Yes, you can optimize DNS routing for global SaaS use

Routing DNS for SaaS can lead to latency, non-local results, and messy internet breakouts. With BlueCat, optimize SaaS delivery and gain full DNS control.

From Salesforce to Microsoft Office 365 to Zendesk, reliance on SaaS has become ubiquitous. By eliminating hardware and software, SaaS is inexpensive, fast to deploy, easily scalable, and makes compatibility problems disappear.

But it presents its own challenge: How to effectively connect users to those services without having to route all of their DNS and application traffic back to a centralized location.

The inability to deliver SaaS-based services in an optimal way degrades end-user experience and impacts the bottom line. To attempt to optimize performance, local internet breakout is frequently used as a workaround. Only, it’s hard to do well and often causes more complications for network teams.

This post will explore the impacts to users of sub-optimal SaaS delivery paths. Further, it will look at how internet breakout has been used as a less-than-ideal workaround. Lastly, it will examine how BlueCat’s tools can optimize the SaaS user experience and give admins full visibility and control over all routing activity in the process.

This post is part of a blog series exploring some of the challenges network teams experience in the face of enterprise cloud adoption—and how BlueCat can help solve them.

The impacts of sub-optimal SaaS delivery paths

Traditional wide-area network (WAN) technologies are not cloud friendly. They tend to use a hub-and-spoke model for routing traffic to the cloud. Queries are sent from branch offices through the network core. That extra transporting—called backhauling—degrades network performance and results in poor user experience. Plus, it usually involves costly leased MPLS (Multi-Protocol Label Switching) lines.

Key problems caused by sub-par SaaS routing

The inability to consume SaaS-based services across the most optimized path can result in numerous challenges.

  • Latency: Inefficient backhauling of packets from all around the world to a central data center and back again makes the internet slow for end users.
  • Other performance problems: Sub-par DNS routing can also lead to further balance and performance problems for other applications hosted on-premises or in the cloud, not just SaaS. (A related problem when managing DNS in hybrid cloud environments is too many conditional forwarding rules, creating a DNS traffic jam.)
  • Degraded usability: When routing DNS traffic to centralized data centers, it points all end-users to resources that are local to that data center. Not to where they are actually located. As a result, a user in, say, Germany trying to access a SaaS-based solution may end up accessing it from servers across the globe in Canada. And in the wrong language to boot.
  • Shadow IT: Frustrated by latency and performance issues, users can resort to their own IT solutions. Shadow IT and unknown or unnecessary IT expenses apart from network teams’ purview can crop up and become the norm.
  • Lost revenue: Customers, not just enterprise users, can feel the effects of suboptimal routing. A 2017 Akamai study found that a 100-millisecond delay in website load time hurt conversion rates by 7%.

Local internet breakout as a SaaS workaround: not so simple

Some organizations access SaaS services using local internet links. This can ensure higher performance, a localized end-user experience, and reduced operating costs.

Sometimes referred to as internet breakout, it’s an access point to the internet located as geographically close as possible to the user. Local breakouts avoid sending SaaS traffic to branches, remote offices, or a data center. Instead, a user’s connection is routed directly to the internet via a local internet service provider (ISP).

It sounds like a simple workaround. But intelligent routing of DNS traffic to services that may exist in the data center, a company-controlled hybrid cloud, or out on the public internet is actually a massive challenge for network administrators.

BlueCat optimizes SaaS performance and user experience

Overcoming DNS routing challenges doesn’t just apply to internal and private cloud environments. An enterprise’s users around the globe need to be able to consume appropriately localized and authorized SaaS-based services as well.

BlueCat’s Intelligent Forwarding allows network teams to keep internet breakout and leverage local ISP links from in-country DNS providers to ensure the best user experience.

Furthermore, it does so while giving network teams the ability to consistently and centrally manage core network services, like DNS, DHCP, and IP address management (together known as DDI), across the enterprise. Admins have visibility and control regardless of whether DNS resides on-premises or in the cloud.  Some enterprises might opt for cloud DNS services, but those don’t allow for centralized control and management of enterprise-wide DNS.

Learn more about Intelligent Forwarding in this video:

Centralized DNS management makes SaaS a breeze for network admins. With single-pane-of-glass visibility into DNS, they can allow direct consumption of some SaaS services while others might be restricted to specifically authorized locations or networks.

Furthermore, whatever the requirement, it captures the usage of these services. This gives network admins the visibility they need to ensure appropriate and secure utilization of services.

When users access SaaS-based services using optimal DNS and network routes regardless of their location, the result is better for everyone. In the end, users get the most optimized route and experience for all cloud services. It does not matter whether they are SaaS or other types of private or public cloud applications. And the enterprise gets speed, performance, control, and more revenue earned.

Upcoming blog posts will explore the biggest hybrid cloud challenges for DDI. And they will highlight the solutions that BlueCat offers to alleviate them. In the meantime, read the Using BlueCat Adaptive DNS in the Cloud whitepaper.

Why do 72% of enterprises struggle to realize the full value of the cloud? This report by EMA breaks it down.

An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more