| 15 min read

What is a local internet breakout?

How to better optimise your critical bandwidth and maintain performance of latency sensitive applications while still protecting sensitive traffic over a distributed network.

15 min read

Colt-Image-5

What are local breakouts?

A local breakout or internet breakout, is an access point located as close to the user as possible. In practical terms, it allows organisations to offload internet-bound traffic from local branches and remote offices. Instead of routing this traffic through a centralised data centre, it is sent directly to the internet via a local internet services provider (ISP).

Traditional network architectures have used a hub-and-spoke model, routing traffic to a centralised data centre, but when taking into account the way that we use our networks changing so drastically (additional layers of network security, larger reliance of cloud-based applications, latency-sensitive tools such as video calling, and a more complex cybersecurity landscape), this model of running all traffic through a single point is becoming increasingly unsuitable.

Pushing unnessesary traffic through bandwidth-strenuous routes, jumping through security hoops, simply wastes too much precious bandwidth. Latency increases, costs go up, and user experience degrades.

As organisations move to mitigate this, many look towards SD-WAN with it's dynamic routing capabilities, and local breakout solutions.

How does a local breakout work?

An internet breakout is a network configuration in which each site's internet line connects directly to the public internet, without needing to go through data centres and firewalls, avoiding an over concentration of requests to a single point of congestion. Instead, networks can be configured to identify the intended destination, and route accordingly, distributing traffic directly to the internet if it is a recognised source, such as a whitelisted cloud application or by detouring to a closed network if unknown.

For example, latency sensitive applications (e.g. video calling via Microsoft Teams) can be prioritised over standard web traffic, keeping your calls running smoothly, and not impacting productivity.

Advantages of local breakouts

Organisations looking to reduce bandwidth wastage and network congestion look to local breakouts to reduce over-centralisation of their networks. Some advantages of local breakouts include:

More efficient traffic routes

By leveraging local breakouts, organisations can reduce the burden on their main network. Internet-bound traffic doesn't need to traverse long distances, resulting in faster response times and delivering an improved user experience.

Cost savings

Backhauling all internet traffic to a central data centre can be expensive. Local breakouts enable cost-effective connections, especially for cloud applications and SaaS services that are designed to be accessed directly via the internet.

SD-WAN integration

Local breakouts work perfectly with an optimised SD-WAN, and are in fact a crucial aspect of their structure. SD-WAN policies intelligently route traffic, ensuring optimal paths of all types of traffic.

Security considerations of local breakouts

Local internet breakouts offer numerous advantages in performance and cost compared to traditional hub-and-spoke networks, but also introduce security challenges. Below are some security considerations to note:

Less centralised security, increased attack surface

Local breakouts bypass centralised security gateways, with each local breakout needing to be secured individually when using traditional security systems.

Duplicated security stacks

Security stacks (firewalls, threat prevention, intrusion prevention systems etc.) must be deployed at every branch location, which can be resource-intensive and hard to maintain consistently.

Compliance concerns

Meeting regulatory requirements can become complex due to de-centralised security enforcement.

Mitigate these concerns by moving security to the cloud

As organisations continue to adopt the local breakout approach, and fully-scaled SD-WANs, this presents a number of security challenges (as shown above). Instead of taking on these risks, security is moving to the cloud instead.

Reduce costs and security complexity

Moving security away from on-premises reduces operational costs and simplifies branch IT environments, removing the need for virtual machines and deployment hardware. Save twice - reduce your network demand and reduce the need to maintain complex in-house networks security.

A consistent, global approach

Cloud-based security reduces the need to implement your security solutions at multiple end points, reducing the number of points of failure, and ensuring consistent security, whether your users are at home, at the office, or on a public network.

Security as a service

Cloud-hosted seucrity stacks can become a managed service, with standardised SLAs, advanced functionality and leveraging economies of scale, freeing your business up to focus resource elsewhere.

NETWORK MANAGER'S GUIDE TO SASE

Stay secure beyond borders

With employees working remotely and critical systems moving to the cloud, traditional network perimeters have exploded and businesses need to stay secure beyond borders to enable success. Download the guide to discover a guide to SASE implementation, to help you find the right pathway for your business.

Achieve local breakouts with SD-WAN

Secure SD-WAN is fastly becoming organisations number one choice for delivering the benefits of local breakouts without the restrictions of on-premise security complexity. With an SD-WAN, you can configure your network in detail and in accordance with application priorities and network demand in real-time. Find out more about SD-WAN in our comprehensive guide.

Recommended solutions:

SD WAN

Colt SD-WAN

SD-WAN is a more intelligent, software defined way to build a WAN. See why 93% recommend our award-winning SD-WAN solution.

IP Access with Cloud prioritisation

IP Access with Cloud Prioritisation

Traffic Priority Control allows you to control traffic for Microsoft 365 applications and other low-priority traffic.

Secure Network Gateway

Secure Web Gateway

Cloud-based security solutions deliver secure access to users, regardless of their location or access type. Colt has partnered with Zscaler to deliver this as a simple add-on to our network services.

NETWORK MANAGER'S GUIDE TO SASE

Stay secure beyond borders

With employees working remotely and critical systems moving to the cloud, traditional network perimeters have exploded and businesses need to stay secure beyond borders to enable success. Download the guide to discover a guide to SASE implementation, to help you find the right pathway for your business.

Important links: