Just started a new role and they have a task of rolling out Talari SD-Wan at all locations. Long story short, none of the people involved with the purchase for IT are here any longer and I'm having some trouble figuring out exactly what they were trying to accomplish with the purchase. I'm not exactly sure what problem they were trying to fix.
We are in the process of rolling out updated circuits with DIA primary and cable secondary. Only a few sites are on MPLS and these will be eliminated shortly. Internet traffic is being routed out from the sites specifically instead of back through a datacenter. We do have services that communicate with one another across IPSEC tunnels but it isn't much.
Phone traffic is also through a cloud VoIP provider and also goes out from the facility.
What I'm trying to figure out is how the Talari devices will benefit us. From what I understand I can't send out a single Talari and begin having it load balance the WAN connections at each site individually. They need to connect to a head unit at a location. That head unit controls all other units. All the magic happens within the tunnel between Talari units.
Also with this I'm adding another hop in my network. I need to put these devices behind our firewalls and route traffic that way. So the current setup I have is like this:
ISP A -> FW1 -> Talari1
ISP B -> FW2 -> Talari1
If we were sending all traffic over the tunnel and back to our datacenter I could understand it more. If we had a mix of MPLS circuits still running I could see it more. Since we only have a handful of servers and services (about 10) at our datacenter and we don't pass much traffic back I'm not seeing what gain I get from it.
There are no hooks into web services we use. We don't have anything in AWS and to connect with Azure we'd have to pay monthly for a server as well as purchase the Talari licensing.
I've been tasked with finding the benefit and how the solution is going to improve things for us. I'm struggling to find how we can measure that and what we gain. I still need to manage firewalls and add QoS tagging for our cloud traffic. I can also manage failover and load balancing links with our firewalls.
Am I missing something?
No comments:
Post a Comment