This Industry Viewpoint was authored by Hamza Seqqat, Director of Solutions Architecture, Apcela
SD-WAN is starting to see a high rate of adoption among enterprises. For most companies, however, it’s still early days of their SD-WAN implementation. Most are focused on getting the “Day One” automation benefits out of their new WAN. For example, having a centralized orchestrator managing all the policies is so much easier compared to having network engineers and technicians using various tools to manage router configurations all independently. That’s a leading out-of-the-box benefit of SD-WAN.
Once enterprises get up the curve on deploying SD-WAN, they begin to ask, “What more can we do with this technology?” That’s when they are ready to look at the “Day Two” benefits that enhanced data analytics can provide.
There’s a growing base of SD-WAN deployments where the organizations are starting to struggle when they get into the limitations on reporting. Granted, SD-WAN reporting is still better than the old world of Cisco ISR routers at the edge where there’s just not a lot of reporting, period. Nevertheless, the built-in reporting features of SD-WAN have some serious limitations relative to the kind of data that’s available, particularly as it pertains to the deep packet inspection capabilities—but that can be remedied.
One of the most powerful things about SD-WAN is that it typically delivers everything via a single API. That makes it possible to tap into that API and pull the data outside of the traditional user interface and into an analytics platform. The organization can then start to analyze data across the overlay network, in this case the software defined WAN, as well as the underlay network and whatever the transports are—MPLS, Ethernet, dedicated internet access, etc. An enhanced analytics platform enables faster correlation of data from these silos, which in turn leads to quicker resolution of problems.
The power of an analytics platform
That API is also programmable, meaning instructions can be sent back through it. Thus, it’s possible to collect data, analyze it, make decisions, write algorithms to deliver automation, and then send those automation commands back through the API to make changes in the network and application delivery environment in real time.
Programmability through the API will be the real power of software-defined networking. For things like intent-based networking, it’s still very early in the game. But today, enhanced analytics from the entire networking environment can be a boon for troubleshooting and remediation. Typically, for any given problem today, as much as 80% of the time is spent on identifying the problem, with only 20% spent on remediation. By using an analytics platform to discover the underlying cause of the problem, the time to isolate the problem is condensed, which greatly reduces the mean time to resolution.
As more problems are identified over time, signatures in the data become apparent, and technicians can program an algorithm to proactively look for those signatures and then automate the remediation process. Granted, this level of automation is down the road for most enterprises, but not too far away.
The analytics platform is key to making it all happen. With an enhanced analytics platform, enterprises gain visibility into and across the myriad systems running on their networks. They can capture, manage, index and build insight from performance and operational data from their networks, applications and other operational systems. The platform provides a single source of information or consolidated perspective on the operating parameters of the many components affecting application performance. A single pane of glass, if you will.
Faster resolution of problems
Here's an example of the type of problem that an analytics platform can really help with. A large national retailer with thousands of stores recently moved to SD-WAN. All of their retail outlets now use broadband connections. After getting rid of MPLS, they saved quite a bit of money. They’ve even configured the SD-WAN so that traffic is centralized within four distributed demilitarized zones (DMZ) in North America. As a result, each one of the retail outlets goes back to one of those regional data centers, where traffic then goes to an application in that data center or to the public internet to access something in the cloud.
The retailer had an issue that appeared to be a firewall problem. It was so serious that 1,200 stores were unable to process transactions or do much of anything else. People from four different teams tried to find the problem. The security team looked at the firewalls. A network team looked at the software-defined WAN. Another network team looked at the underlying broadband networks. A fourth networking team investigated events in the data center. With all these teams in action, it took six hours to find the root of the problem, which turned out to be an error in the egress router in the data center that stood between the DMZ and the public internet.
The problem with this troubleshooting approach is that the teams were trying to manually correlate information from across four siloed areas. If all that data had been going into a single analytics platform that allowed them to look at the data cohesively with visualization tools, they could have uncovered the origin of the problem much faster. The remediation time could be cut by as much as 90%. That’s nearly three and a half hours of time that each person chasing the problem resolution could get back.
This is just the start of what an analytics platform can add to SD-WAN. There’s more in store once enterprises are ready to pursue their “Day Two” benefits.
Hamza Seqqat, Director of Solutions Architecture, Apcela
Leading Apcela’s solutions architecture efforts, Hamza is responsible for collaborating with customers to design cloud-ready, next-gen solutions. While his core responsibility is supporting a team of solutions consultants and working closely with enterprise customers, he also works with Apcela’s product team to develop new offerings. Prior to joining Apcela, Hamza designed and deployed the core network infrastructure for large carriers including: Time Warner Cable, Charter and Windstream. Additionally, he designed and deployed DukeNet’s first 100G core network.