What is SD-WAN Analytics?

SD-WAN analytics is the process of collecting and analyzing data generated by a software defined wide area network, or SD-WAN.

As businesses increasingly shift from traditional WANs to SD-WANs, the ability to monitor networks using SD-WAN analytics is essential for achieving the network performance and security goals that SD-WANs are supposed to enable.

To understand the role played by SD-WAN analytics in modern network operations, it’s first necessary to understand the goals that businesses seek to achieve when shifting from WANs to SD-WANs.

One of the main reasons why organizations migrate from WANs (which use physical hardware to manage network connections and traffic) to SD-WANs is that modern network operations often involve complex, distributed applications that are hosted in the cloud. Compared to traditional monolithic applications that run inside a local data center, modern applications generate more connections and much higher volumes of traffic. Some of the most common reasons why include:

• Microservices: In applications that use a microservices architecture, each microservice relies on one or more network connections to communicate with other microservices.
• External services and integrations: Modern applications frequently need to connect to a variety of third-party services — such as an object storage service that they use to store data and an IAM service that they use to manage access.
• Distributed hosting architectures: Cloud-based applications may have different components running in multiple cloud regions — or even multiple clouds — at the same time. Each component relies on the network to communicate with other components.
• VPNs and VPCs: Today’s applications often use software-defined networking configurations, like VPNs and VPCs, to restrict access to resources via the network.

Although it’s technically possible to manage complex networking requirements like these using a WAN, SD-WANs are more efficient and easier to work with because they allow teams to define complex networking rules using software, rather than having to configure physical devices to handle each facet of network operations. In addition, because a single SD-WAN can typically manage all of an organization’s networking requirements through a single interface, SD-WANs simplify administration and help to centralize network monitoring.

Because WANs are usually used in cases where network operations are simple, there is typically relatively little data that you can collect and analyze from a WAN. You can monitor basic metrics like packet loss and latency for your applications as a whole, and you may be able to analyze WAN performance data on a per-user or per-location basis. Beyond this, however, there is little granularity or nuance associated with traditional WAN monitoring.

When you manage your network using an SD-WAN, however, end-to-end network monitoring is a paramount priority for ensuring that SD-WANs can adequately handle the complex networking configurations that they are intended to support. Without carefully monitoring your SD-WAN, you may fail to detect performance issues such as high latency within traffic between two cloud services or improper network load balancing across redundant cloud regions.

In other words, SD-WAN analytics is the only way to know that your SD-WAN is actually achieving what you intend it to achieve. Without deep visibility into the health of your SD-WAN via analytics, you run the risk of investing in an SD-WAN that fails to deliver the agility and reliability that distinguish SD-WANs from conventional WANs.

SD-WAN analytics can also play a role in security by exposing unusual traffic patterns or other anomalies that may be signs of a breach. Although complete network security requires much more than just SD-WAN analytics, the latter offers one means of detecting security issues that you may otherwise miss.

No two networks are identical, and SD-WAN analytics solutions should always be tailored to the architecture of your organization’s SD-WAN, as well as the monitoring goals that you prioritize. However, in general, you should expect any SD-WAN solution to deliver a core set of features, including:

• Automated collection of SD-WAN data from across all transport circuits, network services and endpoints, including network flow data.
• Automated analysis of SD-WAN data using artificial intelligence or machine learning, which can alert network admins to complex networking trends or anomalies that would be hard to detect manually.
• The ability to “slice and dice” SD-WAN analytics results so that admins can analyze the performance and security of individual network components (such as VPNs, VPCs, specific types of services or a collection of endpoints) in addition to monitoring the SD-WAN as a whole.
• Integrations that allow SD-WAN analytics tools to share data with other types of monitoring and security tools, such as network observability platforms.
• Support for deploying SD-WAN analytics monitoring tools in any location — from on-premises servers, to private data centers, to public and hybrid clouds.
• Automated alerts so that your team knows immediately when a problem occurs within the SD-WAN.

While the core use case for SD-WAN analytics involves monitoring an SD-WAN once it is up and running, an additional role that SD-WAN analytics can play is helping teams to validate network configuration plans before they are implemented.

Admins can define the requirements that an SD-WAN needs to meet, such as the bandwidth and latency baselines it needs to ensure for different transport circuits. Then, they can deploy SD-WAN analytics tools to help assess the ability of their proposed SD-WAN configuration to meet those requirements.

Using SD-WAN analytics to test configurations before you roll out an SD-WAN (or before you make changes to an existing SD-WAN configuration) helps avoid unforeseen performance or security issues and reduces the number of networking problems that impact live production environments.