embrace new ways of serving customers, the dependence on traditional WAN severely limits the options available to extend the network where it is needed.

According to Gartner, SD-WAN solutions provide a replacement for traditional WAN routers and are agnostic to WAN transport technologies. SD-WAN provides dynamic, policy-based, application path selection across multiple WAN connections and supports service chaining for additional services such as WAN optimization and firewalls.

The promise of SD-WAN is to enhance WAN performance and simplify WAN administration through software and automation. SD-WAN is an evolution of technologies that pre-existed the term “SD-WAN” but work extremely well as a unified architecture.

Realizing the promised transformational benefits of SD-WAN is not a walk in the park. There are three fundamental challenges that IT leaders need to watch for before embracing an SD-WAN solution:

Implementation can be complex
Realizing cost savings with a SD-WAN is not that easy
Interoperability with your existing network infrastructure can be challenging

We certainly recommend reading our in-depth guide on how to go about implementing an SD-WAN solution to transform your WAN.

Click here to read our SD-WAN guide.

5. Business Voice Over IP for Better Collaboration and WFH

If an enterprise has not yet converted to Voice over IP, it should certainly look into doing so. VoIP solutions deliver simple, powerful and cost-effective calling services for distributed enterprises.

Most of the business VoIP solutions include features such as unlimited local calling, free long distance on network, four-digit enterprise-wide dialing and voicemail and ‘find-me-follow-me’ to make it easy to be contacted no matter where you are physically.

For essential businesses, having a cloud cloud-based auto attendant that comes with VoIP solutions can be game-changing. The value here is that when someone calls a store or business, the phone is not actually ringing at the location. It’s ringing a cloud-based auto attendant which presents the caller with clear options from there.

For instance, if the caller is looking for directions or for business hours, there’s no need for the call to be transferred to the store or business location. Those kinds of questions can be answered with a recording. If the customer really wants to speak directly with someone at the location, there’s an option for them to transfer.

With this solution , businesses can reduce between 50 to 60 percent of the call volume for employees and free their time to be used for other important tasks.. And while there is some management involved, such as updating information like store or business hours, the customers that we’ve deployed it for absolutely love it, especially when they’ve asked us to manage and maintain the information as it changes throughout the year.

Customers also appreciate the ability to define ring groups and call flows that can be used to dial specific phones in a specific order or in response to different conditions. If no one is available to take the call in a store, for example, after a certain number of rings, the call can automatically be routed to a call center to be handled by the next available agent. Or it could be routed to a cell phone. Or to another store.

There are many possibilities.

Additionally, there are business continuity/disaster recovery options for VoIP that, in the event of a disaster, can reroute calls from one location to another all from a cloud-based console.

What’s Ahead for Essential Businesses

There are many other interesting emerging technologies on the horizon. Some we haven’t covered yet but look forward to announcing soon such as cameras that can detect people with fevers and cloud-based mobile text messaging for handling customer support at scale. We already have some of these in our labs being studied, tested and assessed.

In this blog post, we’ve looked at a number of technologies that have been making serious inroads in various businesses and are currently being deployed. Many are directly making a difference in our current climate.

A managed service provider such as Interface, with years of deep networking and security expertise, can help business, IT and security professionals make the right choices when deciding which technologies are ripe for deployment. We then work closely with them to design, integrate and support custom solutions to meet their unique challenges.

Share this article

About the Author

Tom Hesterman

Senior Vice President of Products and Solution Engineering

Tom Hesterman is Senior Vice President of Products and Solution Engineering at Interface Security Systems and oversees the departments focused on evaluating new technologies, designing customized solutions for customers, developing products for installation at scale and working with customers to leverage the variety of managed services provided by Interface. Tom has 25 years of expertise in secure networking, telecom, wireless architectures, intrusion alarms and business intelligence systems along with 11 years as an aerospace engineer. He has enabled large enterprises in transforming their IT and asset protection system infrastructures. Prior to joining Interface, Tom held various executive roles including VP of Service Delivery for MegaPath, VP of Customer Operations at Telepacific Communications and President of Primary Network. Tom holds a BS in Aeronautical Engineering and MS in Engineering Mechanics.

Explore more blog articles

Business Intelligence Retail Video Analytics

Retail Video Analytics – 6 Insights to Transform Operations

In this blog post, learn about the key challenges addressed by retail video analytics and the insights it offers to improve sales, deliver better customer service and reduce operational costs.

Read Blog Post

Managed Network & Voice

7 Reasons to Hire a Managed Network Services Provider

Managed network services providers offer enterprises significant advantages. Find out why in-house network management is just not enough to succeed.

Read Blog Post

Business Intelligence Video Analytics

People Counting System – The Complete Guide for Enterprises

Read the comprehensive guide on how to implement a people counting solution that’s designed to meet business goals.

Read Blog Post

View All Blog Articles

Connect with Our Experts

Interface solution experts are ready to help you solve challenges. Set up a no-obligation, exploratory call now.

Get a Free Consultation