“IDN allows us to instantly move traffic flows from one physical server to another, so we can deal with software upgrades and ensure high availability without relying on DNS or slow and often unreliable routing convergence across our global MPLS network.”
Chief Infrastructure Architect, Global Transportation Company
The main challenge our customers encounter when deploying effective disaster recovery is that system and device failover across networks is dependent upon either routing convergence or DNS. Both can be reliable but complex designs, maintenance, and slow routing convergence often prevents them from offering DR for many systems. Due to the complexity, failover is typically configured at a network (macro) level and not at the device, server, or application (micro) level. In addition, testing and verifying that system failover works is equally as complex and time-consuming, and rarely done.
People and Process Challenges
Identity Defined Networking (IDN) for disaster recovery sets a new standard for network resiliency and mobility; making it easy to redirect discreet traffic flows or failover traffic. With IDN, our customers get peace of mind that their system failover solution will support their business continuity requirements without the complexity of managing IP namespace collisions or DNS namespace errors. Unlike traditional IT solutions, failover is now instant and verifiable, and can easily be applied to a single device, service, an entire data center or discreet instances in the public cloud without having to expose those instances to the Internet. Even better, the cost is a fraction of those traditional IT alternatives.
Our global airline customer was taking delivery of a new aircraft model that would be part of a major upgrade to their fleet. During the planning phase, the IT team responsible for onboarding discovered the new model only allowed one destination IP for uploading and downloading the flight manifest while at the gate. This broke their DNS-based availability model. Using routing convergence across their global MPLS would be too slow - planes could be grounded for hours while waiting for convergence. In less than half a day, the team was able to prove that failover within the IDN fabric could be accomplished without having to modify their existing infrastructure - they could stage servers with the same IP but placed in different segmented overlay networks. If the primary manifest server failed, the IDN fabric could detect and failover to the secondary overlay network without disruption. Using the HIPrelay, they realized failover points could easily be placed in any network in the most secure fashion possible yet still only be accessible by authorized systems and nothing else - protecting flights, crews, and passengers.
*Traditional IT solutions are the use of firewall rules, NAC, VPNs, switch and router ACLs, digital certificates, cellular modems, VLANs, etc.
*FTE - hours worked by one employee on a full-time basis.
Tempered Networks’ scalable orchestration engine was designed to be extremely easy to use with no advanced technical training and requires little to no change to existing infrastructure. Unlike the many complex, fragile, and disruptive steps associated with traditional IT solutions, our customers eliminate complexity, cost, and attack vectors through point-and-click policy orchestration.
First, our overlay network transparently creates cryptographic machine identities for every device to eliminate spoofing.
Second, every protected devices' network connections are automatically authenticated and authorized between trusted devices before data transport and exchange. Our unique network-level authentication creates verifiable trust segments that can't be discovered or exploited.
Third, all connections are transparently encrypted and encapsulated enabling non-disruptive and secure traversal across any type of network - public or private. Every device can now be quickly connected and protected across any LAN or WAN, segmented across any network and made invisible to hackers.
Click to expand
With one-click, any device or groups of resources can be easily orchestrated for sub-second failover.
Click to expand
Challenges with Traditional IT Solutions
Solution with Tempered Networks