Deployment Scenarios

The following are examples of SaaS Express deployment scenarios:

Single Branch Gateway with multiple ISP Circuits

The most straightforward scenario is that of a Branch Gateway with multiple ISP Internet Service Provider. An ISP is an organization that provides services for accessing and using the Internet. circuits. In this scenario, based on the measured performance and SLA threshold profile configured for the SaaS application, the Branch Gateways determine the optimal path and route for the designated SaaS application using the best available ISP circuit.

The following diagram illustrates SaaS traffic steering from a branch site with multiple ISP circuits.

Figure 1  Branch Gateway with multiple ISP

Between Dual Branch Gateways with Branch HA (uplink sharing)

The SaaS Express feature on Branch Gateway supports uplink sharing between Branch Gateways. To enable uplink sharing, Branch HA has to be enabled, and different WAN Wide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance. VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. should be used to identify the uplinks. The result of that will be that Branch Gateways will build a virtual link between them to share any uplinks that are only physically present in one of the gateways.

The following diagrams illustrate how to set the WAN configuration as well as how the SaaS traffic would be routed in such a scenario.

Figure 2  Branch Gateways With Uplink Sharing

Dual Branch Gateways Without Uplink Sharing

There may be certain scenarios where one or all the uplinks are connected to both Branch Gateways. In those cases, enabling Branch HA would still make sense (for DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  state sync or other purposes), but uplink sharing may not. To prevent gateways from sharing their uplink, set the same VLAN id on both gateways when connecting to a common uplink:

The following diagram illustrates how to set the WAN configuration as well as how the SaaS traffic is routed in such a scenario.

Figure 3  Branch Gateways Without Uplink Sharing