Digital transformation is accelerating within the enterprise, as businesses seek to improve agility, avoid disruption, and gain competitive advantage. As part of this transformation, enterprises are increasingly leveraging cloud-based applications and services and embracing mobility and a distributed workforce. Bandwidth consumption is dramatically expanding to accommodate SaaS, and the prospect of rising transport costs and suboptimal employee digital experience is creating greater pressure on enterprises to move away from their legacy WAN in favor of one optimized for the cloud.
Many enterprises are beginning to supplement or replace MPLS with Internet/broadband connectivity and forgo backhauling traffic to a central or regional hub in favor of connecting to SaaS apps directly from branch offices. Meanwhile, enterprises are rearchitecting and moving their workloads to the cloud, creating more agile — but, increasingly, more distributed — applications. The net impact is that enterprise endpoints and critical services are now spread across multiple clouds and multiple service domains. The enterprise workspace is effectively everywhere.
SD-WAN technology is key to enabling enterprises to efficiently operationalize this new complex ecosystem of providers and endpoints connected via multiple transport mechanisms and potentially hundreds of overlays, but it doesn’t shield enterprises from the risks of greater dependence on the Internet and applications outside their direct control.
Operating an enterprise WAN amidst this cloud ecosystem introduces a vast new set of performance, security and continuity risks that most organizations are unprepared to face. In moving to a software-defined, cloud-centric WAN, enterprises will be exposed to:
Enterprise IT has a well-defined monitoring stack that, historically, has enabled it to manage network and internal application performance. Network performance management (NPM) tools such as packet capture and flow analyzers enabled network teams to identify and remediate issues for LAN, core network and site-to-site connectivity. Application performance management (APM) tools using code injection could be used to monitor performance for applications owned by the enterprise.
Unfortunately, these same tools are not usable by IT outside the “four walls” of its data centers and branch offices. If an issue occurs outside of enterprise premises, traditional tools are not able to identify the root cause or responsible party. As cloud and SaaS usage grows, alongside Internet dependence, the relevance of traditional monitoring tools narrows significantly.
Cloud-specific monitoring and SaaS app logs have their place in the new enterprise ecosystem, but even they don’t provide visibility into all of the services that lie between enterprise sites and SaaS/IaaS — all of the ISPs, cloud security gateways, CDNs, and DNS services. Each of these sets of infrastructure is now critical to enterprise digital experience — but they occupy a vast IT blindspot.
Just as IT has traded in agility for a loss of control, they must now trade in their legacy operational model of “find and fix” to something more akin to a governance model. When you own the infrastructure, you have the tools available to you to find the problem — and you have the management authority to fix the problem. But in the cloud, this paradigm no longer applies. To successfully operate in the cloud, IT needs to develop a model of “evidence and escalate.” As in, gather evidence of the issue (and the responsible provider) and use it to get a successful escalation. Otherwise, you’re only able to address a small scope of issues, and the vast majority will quickly erode your ability to deliver a good digital experience for the business.
Digital experience is the primary deliverable of IT, yet delivering a good user experience across a diverse, distributed set of apps and services over potentially hundreds of networks introduces complexity and unpredictable risks. Which is why cloud and Internet-centric WANs must also have cloud and Internet-centric visibility and processes.
In order to be successful in the cloud and overcome the limitations of an on-prem toolset and “find-and-fix” mindset, IT needs to respond in the following ways:
Enterprise digital experience is impacted by multiple, external management domains, yet, ultimately, IT still owns the digital experience outcomes. Particularly as enterprises migrate to SD-WAN and increase their dependence on SaaS, IaaS, and the Internet, they need to take proactive steps to reduce and manage their risk exposure. Developing a good understanding of the Internet, rethinking the IT management stack, and adopting a readiness lifecycle will ensure that they can deploy SD-WAN confidently — and truly flourish in the cloud.