The intelligent network
At this point, the biggest challenge for every enterprise is to create an intelligent network – one that is able to leverage bandwidth and network resources to deliver traffic most efficiently. Part of the efficient management of traffic goes back to the trade-off between network costs and end user experience, and this is where application performance monitoring comes into place. With each application boasting its own architecture – either a monolithic stack hosted in the enterprise’s own data center or built on a distributed cloud architecture or simply delivered as a web application in a SaaS model, the application traffic has to be managed in ways that is optimized to its build, and also its criticality and performance requirements.
By monitoring application performance metrics, for example, average response times under peak load, transaction execution times and bandwidth consumption, enterprises are able to decide the best-suited traffic management policies for each application.
One of the most touted benefits of SD-WAN is the execution of network policies via dynamic provisioning of network services such as firewalls, load balancers and session controllers. Today, the use of virtualized Customer Premises Equipments (vCPE) and universal Customer Premises Equipments (uCPE) at branch nodes enable network services to be deployed as Virtualized Network Functions (VNFs) on Commercial Off-the-Shelf servers (COTs). With SD-WAN, centrally controlled orchestrators can now control these network functions remotely, allowing network services to respond instantaneously to the type of application that is being delivered.
The need for application awareness
However, to respond to the demands of the traffic and dynamically provision network services by application types, networks require application awareness. Identifying an application, its attribute or its application family allows networks to enforce corresponding policies. Over time, the use of Artificial Intelligence (AI) and Machine Learning (ML) will allow automated responses to traffic types based on past responses to different applications and security threats.
While this may sound straightforward in theory, the implementation is beset with a myriad of new challenges. On one hand, there is a continuous rise in the number of applications, their intensity of use and the change in their security vulnerabilities. On the other hand, enterprise networks are expanding to cover 5G network slices and IoT networks with 10G Ethernet connectivity becoming a viable offload option. Past policies built on outdated network data are losing relevance in the face of surges in usage of specific applications and with an emerging breed of cybersecurity threats such as deepfakes, phishing and AI-enhanced cyberattacks.
This is where deep packet inspection (DPI) technology such as R&S®PACE 2 comes into play. DPI analyzes IP traffic in real-time, extracts content and metadata and classifies applications. With a constantly updated library of traffic signatures, networks are able to embed intelligence at both traffic and application layers to identify the type of traffic traversing their networks and institute the right policies. Matching types of applications to the network conditions and overlaying this on all available network options and resources enables enterprises to steer each application in the most efficient way. Just recently, a leading Indian cybersecurity provider, Nubewell, developed a Smart SD-WAN that builds on the network analytics, traffic management and traffic monitoring provided by our DPI software R&S®PACE 2 to enforce enterprises’ security policies and prevent any network misuse resulting from obfuscation. With accurate high-speed DPI-based classifications as well as weekly signature updates from Rohde & Schwarz, Nubewell’s entry to the SD-WAN market was swift, secure and successful. To find out more, download our case study with Nubewell.
In the aftermath of the pandemic, traffic and application awareness will become an indispensable feature within SD-WAN as enterprises grapple with thousands of users trying to access thousands of applications from dispersed locations on various devices and connectivity. Prioritization of business-critical applications and applications that are latency-sensitive over regular file backups and email applications, as well as the continuous optimization of networks will become an essential part of IT teams’ daily routine. This in turn will lead to an increasing demand for SD-WAN solutions with embedded intelligence, and that are able to provide visibility and real-time analytics on both application and network performance. At the end of the day, the collective experience on each application is what determines the overall verdict of both internal and external users on the ability of the enterprise to deliver on its promise.
Download our whitepaper: SD-WAN and DPI – A powerful combination
Download our customer case study: SD-WAN application security through DPI
1. Are You Part of the 4 Comma Club? (https://www.infinera.com/blog/...)
2. Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17% in 2020 (https://www.gartner.com/en/new...)
3. State of the SaaS-Powered Workplace (https://www.bettercloud.com/mo...)
4. Remote work trend report: meetings (https://www.microsoft.com/en-us/microsoft-365/blog/2020/04/09/remote-work-trend-report-meetings)