• United States

Native SD-WAN monitoring tools are not enough, survey says

Jan 20, 20214 mins
Network MonitoringNetworkingSD-WAN

SD-WAN platforms provide some native monitoring, but supplemental monitoring tools are needed, particularly when seeking the root cause of poor application performance, according to an Enterprise Management Associates survey.

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]
Credit: Laurence Dutton / Getty Images

(Editor’s note: A recent Enterprise Management Associates survey of 303 WAN managers found that native monitoring is an important factor in choosing SD-WAN products, but many respondents say additional third-party monitoring tools are also needed. This article by EMA Vice President of Research Networking Shamus McGillicuddy explores some of the survey results  included in the report “Enterprise WAN Transformation: SD-WAN, SASE, and the Pandemic” that is based on the survey.)

SD-WAN technology offers native monitoring capabilities that can enhance network operations. It’s a major selling point, right up there with hybrid WAN connectivity and direct cloud connectivity, but native SD-WAN monitoring is not a replacement for traditional network monitoring tools.

SD-WAN products typically have a cloud-based controller that offers both visiblity and management for the overlay that SD-WAN creates on a company’s physical WAN. Most of the SD-WAN-controller consoles offer reports and dashboards with clear insights into performance by site, by application, and by cloud provider.

This visiblity component is essential to an SD-WAN implementation, and the survey found that enterprises list native monitoring as the third most important SD-WAN product requirement. (The first two are hybrid-connectivity support and integrated network security.) Also, 48% of IT organizations consider improved visiblity a top driver of SD-WAN adoption.

Third-party monitoring is essential to SD-WAN

However, 91% of enterprises also monitor or plan to monitor their SD-WAN environments with a supplemental network monitoring tool, and 41% say third-party monitoring is essential to network operations. If SD-WAN offers native monitoring, why are third party tools necessary?

Here’s a clue. Administrators and analysts in network operations centers (NOC) were the least likely to consider third-party monitoring of SD-WAN to be critical to network operations. But network engineers, who typically receive escalated tickets from NOC administrators, were the most likely to think third-party monitoring is critical.

It’s easy to imagine how that plays out. A NOC analyst receives a trouble ticket from a user in a branch office. The analyst looks at the SD-WAN console and sees that certain applications are performing poorly, but, drilling down into the console’s reports, sees no obvious root cause for the problem.

The ticket escalates to a network engineer, who has access to network flow monitoring, BGP monitoring, and synthetic monitoring tools. The reports in the SD-WAN console help direct the troubleshooting, but these other tools are used to find the root cause.

Limitations of native SD-WAN visibility

This leads to another finding from the survey: 65% of WAN managers that are engaged with SD-WAN perceive problems with its native monitoring capability. Nearly a third (30%) say it offers limited or no visiblity into the WAN underlay (the MPLS or broadband networks over which the SD-WAN overlay is built).

Additionally, 30% said the native monitoring tools offer poor visibility into applications. In other words, perhaps their application intelligence is based on ports and protocols, rather than Layer 7 application signatures. Or perhaps their Layer 7 application-signature library is too narrow, providing visibility into only the most popular applications.

Data-collection granularity in native SD-WAN monitoring is a significant problem for 29% of IT organizations. In this case, the intervals between data collection are too long, and if a network manager tries to reduce those intervals, overall network performance might degrade.

Headaches of integrating third-party monitoring

Given these limitations, it’s no surprise that enterprises require third-party monitoring. Unfortunately, implementation requires some work. Many SD-WAN products are proprietary. They don’t always support network data standards like SNMP and IPFIX. And if they do, their implementations can be problematic. Most network-monitoring vendors have integrated their products with some SD-WAN products. There are a lot of vendors out there, so it’s not safe for a network team to assume their current monitoring vendor is going to support a given SD-WAN product.

All of this adds up to potential headaches. The research found that only 48% of WAN managers are satisfied with third-party monitoring of SD-WAN. In fact, monitoring satisfaction often correlated with a willingness to buy new monitoring tools. Keep this in mind as you’re planning an SD-WAN solution.


Shamus McGillicuddy is the research director for the network management practice at Enterprise Management Associates. He has been covering the networking industry for more than 12 years as an analyst and journalist. Prior to joining EMA, Shamus was the news director for TechTarget's networking publications. He led the news team's coverage of all networking topics, from the infrastructure layer to the management layer. He has published hundreds of articles about the technology and competitive positioning of networking products and vendors. He was a founding editor of TechTarget's website, a leading resource for technical information and news on the software-defined networking industry.

More from this author