Overview

We’re your single point of contact and boots-on-the-ground support for your vital IT and telecom initiatives – at all your locations.

About Tailwind

We’re a nationwide service provider that delivers always-on connectivity – with end-to-end solutions spanning both sides of the demarc. 

Careers

Are you looking for an inclusive work environment driven by collaboration, respect, positivity, and accountability? Look no further.

Enterprise IT
lightbulb-05
Advisory Services

Leverage our decades of enterprise IT experience to get the best solutions at the best prices.

puzzle-piece-01
Stage & Configuration

We prep equipment in advance at our staging & configuration lab to minimize on-site disruption.

check-circle-broken
Asset Audits

Our experts will provide you with a clear picture of your IT environment in a formal deliverable.

tool-02
Engineering

Our network experts can handle even the most comprehensive multi-location projects.

file-check-02
Project Management

Our project managers work directly with your team to coordinate and manage every phase of your project.

dataflow-03
Structured Cabling

We’ll manage all aspects of your network or telecommunications cabling installation project.

Network Management
Icon (1)
NOCaaS

We’ll solve your network problems quickly –  or help you avoid them completely.

Connectivity
marker-pin-04
Broadband Aggregation

We create customized, bundled broadband services for your entire enterprise.

phone-call-01
Carrier Services

We’ll help you get the most out of your connectivity and networking technology providers.

check-done-01
Telecom Audits

We’ll provide a professional deliverable that turns chaos into an organized plan and inventory.

git-pull-request
Demarc Extensions

Get demarc extensions with no delay, whether you’re executing a new build or upgrading your circuits.

Guides and Ebooks

IT and telecom are always evolving. Check out the latest technology developments in our resource library.

Case Studies

Read what our happy customers have to say about partnering with TailWind in these case studies.

Latest Blog Posts
A Guide to Network Optimization for Multi-Location Enterprises
All Blog Posts
Become A Customer

When you’re ready for one powerful provider that can handle all your telecom and IT services, let’s connect.

Become A Partner

Partner with TailWind and gain access to a more comprehensive portfolio, so you can sell more – and win more.

Become A Vendor

Join an ecosystem of vendor partners that provides superior telecom and IT services across the USA and Canada.

Things to Know Before Setting up VPNs in Multi-Site WAN

By:
3 min read

A business expanding to multiple sites requires a way to connect all locations to the network. Employees must be able to access the same systems and data that are available at headquarters without exposing the network to outside threats. You can equip your employees with uninterrupted, secure connectivity by implementing virtual private networks (VPNs) in a multi-site wide area network (WAN).

Configuring Your VPN Connection in Multi-Site WAN

A VPN creates a secure tunnel between two locations using the internet. The data is then secured from any threats in transmission within a virtualized network. There are two main choices when deciding how to configure VPNs in multi-site WAN:

Hub-and-Spoke

In a hub-and-spoke topology, the infrastructure calls to mind a wagon wheel, with a centralized main office and a spoke coming out to each of the branch locations. A secure and separate tunnel extends out to each site. Any site-to-site traffic must travel through the central hub before passing out to the destination.

This is a relatively simple virtualized network topology that allows employees at branch locations to access network resources at headquarters. It does not work as well for business settings where there are many transmissions between branch locations because everything must pass through the hub. It is also not ideal for a company that utilizes numerous cloud solutions because all data volume is backhauling to the hub before going out to the cloud solution, which can cause congestion in the network.

Mesh

VPN mesh topology enables each VPN router to communicate directly with other VPN routers. Several secured tunnels extend to all of the other sites, and data can travel between those sites without moving first through the main office.

This virtualized network topology requires more work at setup because you’ll need to configure each router to communicate with the other routers. In a setting where branch locations extensively communicate with one another, this topology prevents a bottleneck at the main office. It sets up direct site-to-site relationships between all branch locations. It also ensures that all other branch locations can continue functioning even if one of the locations is down.

There is a limitation to this approach of using VPNs in multi-site WAN. If the amount of branch locations exceeds a certain number, it becomes prohibitive to use this model based merely on the number of tunnels that a device can support at any given location. Learn how to overcome this and other multi-location enterprise IT challenges with the right technology solutions and support in our free ebook.

Download Ebook

Other Considerations for VPNs in Multi-Site WAN

Before implementing your VPN configuration, consider the following aspects of how your network infrastructure will best function:

WAN

Your WAN setup is how your VPN connects to the network outside of your physical office. You need to first consider the type of internet protocol (IP) addresses you received for the location:

If you have a static IP address in at least one location, a VPN connection is simple to establish. This is a public internet address that can be routed and is not subject to change. You can think of this as a stable dock that would allow you to build a bridge either to another dock or to a boat that is not anchored.

A situation in which neither site has a static IP address but, instead, dynamic IP addresses is like attempting to craft a bridge that joins two unanchored boats. It’s a bit trickier because you’ll need to create an anchor by setting up a Fully Qualified Domain Name (FQDN) and registering at least one of the sites with a Dynamic Domain Name Server (DNS) service. This will ensure that your router can be reached, even if your IP address changes.

LAN

Your local area network (LAN) setup involves the network that your router connects to inside your physical office. You should not need to make changes to your LAN unless the two sites you’re connecting have the same IP address, and you need to ensure that the two ends are not on the same subnet.

Setting Up VPNs in Multi-Site WAN: Final Thoughts

When choosing how you’ll implement VPNs in multi-site WAN, it’s important to consider how your branch locations communicate and how frequently they collaborate site-to-site. You can set up a VPN connection only to find that your hub is congested, which then impacts the performance of your applications and reduces productivity.

You will also want to consider whether your enterprise plans to invest in cloud solutions and digital transformation initiatives, which can significantly increase traffic volume and may also create congestion in a hub-and-spoke topology. A mesh topology makes cloud data transmissions more efficient.
If your enterprise is considering installing VPNs in multi-site WAN, contact TailWind today. We offer solutions for high-speed broadband connectivity and can handle the IT project management on your network infrastructure project, allowing you to focus on the core functions of your business.

Recent Blog Posts