Use Case Overview
The proliferation of 4G LTE cellular networks, the decreased form factor and the cost of LTE-capable devices are a springboard for rapid deployment of new branch offices. LTE networks enable broadband access to the Internet and let you avoid the cost of building redundant physical infrastructure at remote office sites. You can leverage the connectivity as backup for locations that are already equipped with primary wired connections through 4G cellular networks.
Many organizations have also made the jump to software-defined WANs (SD-WANs). They adopted the technology for business agility and responsiveness to keep up with IT innovations.
You can combine the following capabilities on the SRX300 line of devices to build cost-efficient and self-driving network solutions for remote offices:
Router with redundant access to the Internet
Advanced SD-WAN capabilities
Figure 1 shows a typical setup of a branch office.
A typical branch office has two independent connections to the Internet. One connection is wired and the other one is wireless, with either 2G, 3G, or 4G LTE. The connections terminate on an SRX Series device in the role of a next-generation firewall (NGFW) security appliance. This provides many wireline or wireless services to employees on-site, including:
SD-driven access to the Internet
Enhanced web filtering
Intrusion prevention system
Advanced application visibility and control
The throughput capacity of the two Internet links is often not equal, the primary link provides more throughput, compared to the standby link. The standby link is used only when the primary link is unavailable. Because of the different capacities, you need to prioritize business critical applications over other traffic when the primary link fails. Because noncritical applications use the spare throughput capacity, you can rate limit the standby link to lessen their impact on prioritized traffic.
Configuration of the MPLS link, WAN technologies, similar to Asymmetric digital subscriber line (ADSL), very-high-bit-rate digital subscriber line (VDSL), and T1/E1 are beyond the scope of this document.