SD-WAN, one of the most disruptive network technologies of the past few years, has a fast rate of adoption. Enterprises adopting SD-WAN are driven by key factors such as WAN cost savings, application performance improvement, management and operation simplification, and more. Research shows 95% of enterprises are using or expect to use SD-WAN within 24 months.
To achieve the four main promises of SD-WAN – which are agility, security, performance, and management and operations – many practitioners will tell you SD-WAN visibility plays a critical role in a successful deployment. In this blog post, we are going to share our thought process and progress in solving visibility challenges for SD-WAN users to help them operate efficiently.
The SD-WAN idea sounds simple, but the path to SD-WAN is complicated. Think about how many choices of different vendors and different approaches are out there. In order to lead a successful SD-WAN deployment journey, users need to take the approach of looking at the entire SD-WAN lifecycle to understand what kind of visibility is most helpful in different phases. Here is some guidance:
SD-WAN is just one piece of the puzzle. At Kentik, we aim to solve network visibility for all components of your network in one unified view.
Universal Data Records (UDRs) are an architectural element of the Kentik Platform. UDR makes it possible to apply Kentik’s powerful machine learning and analytics across a rich, correlated schema for translation into actionable insights that include business, service, and application context.
With UDR, Kentik can quickly add more data sources to the platform to stay ahead and address the always-evolving network visibility challenges faced by our customers. That is how Kentik has been able to add the support of specific SD-WAN vendors in a speedy manner, including Cisco and Silver Peak SD-WAN, as well as specific firewalls like Cisco ASA, Zone-Based Firewall, Palo Alto Networks Firewalls, and other devices that are applicable to enterprise networking.
In the SD-WAN context specifically, UDR gives Kentik the capability to ingest vendor-specific fields, which are very important in the SD-WAN space (e.g., Viptela: VPN Identifier, and Silver Peak: Application, Business Intent Overlay).
SD-WAN’s blind spots that reside in either overlay or underlay, or both, could increase the deployment and operational difficulties and inefficiencies. An automatic map-out of the visualization of SD-WAN’s underlay and overlay traffic insights would be super helpful to understand the current SD-WAN deployment.
Let’s take SilverPeak SD-WAN for example. The following image captures the visualization of SD-WAN fabric with underlay and transport that connect various sites and data centers in “Network Map.” You can drill down to further traffic details of a certain Site/Device/Provider from there.
Meanwhile, you can also visualize the overlay traffic via Business Intent Overlay (BIO), a Silver Peak-specific term that specifies how traffic with particular characteristics is handled within the network (see the Sankey diagram below). This is also to verify the intent of the traffic and its path.
Moreover, you can visualize all the traffic that traverses on all transport links (e.g., MPLS, internet, etc.) and validate current implemented SD-WAN traffic policies.
The following Sankey diagram shows the details of the traffic that flows out of Branch 1 of the SD-WAN environment, such as source/destination site, source VPN, application, DCSP, destination transport, and more.
Moving forward, we will continue to drive a strong roadmap for SD-WAN visibility, including:
If you’re ready to dive right in or have feedback, suggestions, and enhancements, please reach out to us at email@example.com.