Many enterprises operating legacy or hybrid network architectures have experienced unexpected performance issues after migrating to Microsoft 365, including latency and jitter, as well as significant increases in bandwidth usage, resulting in troublesome deployment and poor user experience.
The underlying cause of the problem is the need to meet Microsoft’s network architecture and bandwidth requirements for Microsoft 365. The increase in MPLS costs and unexpected additional hardware appliance costs are also present.
So, what causes network latency issues encountered with Microsoft 365 migration?
In its report on Microsoft 365, Gartner noted that “Existing internet connectivity to Microsoft 365 will not be ‘good enough’ for most Microsoft 365 usage scenarios.”
User experience is the number one measure of a successful migration to Microsoft 365, which requires LAN-like performance for all users, from the head office to branches and remote/mobile workers.
Research has shown that, of the estimated 78% of organisations migrating to Microsoft 365, more than 60% encounter weekly network issues, caused by an underestimation of traffic and bandwidth requirements.
Furthermore, the associated infrastructure costs are frequently misunderstood, requiring increased bandwidth usage and/or firewall capacity.
With Office 365, firewalls experience between 12 and 20 persistent connections per user. Microsoft recommends no more than 2,000 users behind each public IP address. But importantly, they also recommend bypassing Office traffic through your proxies.
This is why Microsoft developed ExpressRoute, a private high-speed circuit with low latency. However, as we dive deeper, we can see that this is not the answer and why Microsoft recommends a direct internet connection to Microsoft 365.
Typically, ExpressRoute will terminate in the primary Data Centre, delivering a first-class user experience for HQ, but what about Branch offices and remote workers?
Branch users must backhaul traffic over MPLS, which will introduce latency and congestion (or increase MPLS costs), while remote workers must connect via VPN.
As a result, Microsoft offers the following guidance for connection routing to minimise latency:
You could install more appliances at the branch level rather than taking an indirect (and costly) route back to HQ. With users now directly accessing Microsoft 365 via local internet breakouts, the user experience will be quite good, assuming that bandwidth requirements are managed and not impacted by YouTube.
However, traffic will only continue to increase over time, as Microsoft 365 will not be the only cloud-based traffic. This will work against the original reason why you moved your apps to the cloud in the first place!
With Microsoft 365 migration, you should assume bandwidth consumption will increase by 40%. You should also consider that existing firewalls/proxies will experience some level of port exhaustion and that users will quickly wipe out your bandwidth estimates.
Microsoft offers the following guidance when it comes to bandwidth planning for Microsoft 365:
Proxies often do not scale well and were not designed with SaaS services in mind, resulting in poor performance with applications like Microsoft 365.
If a proxy must be used, then ensure:
As you might have guessed (or hoped), there is a remarkably simple solution that addresses the need to directly (and securely) connect to Microsoft 365 with low latency and manage bandwidth for all users, regardless of location.
With direct peering with Microsoft’s Azure network, Zscaler’s cloud security platform provides a low-latency connection to Microsoft 365 (or any internet location), regardless of location, to deliver a great user experience. There is simply nothing better than going directly. With granular bandwidth control (for cloud applications and general internet traffic), you can guarantee Microsoft 365 bandwidth to all users.
As a Gartner magic quadrant leader for the 7th consecutive year, Zscaler moves your security stack to the cloud, providing fast, secure connections between users and applications, regardless of device, location, or network.
This incredibly simple solution provides low-latency Microsoft 365 connectivity for all users, avoiding increasing bandwidth costs, and offers granular bandwidth visibility and control, enabling enterprises further to unlock the promises of cloud and hybrid network infrastructures.
Which is why Zscaler is the default choice for enterprises of all sizes looking to migrate to Microsoft 365 (or other large-scale apps, for that matter).
This is not to say that ExpressRoute will not be used at times, as it could be for larger HQ sites. However, for branch and remote users who require a first-class user experience, the justification of backhauling traffic will be a hard sell.
With Zscaler, Microsoft 365 enablement is simple, provided Microsoft’s guidelines have been followed. Enable Microsoft 365 with one click in Zscaler, then perform routing optimisation and bandwidth management. That’s it, at least as far as the network is concerned!