In a Software-Defined Wide Area Network (SD-WAN), a branch router uses two or more network connections to dynamically route traffic over one another based on its profile. For example, real-time Voice-over-IP (VoIP) traffic is sent through a low latency MPLS circuit, while high bandwidth applications that don’t require low latency are routed over a broadband Internet connection. Another benefit of SD-WAN routers is that traffic is dynamically distributed between links, on a per-packet basis, based on congestion, latency, and loss.
Distributed enterprises with remote offices can reduce network connectivity costs, while at the same time, simplify network operations, in turn, saving labor costs. For example, AT&T cut $1.5B in labor-related costs thanks to SD-WAN. In fact, setting-up and operating an SD-WAN deployment is generally simpler than using legacy networking technologies. The reason being that software-defined networks provide programmatically efficient configurations out of the box, without requiring network engineering skills.
SD-WAN Also Brings New Challenges: Here are Three
Like any new technology, SD-WAN also has its challenges. In speaking with network engineers who have adopted SD-WAN solutions at remote branch offices, I typically hear them coping with the following:
Challenge #1: Split tunneling defeats centralized monitoring.
SD-WAN implements a split tunnel. In a split tunnel configuration, a remote site has a direct broadband connection to reach the Internet, and a private connection to reach intranet resources. The private connection is established between the branch router and the company’s data center via a VPN tunnel or an MPLS connection. With such configuration, centralized network monitoring solutions cannot detect reachability or application performance degradation issues that users at remote sites are experiencing. This is because the monitoring server is located at the data center.
Challenge #2: Engineers can be oblivious to the end-user experience.
SD-WAN routers implement passive application performance monitoring to identify and profile the applications that traverse their interfaces, prioritize mission-critical data, and optimize routing decisions. While this level of monitoring is key for an SD-WAN router to make routing decisions on its multiple network links, it doesn’t provide an effective measurement of end-user experience from an application and/or end-to-end perspective. Without end-to-end metrics such as network latency, packet loss, DNS resolution time, and HTTP loading time from the user layer, it becomes very difficult to capture the end-user experience and enforce SLA.
Challenge #3: Performance issues can be difficult to troubleshoot.
Let’s assume a wireless user at a remote location complains that the network is slow. Where do you start troubleshooting this problem? Assuming that it’s a network related problem, many factors could be the cause, such as the WiFi network, the LAN, the client itself, the configuration of the SD-WAN appliance, and the WAN/Internet links. SD-WAN solutions provide valuable information and analytics about the traffic that flows through their interfaces. Yet, they only provide one side of the story.
SD-WAN Requires Proactive Monitoring at the Edge
In an SD-WAN network, active and distributed performance monitoring is needed to quickly detect and troubleshoot connectivity as well as performance degradation issues. Because SD-WANs can easily extend the reach of the network beyond traditional branch offices to a wide range of IoT and IIoT (Industrial IoT) devices, the edge becomes more complex, requiring more diligent monitoring capabilities.