Enhancing network visibility for SD-WAN in the era of cloud and SaaS

John Hallett portrait

by John Hallett
published on: 25.08.2020

Reading time: ( words)
Categories: Cloud visibility, SD-WAN

As COVID-19 continues to plague all crevices and corners of the world, people have turned to social media, gaming, OTT video and even collaborative workout apps to maintain some sort of social interaction and normalcy in their lives. According to Infinera, Facebook’s daily website traffic has increased by 27%, the number of WhatsApp calls and messages have doubled and on one occasion, 50,000 years of content had been streamed by Americans in just one day1.

It’s not just social interaction that’s gone online, working from home has also soared in popularity as lockdowns and health concerns make it nearly impossible for enterprises to host all their employees in central offices. This took place just as enterprises were intensifying the shift to cloud platforms and Software-as-a-Service (SaaS), a move which saw enterprise applications for conferencing, messaging, emailing, accounting, customer relationship management, database management and much more being delivered from the web.

The shift to Cloud and SaaS

Cloud platforms such as Google Cloud Platform Compute Engine, Google Cloud Storage, Microsoft Azure and IBM Cloud are computing infrastructures managed virtually, on which enterprises can configure and run their own operating systems, middleware, and applications. According to Gartner, Infrastructure-as-a-Service (IaaS) is forecast to grow 24% year over year to USD 74.1 billion in 20222 and this can be attributed to the fact that IaaS is scalable on-demand, cost efficient, secure and reduces the time taken to deploy apps or services.

SaaS is software that is centrally hosted, rented out to enterprises for a monthly or annual subscription fee and is often multi-tenanted. According to BetterCloud, 78% of organizations expect nearly all their apps to be SaaS by 20223. As an example, many enterprises have moved from legacy on-premise internal communication systems such as Oracle Beehive and IBM MQ to either their SaaS counterparts such as IBM MQ on Cloud or to more recently released applications such as Zoom, Skype for Business and Microsoft Teams. As of April 9 this year, Microsoft Teams had a new daily record of 2.7 billion meeting minutes in one day, a 200 percent increase from 900 million on March 164. Total video calls on the platform had grown by over 1,000 percent in the same month, indicating a rising preference among enterprises.

Such a major shift in how enterprises now manage and deliver their business applications has created new demands on enterprise networks, pushing for Software Defined Wide Area Network (SD-WAN). An SD-WAN is essentially a software-controlled, responsive, flexible WAN, aggregating and delivering bandwidth using multiple transport modes including MPLS, broadband/ Internet, 4G/5G and even satellite.

With enterprises now largely dependent on Cloud and SaaS applications, SD-WAN offers path optimization that allows efficient management of network traffic. So for example, an HSBC employee connecting to HSBC’s apps on Google Cloud Platform or processing data with an API provided by Google Apps, will no longer be clogging the dedicated MPLS lines backhauling to the enterprise secured data center, but will have their traffic routed securely to the Internet through centrally controlled firewalls at the branch node.

The intelligent network

At this point, the biggest challenge for every enterprise is to create an intelligent network – one that is able to leverage bandwidth and network resources to deliver traffic most efficiently. Part of the efficient management of traffic goes back to the trade-off between network costs and end user experience, and this is where application performance monitoring comes into place. With each application boasting its own architecture – either a monolithic stack hosted in the enterprise’s own data center or built on a distributed cloud architecture or simply delivered as a web application in a SaaS model, the application traffic has to be managed in ways that is optimized to its build, and also its criticality and performance requirements. By monitoring application performance metrics, for example, average response times under peak load, transaction execution times and bandwidth consumption, enterprises are able to decide the best-suited traffic management policies for each application.

One of the most touted benefits of SD-WAN is the execution of network policies via dynamic provisioning of network services such as firewalls, load balancers and session controllers. Today, the use of virtualized Customer Premises Equipments (vCPE) and universal Customer Premises Equipments (uCPE) at branch nodes enable network services to be deployed as Virtualized Network Functions (VNFs) on Commercial Off-the-Shelf servers (COTs). With SD-WAN, centrally controlled orchestrators can now control these network functions remotely, allowing network services to respond instantaneously to the type of application that is being delivered.

The need for application awareness

However, to respond to the demands of the traffic and dynamically provision network services by application types, networks require application awareness. Identifying an application, its attribute or its application family allows networks to enforce corresponding policies. Over time, the use of Artificial Intelligence (AI) and Machine Learning (ML) will allow automated responses to traffic types based on past responses to different applications and security threats.

While this may sound straightforward in theory, the implementation is beset with a myriad of new challenges. On one hand, there is a continuous rise in the number of applications, their intensity of use and the change in their security vulnerabilities. On the other hand, enterprise networks are expanding to cover 5G network slices and IoT networks with 10G Ethernet connectivity becoming a viable offload option. Past policies built on outdated network data are losing relevance in the face of surges in usage of specific applications and with an emerging breed of cybersecurity threats such as deepfakes, phishing and AI-enhanced cyberattacks.

This is where deep packet inspection (DPI) technology such as R&S®PACE 2 comes into play. DPI analyzes IP traffic in real-time, extracts content and metadata and classifies applications. With a constantly updated library of traffic signatures, networks are able to embed intelligence at both traffic and application layers to identify the type of traffic traversing their networks and institute the right policies. Matching types of applications to the network conditions and overlaying this on all available network options and resources enables enterprises to steer each application in the most efficient way. Just recently, a leading Indian cybersecurity provider, Nubewell, developed a Smart SD-WAN that builds on the network analytics, traffic management and traffic monitoring provided by our DPI software R&S®PACE 2 to enforce enterprises’ security policies and prevent any network misuse resulting from obfuscation. With accurate high-speed DPI-based classifications as well as weekly signature updates from Rohde & Schwarz, Nubewell’s entry to the SD-WAN market was swift, secure and successful. To find out more, download our case study with Nubewell.

In the aftermath of the pandemic, traffic and application awareness will become an indispensable feature within SD-WAN as enterprises grapple with thousands of users trying to access thousands of applications from dispersed locations on various devices and connectivity. Prioritization of business-critical applications and applications that are latency-sensitive over regular file backups and email applications, as well as the continuous optimization of networks will become an essential part of IT teams’ daily routine. This in turn will lead to an increasing demand for SD-WAN solutions with embedded intelligence, and that are able to provide visibility and real-time analytics on both application and network performance. At the end of the day, the collective experience on each application is what determines the overall verdict of both internal and external users on the ability of the enterprise to deliver on its promise.

Download our whitepaper: SD-WAN and DPI – A powerful combination

Download our customer case study: SD-WAN application security through DPI


1. Are You Part of the 4 Comma Club? (https://www.infinera.com/blog/...)

2. Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17% in 2020 (https://www.gartner.com/en/new...)

3. State of the SaaS-Powered Workplace (https://www.bettercloud.com/mo...)

4. Remote work trend report: meetings (https://www.microsoft.com/en-us/microsoft-365/blog/2020/04/09/remote-work-trend-report-meetings)

ipoque blog - discover the latest news and trends in IP network analytics

Sign up for our newsletter

Stay informed about the latest news and insights from ipoque

John Hallett portrait

John Hallett

Contact me on LinkedIn

John is a customer-centric thinker, leveraging ipoque’s DPI expertise and resources to plan for and create value-based solutions to meet customer’s needs and help clients to succeed in their business goals.

With over 20 years of experience as an account director and business development manager across multiple market sectors with varying technological requirements, John joined ipoque in 2013 to focus on DPI technology. He is passionate about identifying, developing and executing growth opportunities within the cybersecurity, enterprise and telecoms market. Traveling, history, cooking the best Italian lasagne and his family fulfill his passion besides working at ipoque.

Email: john.hallett@rohde-schwarz.com