Home  ›  Connectivity Beyond the Campus

Cellular as Infrastructure for Site Resiliency

As the environment matured, cellular connectivity was extended again, this time to support site resiliency rather than user access.

School locations were equipped with cellular paths designed specifically for failover. These deployments provided no wireless access and were not intended for general internet use. Their sole purpose was to maintain continuity when primary circuits were unavailable.

Under normal conditions, sites operated entirely on primary connectivity. When outages occurred, routing behavior shifted automatically, allowing priority services such as voice and critical applications to continue operating across secure cellular tunnels back to core firewalls. When primary connectivity returned, traffic reverted without manual intervention.

Figure 1 — Normal operation: primary WAN carries site traffic. LTE remains a standby transport (higher administrative distance) with an always-on IPSec tunnel back to centralized PAN-OS enforcement.
Open full-size diagram (PDF)

Figure 2 — Failover operation (WAN outage): LTE transport carries IPSec tunnels to centralized PAN-OS enforcement, but routing is intentionally restricted to essential services only (e.g., VoIP, PowerSchool, dismissal systems) to prevent cellular overload.
Open full-size diagram (PDF)

From an operational standpoint, this reduced the noise typically associated with site outages. From a user standpoint, many failures went unnoticed. Cellular connectivity had transitioned from an emergency workaround into infrastructure.

By this stage, scale made automation and centralized management mandatory rather than optional. The same architectural discipline that made earlier deployments successful ensured that resiliency could be added without complexity.

Previous: Extending Secure Access into Public Locations