Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Use Case Overview

The proliferation of 4G LTE cellular networks, the decreased form factor and the cost of LTE-capable devices are a springboard for rapid deployment of new branch offices. LTE networks enable broadband access to the Internet and let you avoid the cost of building redundant physical infrastructure at remote office sites. You can leverage the connectivity as backup for locations that are already equipped with primary wired connections through 4G cellular networks.

Many organizations have also made the jump to software-defined WANs (SD-WANs). They adopted the technology for business agility and responsiveness to keep up with IT innovations.

You can combine the following capabilities on the SRX300 line of devices to build cost-efficient and self-driving network solutions for remote offices:

  • Firewall

  • Router with redundant access to the Internet

  • Advanced SD-WAN capabilities

Figure 1 shows a typical setup of a branch office.

Figure 1: Branch Office with Redundant Internet ConnectivityBranch Office with Redundant Internet Connectivity

A typical branch office has two independent connections to the Internet. One connection is wired and the other one is wireless, with either 2G, 3G, or 4G LTE. The connections terminate on an SRX Series device in the role of a next-generation firewall (NGFW) security appliance. This provides many wireline or wireless services to employees on-site, including:

  • SD-driven access to the Internet

  • Next-generation firewall:

    • Antivirus applications

    • Enhanced web filtering

    • Intrusion prevention system

    • Advanced application visibility and control

The throughput capacity of the two Internet links is often not equal, the primary link provides more throughput, compared to the standby link. The standby link usage in only when the primary link is unavailable. Because of the different capacities, you need to prioritize business critical applications over other traffic when the primary link fails. Noncritical applications can use the spare throughput capacity; therefore you can rate limit the standby link to lessen their impact on prioritized traffic.

Configuration of the MPLS link, WAN technologies, similar to Asymmetric digital subscriber line (ADSL), very-high-bit-rate digital subscriber line (VDSL), and T1/E1 are beyond the scope of this document.