Enterprise Wide Internet Solutions

Once upon a time, the Internet was considered a luxury, but those days are now long gone.   Without these services, internal users cannot access vital information significantly limiting their productivity.  Cloud based services become unavailable.  Customers can turn to alternate sources, maybe never to return.  The fact is that minutes without these services can have a negative, long term impact to your P&L statement.  If this was not bad enough, your access to the Internet must also be secure from the new breed of infiltrators continuously searching for the smallest hole to gain access to the infinitely valuable information that is your job to keep private.

This can be problematic enough when just considering a single location, but, as the number of locations grow, the complexity increases exponentially.  How do you provide reliable, but secure Internet access to all your users no matter their location while not breaking the bank?  And, how do you balance the capital costs of security hardware vs. the monthly operating expenses of carrier services?

With all of these considerations in mind, three general options rise to the top.  The ideal solution for any given organization is an equilibrium of OPEX/CAPEX, reliability and flexibility.

Option #1:  Distributed Access

This option implements Internet access at each of your locations including both bandwidth and security.  Dependent on the number and requirements of the users at a site, local Internet is sized and deployed.  A general illustration of this diversified topology is included below.


Although users may be accessing critical information over a wide area network, Internet access is provided locally.  It is important to note that security must also be deployed diversely as every Internet connection has open access.

Positive Attributes Other Considerations
·     Each location has local access to the Internet without any dependence on the data network. ·     Firewalls and security must be deployed at each site increasing capital costs.
·     The data network does not need to be provisioned to support Internet access for each site. ·     Staff must maintain support agreements for the equipment at each site.
·     Remote sites can take advantage of local providers to generate the greatest overall value. ·     Depending on the location, ample Internet may not be available at a reasonable cost.
·     The local Internet connections can also be utilized as backup to the primary data network. ·     This solution can increase the amount of staff required to manage the equipment and security.

Option #2:  Centralized Access

This second utilizes a single Internet connection at a central location that is shared by all the locations.  Remote locations traverses the data network to gain access to this central site and then routed to the Internet.


Positive Attributes Other Considerations
·     Limited number of firewalls and Internet connections to manage. ·     Internet access from remote sites must first traverse the data network using more bandwidth.
·     Improved security services vs. having to have different policies across the multiple sites. ·     Central site Internet connection needs to be sized correctly to support the enterprise.
·     Centralized Internet bandwidth is generally less per month vs. multiple connections. ·     Without redundancy, the central site Internet is a single point of failure for all the sites.

Option #3:  Cloud Based Internet

The third option is one that many organizations with multiple sites are considering.  It deploys a network based Internet connection combined with carrier supported security.  Instead of having Internet at any given site, the cloud based service can be accessed by any location through the data network.


Positive Attributes Other Considerations
·     Carriers provide inherent redundancy within their network based solution. ·     A local access outage impacts both access to the data network and Internet services.
·     Converts firewall equipment and support from a CAPEX to an OPEX monthly cost.  It also eliminates much of the internal support cost offloading it to a third party. ·     Depending on the cloud based Internet provider and the services offered, there can be some limitations for more complex routing and service integration.
·     Other security options such as SPAM filtering happen outside the firewall reserving bandwidth for Internet. ·     Switching Internet providers can be more challenging.


The ultimate decision is determined by the unique requirements of any given organization.  Of course, monthly/onetime costs, flexibility, available support resources and reliability all play a role.  And, the current capabilities of the current data network combined with available capacity must be thoroughly examined.  Selecting the ideal Internet access topology can launch an organization into the future.  The wrong decision can lead to service outages, complicated configurations and higher costs.  If you are reviewing your Internet services and are looking for some help, maybe it is time to reach out to Orion Communications.  We can help review your current environment and assist you to make the best short and long term decision.