The days of running an internally managed, internally hosted network that connects data centers to branch offices are largely behind us.
SaaS and cloud bandwidth consumption are dramatically expanding, transport costs are rising, and app performance is increasingly complex and reliant on a growing number of APIs and microservices. As a result, enterprises are moving away from traditional WANs in favor of an SD-WAN, or software-defined wide area network. That way, they can maximize ongoing investments in cloud-based applications and services, reduce the time and complexity of troubleshooting user issues, and quickly accommodate changing business needs from the network.
When applications and users are more distributed, SaaS is the new app stack, the cloud is the new data center, and the Internet is the new enterprise WAN. Because SD-WAN relies on the Internet as its backbone, enterprises effectively run their entire businesses over the Internet. That, of course, offers many benefits, such as the ability to scale globally, but it also has its drawbacks.
Drawbacks of an Unpredictable Internet
With an SD-WAN, you're relying on the Internet. Yet, the Internet is unpredictable and can be prone to outages. And, due to the mesh-like nature of the Internet, outages can have widespread ripple effects that can be hard to trace back to the source or even to know who will be impacted by it. Moving away from a tidy managed service delivered by a provider also strips away assurances (i.e., SLAs) around network latency, performance, availability, and quality of service that the Internet can affect.
Also, network teams often carry the complicated burden of proving the network innocent whenever something goes wrong. And IT constantly struggles to ensure reliable connectivity and application performance across networks and services they have little or no control over. Application issues can also look like network issues. So, you can imagine the finger-pointing that goes on. Meanwhile, searching for the true source of issues often leads to prolonged service disruptions that ultimately impact revenue and muddy the business's reputation. It can be a pretty messy process.
Need to See Deep
Still, the lure of greater network agility has many companies choosing to deploy SD-WANs despite its challenges. Yet, to execute sound readiness audits, architecture planning, deployment, and operations, enterprises need one essential thing that they don’t have now—end-to-end visibility into both the network’s overlay and its underlay. To know what’s going on, to gain true SD-WAN end-to-end visibility, you need to see deep into every ISP, every node, and every link that connects them. Without that, your visibility and rollout plan has blind spots.
More broadly, there are five requirements for comprehensive SD-WAN visibility. They include:
- In-depth Internet visibility
- The ability to drill into the network underlay
- The capacity to correlate app and network performance
- A view of historical data to help set benchmarks and KPIs
- Quick and easy fault isolation
View of the Entire SD-WAN Fabric
ThousandEyes enables enterprises increasingly dependent on the Internet and cloud and SaaS applications to visualize, understand and then improve the digital experiences of their customers and employees. With ThousandEyes Internet and cloud intelligence, IT teams can gain a 360-degree view of their WAN and external dependencies, whether network, application or cloud-delivered security. In other words, ThousandEyes gives IT the complete, end-to-end visibility they need to see their entire SD-WAN fabric—and beyond.
Watch the webinar on ensuring SD-WAN performance
Armed with that visibility, they can quickly pinpoint the source of issues, resolve them faster, and better manage performance moving forward. Here are five additional ways that describe what ThousandEyes does:
- Equips you with hop-by-hop visibility into the network underlay (with detailed path and performance metrics)
- Proactively measures and monitors overlay performance and routing policy validation
- Measures the reachability and performance of both SaaS and internal apps
- Sets regional network and application performance baselines before, during, and after deployment
- Automatically detects SD-WAN underlay and overlay paths to identify performance bottlenecks
How is all this possible? ThousandEyes does this using multi-layer telemetry data collected from vantage points distributed throughout the SD-WAN. Enterprise Agents monitor network activity from the inside to help you better understand connectivity and traffic from data center to public cloud and VPN Gateway. Cloud Agents give you access to performance data from local transit providers and last-mile ISPs to simulate end user performance. They can help you determine if performance issues originate from the infrastructure and assets you control or from assets beyond your control, such as SaaS applications or the Internet itself. Lastly, Endpoint Agents, installed on employee laptops and desktops, monitor activity from the end user perspective. In unison, these agents give you a comprehensive, end-to-end view of your entire SD-WAN fabric.
Tips for Launching an SD-WAN
Now that you know what ThousandEyes does and how it works, let’s discuss five tips that will help you successfully launch your company’s SD-WAN.
Tip 1 is to benchmark and compare MPLS and Internet service performance to make sound transport decisions. Establishing pre-rollout benchmarks will help you understand how each component of your network performs today so that you can accurately assess SD-WAN performance after deployment.
Tip 2 is to baseline and set performance thresholds and KPIs for your business-critical SaaS and internal apps. You have to know your performance levels before you can improve upon them. Once you know your baselines, you can then establish your post-deployment KPIs for things like latency, loss, and jitter.
Tip 3 involves validating your SD-WAN vendor performance and policy routing behavior. By testing and comparing ISPs in various regions, you’ll discover which ones will perform best for you. You can emulate vendor performance and put yourself in a better position to decide how to route your traffic for the optimal path.
Tip 4 brings us back to the SD-WAN underlays. Assess your transport underlays to ensure performance and validate traffic routing through the various providers and services you’re using.
Tip 5 is to understand the performance impact of your cloud security solutions. Evaluate how your web gateways, cloud security solutions, and SaaS app authentication are impacting network performance. If you find any adverse impacts, you’ll know which aspects of your SD-WAN’s security might need addressing.
ThousandEyes + Cisco SD-WAN Platforms
ThousandEyes Enterprise Agents are now natively integrated within Cisco SD-WAN routing platforms. Supported Cisco SD-WAN routers provide a turnkey hosting environment to run ThousandEyes vantage points at your branch and campus WAN edge—without the need for separate computing infrastructure. Now you can see every Layer 3 hop across the network underlay and correlate network and application performance to solve user-impacting issues quickly.