Native SD-WAN monitoring tools are not enough, survey says

SD-WAN platforms provide some native monitoring, but supplemental monitoring tools are needed, particularly when seeking the root cause of poor application performance, according to an Enterprise Management Associates survey.

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]
Laurence Dutton / Getty Images

(Editor’s note: A recent Enterprise Management Associates survey of 303 WAN managers found that native monitoring is an important factor in choosing SD-WAN products, but many respondents say additional third-party monitoring tools are also needed. This article by EMA Vice President of Research Networking Shamus McGillicuddy explores some of the survey results  included in the report “Enterprise WAN Transformation: SD-WAN, SASE, and the Pandemic” that is based on the survey.)

SD-WAN technology offers native monitoring capabilities that can enhance network operations. It’s a major selling point, right up there with hybrid WAN connectivity and direct cloud connectivity, but native SD-WAN monitoring is not a replacement for traditional network monitoring tools.

SD-WAN products typically have a cloud-based controller that offers both visiblity and management for the overlay that SD-WAN creates on a company’s physical WAN. Most of the SD-WAN-controller consoles offer reports and dashboards with clear insights into performance by site, by application, and by cloud provider.

This visiblity component is essential to an SD-WAN implementation, and the survey found that enterprises list native monitoring as the third most important SD-WAN product requirement. (The first two are hybrid-connectivity support and integrated network security.) Also, 48% of IT organizations consider improved visiblity a top driver of SD-WAN adoption.

Third-party monitoring is essential to SD-WAN

However, 91% of enterprises also monitor or plan to monitor their SD-WAN environments with a supplemental network monitoring tool, and 41% say third-party monitoring is essential to network operations. If SD-WAN offers native monitoring, why are third party tools necessary?

Here’s a clue. Administrators and analysts in network operations centers (NOC) were the least likely to consider third-party monitoring of SD-WAN to be critical to network operations. But network engineers, who typically receive escalated tickets from NOC administrators, were the most likely to think third-party monitoring is critical.

It’s easy to imagine how that plays out. A NOC analyst receives a trouble ticket from a user in a branch office. The analyst looks at the SD-WAN console and sees that certain applications are performing poorly, but, drilling down into the console’s reports, sees no obvious root cause for the problem.

The ticket escalates to a network engineer, who has access to network flow monitoring, BGP monitoring, and synthetic monitoring tools. The reports in the SD-WAN console help direct the troubleshooting, but these other tools are used to find the root cause.

Limitations of native SD-WAN visibility

This leads to another finding from the survey: 65% of WAN managers that are engaged with SD-WAN perceive problems with its native monitoring capability. Nearly a third (30%) say it offers limited or no visiblity into the WAN underlay (the MPLS or broadband networks over which the SD-WAN overlay is built).

Additionally, 30% said the native monitoring tools offer poor visibility into applications. In other words, perhaps their application intelligence is based on ports and protocols, rather than Layer 7 application signatures. Or perhaps their Layer 7 application-signature library is too narrow, providing visibility into only the most popular applications.

Data-collection granularity in native SD-WAN monitoring is a significant problem for 29% of IT organizations. In this case, the intervals between data collection are too long, and if a network manager tries to reduce those intervals, overall network performance might degrade.

Headaches of integrating third-party monitoring

Given these limitations, it’s no surprise that enterprises require third-party monitoring. Unfortunately, implementation requires some work. Many SD-WAN products are proprietary. They don’t always support network data standards like SNMP and IPFIX. And if they do, their implementations can be problematic. Most network-monitoring vendors have integrated their products with some SD-WAN products. There are a lot of vendors out there, so it’s not safe for a network team to assume their current monitoring vendor is going to support a given SD-WAN product.

All of this adds up to potential headaches. The research found that only 48% of WAN managers are satisfied with third-party monitoring of SD-WAN. In fact, monitoring satisfaction often correlated with a willingness to buy new monitoring tools. Keep this in mind as you’re planning an SD-WAN solution.

Copyright © 2021 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022