Why Network Monitoring Doesn’t Stop with SD-WAN

Network teams often look to SD-WAN as a silver bullet for all of their management and monitoring needs, hoping these tools can help curtail the major pitfalls that are notorious for derailing enterprise cloud migration. But not every team’s path to the cloud is the same, especially as companies become increasingly distributed and rely on their network to keep remote teams connected. And while SD-WAN can help streamline management, most platforms leave out a lot of detail where monitoring is concerned.

Sure, SD-WAN can help teams intelligently route and deliver apps across the WAN, which goes a long way in eliminating potential performance issues before they impact app performance. But in truth, most solutions only deliver a limited scope of the entire network, with no active insight into end-user experience.

The first limitation is right there in the name: SD-WAN. While these platforms can simplify routing and monitoring across the larger enterprise WAN between remote offices, there’s no real local perspective into what’s going on with end users.

Your SD-WAN product may be able to give you a heads up when users experience poor performance if, and only if, they are looking at basickey metrics like latency, jitter, and sometimes loss, too. What’s missing is visibility into app performance before users connect and experience a slow app. If an app slows down before users arrive in the office IT will have to wait until the first complaint rolls in to take action. To gain this visibility, the team would need additional solutions–if not a “man on the ground” continuously monitoring user experience at that specific location.

But the limitations don’t end at the local firewall.

SD-WANs strive to intelligently tunnel app traffic over what the platform deems the fastest route across both the public Internet and an organization’s private infrastructure. In doing so, teams receive a binary response about whether a specific tunnel is available or not, with little context into the conditions along the way.

In reality, traffic may be hopping across numerous autonomous systems (ASs) and routers on their path between two endpoints on the WAN. While the SD-WAN controller can confirm that a certain tunnel/path is open, there’s no hop-by-hop context into the end-to-end state of the path. For some SD-WAN vendors this includes multiple secure tunnels stitched together—tunneling traffic through a centralized location before tunneling to the destination. Teams don’t have context into why a tunnel that may still be delivering traffic might be experiencing latency at a given point in time, for instance, limiting the ability of IT to not only pinpoint and resolve an issue, but also to establish “innocence” when issues that users perceive as network problems aren’t actually the fault of IT.

In a nutshell, these tools don’t often collect data about Internet routing tables, hop-by-hop metrics, communication between ASs, or any of the additional network infrastructure outside of the SD-WAN controller’s purview. When this detail is missing, IT can’t pinpoint which network organization within the Internet may be at the root of an issue, let alone culprit routers or detailed error metrics.

Bridging SD-WAN gaps with performance monitoring

It’s essential that teams seek out a performance monitoring solution that can account for all of the blind spots that remain when SD-WAN is deployed. While SD-WAN tools make management more tenable in the Cloud Era, they aren’t the one-stop-shop for performance assurance that many teams wish they were.

At the very least, IT needs a tool that can measure performance independently  across each network pathway in order to unpack that binary “good/bad” response they receive from their SD-WAN regarding delivery speed. But solutions also need to go beyond seeing just between the edge routers at each branch firewall and into the actual end-user perspective, looking both at the WAN and the LAN.

Without that additional validation or a secondary layer of insight, an SD-WAN solution may report that network connectivity is “good” when local impacts on performance are hitting the end user. A SaaS app may have no problem regarding delivery across the WAN, but issues with the app itself that are impacting users locally will happen in isolation from IT without additional local context. Correlating data across users, locations, or apps is essential for comprehensive insight into network performance.

Lumped into all of this is assuring that networks actually perform better at the end of the day than they did before teams adopted SD-WAN. This goes beyond just setting performance baselines throughout the process of redesigning the network, but employing monitoring solutions that can deliver visibility without exhausting network capacity on an ongoing basis. IT teams routinely have to defend new technologies because the most recent network changes are always blamed for the next big issue.

With lightweight performance monitoring solutions in place, teams gain even more visibility into their network without overcomplicating their management stack. It’s not a matter of SD-WAN versus monitoring, so much as a combination of solutions.

 

Author's Bio

Matt  Stevens

Matt Stevens

CEO of AppNeta

Matt Stevens is co-founder, CEO, President, and Chairman of AppNeta, the leader in performance monitoring solutions built for the complex, distributed enterprise. Prior to founding AppNeta, Matt was CTO of the Information and Event Management (SIEM) business unit of RSA, The Security Division of EMC. He joined EMC after the acquisition of Network Intelligence Corp., where he was co-founder, President and CTO. While at RSA, Matt was also a member of EMC’s Office of the CTO, where his team had responsibility for EMC’s overall strategic direction for information security. Prior to Network Intelligence and RSA, Matt held senior technology, sales, and marketing positions with NetApp, Solbourne Computer and Harris Corporation.