WAN Management Strategies for 2021 and Beyond Replay

Hey. Welcome to, today's webinar on operationalizing the wide area network in twenty twenty one. I, thank you all for joining us today. Today's webinar, you'll be listening to me, Seamus McGillicuddy. I'm the vice president of research at industry analyst firm Enterprise Management Associates. My research practice focuses on network engineering and operations in the enterprise space. And with me is Aaron. Aaron, would you like to introduce yourself? Yeah. Hi. My name is Aaron Kugawa, and I'm a technical product manager here at Kentik. Kentik is network observability company. Our platform helps you to plan, run, and fix any network, and we support many different networks from WAN to SD WAN, cloud data center, service provider networks, and content delivery networks. Great. Thanks for the introduction. So today, I I mentioned we're gonna be talking about operationalizing your your WAN in twenty twenty one. So here's an agenda. This agenda is driven partially by researching in January of twenty twenty one, which if you were watching this before then, isn't available yet, called WAN transformation, enterprise wide area network transformation. It looks at how enterprises are hybridizing the networks with the Internet, using software defined WAN to transform network architecture and network operations, and also looks at the pandemic a little bit and how that's affecting your network. So so a lot of the insights in this is from that. Also, Kentik will be talking about they address the issues that my research is uncovering. So the agenda goes like this. We're gonna talk about how to get visibility into the Internet WAN or the hybrid WAN, which is a mix of Internet connectivity and managed WAN services like MPLS. We'll look at how third party monitoring is essential to a software defined WAN implementation. We'll also look at how the home office must be operationalized given what kinds of changes businesses we've seen in the pandemic. We will look at how active monitoring close not only a hybrid WAN visibility gap, so a cloud visibility gap. And then we'll talk about Kentik's approach to operationalizing all this, the the hybrid WAN and soft end textures. So first off, getting visibility into the Internet based WAN. The research I talked about earlier found that Internet connectivity as a frontline WAN for enterprise, pretty much universal now. Nine percent of enterprises are planning to use it. And all but only seventeen percent are they're holding they're they're basically supplementing their bandwidth core managed services, which creates a hybrid network. We asked enterprises and search, why are you doing this? Why are you using Internet? I mean, it's been going on for a few years. Most of you probably have your own read, but these are the ones that were driving their decision making. Cloud connectivity. The Internet is the connect the the way that most people connect to a cloud, at least when you're doing direct connectivity from a from a remote site or a home office, a branch office, and so forth. Network flexibility. They wanna be able to to change things on the network, maybe, like, implement a new VPN technology or or something like that. They also have high bandwidth requirements. I mean, the Internet is the cost per bit for the Internet is much lower than MPLS, at least in North America. And we also asked them what kinds of challenges you run to run into when you hybridize your your networks like this. And the top three were application performance, so it becomes harder to manage application performance. I mean, with a lot more bandwidth, your applications better probably because you get suddenly, you open updates. But Internet behaves much more differently than managed WAN services, and so managing app They they encounter inconsistent quality across ISPs. So, you know, you don't you don't have, like, a single rider anymore. Your strategic MPLS rider is no longer the the go to person to deal with when you're having win. You suddenly have, like, five or six v s ISPs over whatever geography your your footprint is in. And inconsistent global performance across geographies. So the Internet backbone, unpredictable. You know, you might have some technology that that optimizes the first and last mile of your net Internet connectivity, you know, but once it hits the backbone, it's best effort, and and you're really at the mercy of, what all the providers that are pairing to each other are doing with their routing. So how do you operationalize these hybridized networks? Because it is gonna be an issue for most of you. We asked the enterprises in our survey, did your hybridization of your win with the introduction of Internet based connectivity require changes to your tool set that you use for network monitoring and troubleshooting, capacity management, and so forth? Ninety four percent said yes. They had to make changes. Nearly half had to acquire new tools, slightly fewer upgraded or adapted existing tools. Maybe they added new maybe they, you know, went to the next version of their provide their their incumbent tool or or they subscribed or licensed a new module that gives them some better visibility on the Internet. Bottom line, only six percent of them said they could get away with, you know, the toolset as it was prior to hybridization. So we asked them what operational data becomes more important when you're relying on the Internet. And you see here synthetic monitoring, active monitoring tools that inject traffic into the WAN and hit things like the cloud from the end user perspective, from the perspective of your remote sites, is a game changer. And that little orange star you see above it is an indicator of a best practice. Enterprises who told us that they were successful with WAN ops in general WAN operations in general were more likely to pick that out as something that's becoming more important to them. Routing data, also big. You know, what's what's what's BGP doing? You know? What what how are things peering? Things like that. Endpoint transactions. So, you know, getting right to the endpoint of your users to understand end user experience. And flows, NetFlow, IPFix, sFlow, those are the big four, basically. Yeah. If I could just jump in here. Yeah. So Kentik, we totally believe that monitoring is key here. We also see that same demand from our customers about operational data. But the key thing also is that we're hearing from our customers that they want it all in one tool instead of having to buy five tools. And in this past summer, we actually launched our new synthetics product in our platform, and we're the only solution that provides traffic analysis, synthetic tests, and also integrating that with the network topology. We don't support everything, we don't have endpoint transaction tests yet, but that's something that our customers have been asking for and is on our roadmap. So the response from the industry has been pretty great. Since our launch in the summer, our customers and prospects have configured thousands of tests, utilizing hundreds of globally available agents, including over one hundred Cloud agents. And another thing is we do it at an affordable price. So we're really excited about the possibilities here of combining all this data and to help operationalize the Wine and SD WAN. Cool. Here, we also asked them about what kinds of metrics help them what Internet metrics help them with hybrid WAN monitoring. You see, majorities of them said that they really like end to end loss latency and jitter analysis across Internet paths. And, also, you know, collecting and analyzing Internet and ISP outage reports just to get a sense of what's going on with their providers if they can get access to that. And then a little less than half said that DNS availability, DNS resolution time was important to them. And then a solid minority are going deeper with their their path analysis by doing hop by hop analysis of packet loss and latency and jitter. That can be really helpful not only with managing Internet performance, but also understanding what's happening with your external cloud resources as well and end user experience. So third party monitoring of software defined WAN is essential. So SD WAN, everyone's using it these days or thinking about using it at least. I my research shows about ninety eight percent of distributed enterprises are engaged with SD WAN in some way, whether it's, you know, evaluating vendors, doing POCs, piloting, thirty seven percent about thirty seven percent are have completed an implementation of some kind. Now SD WAN is a nice little boon to your overall operational visibility. It provides native visibility into the overlay that an SD WAN technology creates on your network. You know, they most SD WAN providers create site to site tunnels between your your corporate sites, between your corporate sites and your cloud, and they are designed usually to provide good metrics and analysis of what's happening in those tunnels. And also depending on how much application intelligence they have built into them, visibility into application performance metrics. But that's kinda where it ends for most of them. Sixty five percent of enterprises in my research tell me that they're having significant challenges with the native SD WAN visibility and monitoring, and you see the top four here. Thirty percent said that one of their biggest issues is that an SD WAN solution does not provide visibility into the underlay. Your ISPs, your MPLS, whatever you're using as a network connectivity technology, they don't give you real visibility into that. They're only it's only inferred from what they're seeing in their tunnels. Thirty percent have limited node or no visibility into applications, so they're dealing with vendors that don't have good app intelligence. Then there's twenty nine percent who say that the data that SD WAN collects from its overlay lacks granularity. So, you know, the the the intervals between data collection is too long. They're missing things, microbursts, brownouts, whatever. And twenty nine twenty seven percent say that they have limited or no visibility into the SD WAN hardware because they're they're adopting an SD WAN solution that's primarily software, probably, where, you know, they they they'll they'll source and sell you a piece of hardware that sit in your branch, but they don't really do much with it other than, you know, install their software on it. And maybe they haven't done much to implement them, SNMP, MIBS, and and and so forth. And so they're not really giving you really good visibility on what's happening in the hardware. So those are the big four. There are other issues as well, but those are the ones that rose to the top. So EMA believes that you should use a third party tool for SD WAN operations, and ninety ninety one percent of enterprises in our research agree. Fifty one percent say that it's it's helpful, which means they're not necessarily gonna require it, at least not right away. But forty one percent say it's critical, so they're definitely doing it. And we found when we when we correlated those responses with who told us that they're successful with their SD WAN projects so far, third party monitoring criticality correlates with success. So that tells you it's a best practice or at least a potential best practice. And we also found that it's it's essential to the two tier two and tier three responders. So network engineers and information security professionals were more likely to say that it's critical to have third party monitoring of SD WAN, whereas the the NOC analysts and admins were less likely because they're probably the more they're more likely to rely on the native SD WAN visibility. And if they have a problem they can't solve, they escalate. And then it's up to the engineers and so forth to do it to dig into reports and a third party tool to really figure things out. Yeah. Yeah. Yeah. I mean, this this finding is definitely in line with Kentik's vision for helping the SD Of course, we don't really wanna replace any native SD WAN monitoring. You need a few systems to orchestrate and keep them up and running. However, we do see our customers, they want to use Kentik to help complement that. Because we collect and store more data for a longer period of time. We provide additional visualizations of underlays and overlays, and we have out of the box ways to identify applications. Our customers rely on our ability to slice and dice their data using our flexible reporting system. We can create any dashboard that would help them. We also allow them to create custom alerts based on our sophisticated baselining system. And the bottom line is that we think that we can help them provide to find solutions to their problems a lot faster and easier in Kentik. And I would think I would say that a lot of SD WAN vendors recognize the limitations of their native operational capability. They often welcome partnerships with third party monitoring vendors. And if you are evaluating an SD WAN solution, you should probably ask them if they partner with any vendors, especially your preferred operational tool vendors. Like, so if you're a Kentik customer and you're thinking about SD WAN, should probably ask, you know, do any of your other customers use Kentik to monitor you? What's their experience been like? Are you do you play nice with them? Yeah. Stuff like that. In fact, we are partners with some of these companies as well. There you go. I did not I was not coached to say that. The home office must be managed. Work from home is the new normal as many of you can probably relate to this picture, Whether it's a cat, dog, a canary, or a child, your life is different. Your work life is a lot different because of them. But, anyway, ninety three percent of enterprises experienced a growth in work from home workforces during the pandemic. That growth averaged four and a half x, an order of magnet four and a half times increase. Fifty percent of enterprises say they think their work from home population will remain permanently elevated. It will probably go down a little, but or a lot, but not all the way back to where it was in February and before. And, also, enterprises that saw significant increases in their work I mean, sorry. Enterprises that's dealing with that work from home surge also saw significant increases in real time application traffic on their network. So people are doing Zooms, webinars, a lot more voice calls over the Internet or your network, a lot more video conferencing, a lot more collaboration apps, that are driving up, sensitive latencies and lost latency sensitive traffic. Jitter sensitive as well. Sorry. Operationalizing work from home networking, I think, is going to be a priority in twenty twenty one. We'll be doing research on it. But we we did do some preliminary research in this project that I'm citing data from. First, we asked these people, what do you think are the best insights to help you understand user experience in all your home office users' environments? And the two biggies were application health and performance. So making sure you have good operational insight into your your data center, your private cloud, your public cloud, your your and, hopefully, your SaaS applications if you can. And sixty five percent said ISP availability performance. And that means getting good, deep visibility into your hybrid network as we've been talking about. And that's a best practice. Seventy two percent of successful network operations teams said that ISP availability performance is a priority for them. So you see that's an indicator of that best practice. And then forty four percent said head end device health and performance. So, you know, their VPN concentrators are getting slammed. They're pointing their data center operations tools at it to figure out what's going on and perhaps thinking themselves, maybe it's time to migrate that head end VPN concentrator into the cloud. So what tools get you there? These are the ones that people are are turning to the most. Remote desktop access tools is the biggest one that can really help you with troubleshooting on a one to one basis with a user who's dealing with something. Fifty eight percent said Internet monitoring tools, which is getting a JD ISP availability and performance visibility. Right? So, you know, collecting BGP data flows is synthetic as well, although that's a separate category here. Then fifty six percent said they're invested they're they see investments in endpoint monitoring as useful, which can get pretty expensive depending on how much how many end users you are trying to support with it. And then real user monitoring tools is an opportunity for some. That'll be particularly useful for web based applications, whichever one's using these days. And then thirty eight percent said they're deploy deploying probes in some home offices or or see the value of deploying some probes in home offices for active synthetic monitoring. So those are the the ones that they're turning to or planning to turn to. Yeah. Yeah. So work from home has been a very important use case for probably everybody that's watching this webinar. The great thing is that Kentik has been supporting this use case well. We observe all the things that you would expect. As Seamus mentioned, we observe traffic from employees, we observe network health utilization, errors discarded from network interfaces, and our customers have a wide variety of VPN setups, whether it's like a firewall from Palo Alto, and Palo Alto provides end user identification and applications that they're using. But other scenarios our customers use as the page tunnels or other firewall platforms that don't provide visibility, but to complement that, Kentik provides out of the box ways to identify applications. We also allow you to configure custom applications, and we're very internet traffic aware, so that basically means we know where your user's traffic is headed to by identifying the ASM that the traffic is destined to. So that means by default, we know where the traffic is headed to, places like Google or Zoom or Netflix even. And we found that our Internet context is very valuable to support work from home. Now, just give you a quick example. We had a customer that has had trouble with interface errors and discards happening every once in a while. We found that the real culprit wasn't something like Zoom, it was actually Apple updates that hit their employees all at the same time and through their VPN. And so, whether they have to adjust their policy of where that traffic is flowing through or steer that traffic in other ways through their own internet connection instead of through the VPN, those are the kinds of things that our customers are working. Yes. If my voice quality degrades during this this webinar, it's because I'm talking to you through a Mac. So closing the cloud visibility gap. Then the cloud drives new visibility requirements. Forty percent of all corporate network traffic is attributed to the extra attribute attributable to the external cloud services that you're using. That's a mean response of this from a survey of three hundred and fifty network managers in the enterprise space when we asked them, could you please estimate the amount of traffic on your corporate network that is attributable to external public cloud services. Forty percent is high. It could be higher, actually. I've seen it higher. Most enterprises are moving towards multi cloud according to our research. When we ask enterprises in our research how many providers are using, they're they'll tell us they're using at least two PaaS or IaaS providers, infrastructure as a service, and double digit SaaS providers. Now they also tell us their legacy monitoring tools lack sufficient cloud insights just like they lack sufficient Internet insights. The two are kind of related. Fifty five percent of network managers told us in research that they feel that their incumbent tools tool stacks are somewhat less capable with within the cloud when they compare it to the type of visibility they get on their their their on premise networks. And then a small amount, six percent said they're significantly inferior. And we also found that enterprises that said that they have good visibility into the cloud tend to tell us that they're more successful network operations. So that tells you that this should be a top goal for you as especially if you're making significant investments as an enterprise in cloud based services. So how do you improve that? Well, extend your WAN your hybrid WAN operations tools. The tools that you're using to get good visibility into your Internet based WAN are are possibly gonna help you in the cloud as well. Like, active synthetic monitoring can give you a hop by hop or end to end path analysis can, you know, complete the picture. You know, what hops are what's going on as as you go from hop to hop from your your sites, from your users into your cloud that can also give you insight into what's happening at the cloud lay you know, on the cloud side. You know, is the latency driven by the cloud? Is or is it the cloud where the drop packets are originating rather than a router on the way? Native SD WAN visibility can help too. Like, if you're deploying SD WAN gateways in your your your infrastructure as a service footprint to facilitate a cloud on ramp. The native SD WAN visibility is gonna give you insight into the tunnel and give you some, you know, some context for what's happening. And also collect and analyze the data that your cloud providers surface and and provide with your network operations tools. Forty percent of network managers say that they are focused on using VPC flow logs from AWS and so forth and other providers to support to support overall network monitoring. That tells you that they want their network operations tools to collect and analyze data that the cloud provides. Cool. Yeah. So Kentik supports cloud visibility in a first cast way. So we've been working very hard to add AWS, GCP, Azure, and IBM Cloud into our product. Of course, many of our customers are in the cloud or headed there, as Seamus mentioned. So we support collecting this traffic, and one of the cool things is that we provide out of the box enhancements to that traffic data to identify VM IDs, instance types, subnets, regions, zones, and many others. It just allows you to slice and dice that data to understand what is happening. We also feature our cloud data in our hybrid topology visualization. And we're seeing so much more demand in this area, and it's a big growth area for Kentik. So, we're really gonna up our game here and add more cloud native support in twenty twenty one. But just talking about the legacy part of your findings, Seamus, What I found, and I don't know if you've found this information as well, is that the legacy systems have a hard time dealing with spinning up five hundred VMs in the cloud, and it's hard for them to deal with that ephemeral nature in the cloud, and that's the kind of thing that we've been seeing from our customers in supporting that legacy in cloud data. The other thing is finding that cloud data next to your network traffic data or your other data sources. The legacy systems tend to have separate products to support networking or cloud or even synthetics, which a lot You have to look at three different tools to understand what's happening. So our customers really resonate with the idea that we see they can see their data end to end. Yeah. Yeah. We find overall that network operations teams struggle to consolidate operational tool stacks just because they do have to collect so many different types of metrics from different places, and the cloud can be a complicating factor there that prevents them from having a unified end to end view of everything. So, yeah, it's my turn to talk a little bit more about Kentik, and that was probably a good segue to talk about our platform and what Kentik does. So, again, my name is Aaron Kugawa, I'm a Technical Product Manager here at Kentik, and I just wanted to give you a quick background on our company. So Kentik is the network observability company. So our platform helps you plan, run, fix any network. And one of the biggest distinguishing factors of Kentik is what I just alluded to in our last segment, was that we're a SaaS solution with a modern, highly scalable infrastructure. So our customers don't have to worry about scale or performance, we just deliver network observability to you. We're pretty new. We're a little more than six years old. We have more than two fifty of the largest customers in the world across many different network markets. We started in the service provider space, and many of the largest global network service providers are customers like Cogent or Telstra, and we quickly grew into content delivery networks like the Limelight, and also digital enterprises like Zoom and Verizon Media. But that's where we started, and it turns out, that our SaaS platform is perfect for other networks, from corporate IT to WAN to SD WAN, data centers, and of course, the cloud. Over the last several years, we've been working very hard to grow our network observability platform to support end to end monitoring, like we've been talking about. And this is a really strong differentiating factor for us. Next slide, please. So it also turns out that I'm the lead product manager of the Kentik platform, and it does lots of things, and I'm just gonna go over a few of our capabilities. Kentik collects network traffic, as you expect, performance data and metrics and metadata. Another distinguishing factor is that we automatically enrich that data with context from routing data, topology metadata, business context, and other feeds. We have advanced algorithms that are always running to find interesting and meaningful and impactful things in your data automatically for you. And we have advanced alerting capabilities and notifications and all the integrations that you would expect. Another thing that I've been highlighting, of course, is that we have a very flexible reporting system, reporting and dashboard system that allows you to slice and dice that data to find the problem, and then what is causing it. And then something that I'm really proud of is the modern SaaS platform that we have. We constantly improve our scalability and performance. We are delivering features continuously. We have a modern UI, a modern API, and all the integrations that are the latest and greatest. We're the very opposite of legacy tools, and then we're definitely very proud of that. Next slide please, Seamus. Since we've been talking about SD WAN, and this is the subject of the webinar here, I wanted to highlight what we do in SD WAN. So, Kentik is actually in partnership with many SD WAN vendors like Silver Peak and Cisco. We support SD WAN fields full stack. And so, here are just two displays of Silver Peak's underlay and overlay. And our customers tells us that Kentik enhances their management because we can provide longer term trends for capacity planning and identifying traffic patterns over time. We provide the ability to search and find specific causes of your policy problems. We also enable the audit of transport utilizations to make sure that you're getting what you paid for. And then something else is that we can trace that traffic end to end from your campus networks to SD WAN, to internal cloud or data source resources. Next slide, please. Right, and so our Synthetics and Traffic. So, we're really proud of this. Again, we launched it in the summer, we're seeing a lot of great traction here. And our monitoring utilizes private agents that can be deployed quickly and easily. We've created a large network of global agents that we strategically place all around the world, the important internet cities worldwide. And we've worked hard to actually install GoA agents into every single region of AWS, Google Cloud, Azure, and IBM Cloud. We provide a fully integrated network traffic analysis and synthetic performance analytics so that you know where your traffic is going and the performance that you're getting. Our goal here is to reduce MTTR, of course, and what we are really proud of is that we can monitor and troubleshoot network performance all in one place. And last slide, please. And this is the last slide. So, to wrap up, just wanted to summarize my take on Kentik's strengths in this area of operationalizing your WAN and SD WAN. I believe that our strengths are network observability. We can monitor applications and can integrate with vendor specific data. Can show user information from Palo Alto firewalls or business intent overlays from Silver Peak. We have a new product in Synthetics. We can see synthetic tests next to traffic data all in one product. We provide end to end monitoring. We can monitor your entire network and infrastructure, not just your WAN and SD WAN. And we have first class support for cloud traffic, there's more to come in twenty twenty one. And lastly, our modern SaaS platform. So our customers love that they can break out from legacy solutions. They love that they can rapidly expand their monitoring. Work from home wasn't a huge thing in the beginning of the year, but they can rapidly expand their monitoring without having to upgrade legacy on prem systems or buy new hardware or manage those systems, those legacy monitoring systems. So just to wrap up, our customers love our speed and our modern UI. And just to tie a bow on everything, just my final thoughts. You're probably using the Internet on your way at this point. You're probably connecting sites. You're probably connecting directly to the cloud through it and for some of your sites. You need to upgrade your tool set to operationalize your Internet Internet based connectivity, your hybrid WAN. Also, you're if you're not using SD WAN already, you're probably gonna be using it in the near future. Don't rely on the native SD WAN operational visibility that your vendor provides. It's it's solid. It may even be excellent, but it doesn't show you everything. So you need to work with your your tool vendors to make sure that you're, you know, getting you're fully capable of supporting a network that uses SD WAN. Get serious about the home office user. I think that's gonna be a big theme in twenty twenty one. Just trying to figure out how to make it possible for you to support good end user visibility when so many of your people are working from home, if not on a a full time basis, at least on a significant part time basis. And don't rely on your legacy monitoring tools in the cloud. I mean, five, six years ago, I asked every single network monitoring vendor in the world, what are you doing to support cloud? And about half of them said nothing because our our customers aren't asking for it. Well, you're probably asking for it now. And if you had a tool vendor that wasn't thinking about this five years ago, chances are they're not doing a very good job. So, you know, think about either placing those those laggards or pushing them hard to get get where they where you need to go. And with that, I wanna thank you for joining us today. And, Aaron, thanks to you for sharing your insights as well, and we'll see you again out there. So, hey, if you're interested in learning more about Kentik, go to w w w dot Kentik dot com or email us at info at Kentik dot com.