Monitoring an SD-WAN installation

If you are considering a transition to SD-WAN or have already implemented an SD-WAN, AppNeta Performance Manager (APM) can answer questions that will help you to successfully manage your network. For example:

  • What apps are users actually using? (Usage)
  • How much bandwidth is being used by each app? (Usage)
  • Which users are consuming the most bandwidth? (Usage)
  • What sort of app performance are my users experiencing? (Experience)
  • What path is user-to-app traffic taking? (Delivery)
  • Are my service providers living up to their SLAs? (Delivery)
  • How do I determine where network problems are originating? (Delivery)

What does this guide cover?

  • The recommended approach to monitoring an SD-WAN installation with APM.
  • Where and how to deploy Monitoring Points.
  • How to configure the APM modules (Usage, Experience, and Delivery) to monitor an SD-WAN.
  • How to get notified when a network issue occurs.
  • How to gain insight into how your network is performing.

AppNeta recommends deploying Monitoring Points to remote office and Data Center locations and configuring them to provide visibility into remote site application usage, to emulate users accessing priority apps through the SD-WAN, and to monitor the health of both the overlay network (through the SD-WAN) and the underlay network (the network used by the SD-WAN).

Network diagram showing a Monitoring Point and an SD-WAN device in a remote office and in a Data Center with network paths used to measure app performance as well as overlay and underlay network performance.

In this example, end user experience over the SD-WAN is measured using web paths (Experience monitoring) to a SaaS application (P1) and an Enterprise Web Application (P2). The network health through the SD-WAN is measured using (auto-created) single-ended network paths (Delivery monitoring) to these same targets. The health of the underlay network is measured through a dual-ended network path (P3) (Delivery monitoring) to the Data Center Monitoring Point via the underlying MPLS WAN.

Step 1: Deploy Monitoring Points

  1. Deploy Enterprise Monitoring Points (EMPs) in remote offices and in your Data Center(s) in order to monitor all sites.
  2. Connect each Monitoring Point to the same network subnet/segment as users in those locations in order to monitor from a user perspective. A Monitoring Point can be connected to multiple networks simultaneously if necessary (wired/wireless/VLAN using IPv4 or IPv6).
  3. Connect the Monitoring Point’s Usage monitoring port to a SPAN/mirror of the WAN traffic (prior to any NAT or encapsulation) at each location. The egress interface of the core switch is typically the best place for this. If a SPAN/mirror connection is not possible, connect the Monitoring Point inline.

Step 2: Understand WAN traffic

Usage monitoring is used to monitor WAN traffic to and from a site. It helps you to answer the questions:

  • What apps are users using?
  • How much bandwidth is devoted to each app?
  • Which users are consuming the most bandwidth?

This is particularly helpful prior to SD-WAN implementation to determine how best to use SD-WAN to route different traffic types and how best to size the WAN links it uses. For example, voice/video traffic over MPLS and all other traffic over the internet. It is also helpful to see the potentially different traffic profiles at each location in order to customize the SD-WAN solution at each location based on its needs.

Usage monitoring prerequisites

Monitoring Points deployed with capture interface(s) connected to switch ports that SPAN/mirror all WAN traffic.

Usage monitoring procedure

  1. Configure Traffic Direction by adding local subnet(s).
  2. Ensure Usage monitoring is running on the capture interfaces.
  3. Open the Top Applications chart for the Monitoring Point you are interested in.

Step 3: Emulate web app users

By emulating a user, Experience monitoring helps you answer the question:

  • What sort of app performance are my users experiencing?

It allows you to:

  • Monitor key applications to identify any issues affecting end user experience.
  • Use associated Delivery paths to see the overlay path taken for specific applications.
  • Compare user experience of app performance before and after SD-WAN transition.

Experience monitoring prerequisites

  • Monitoring Points deployed with interface(s) on the desired end-user subnets.
  • Important: Your SD-WAN must be configured to route Experience traffic (TCP port 443) and its associated Delivery traffic (ICMP and UDP) out the same interface. This allows you to see the path the Experience traffic takes using Delivery monitoring.

Experience monitoring procedure

Create a Web App Group for each web app you want to monitor.

  • Use the web app URL as the test target.
  • Add a Selenium workflow that accesses the web app. At a minimum, it should login to the web app.
  • Include at least one interface on each Monitoring Point as a test source.

Step 4: Monitor network health

When you set up Experience monitoring, single-ended network paths are automatically created for Delivery monitoring. These allow you to confirm that traffic is being routed as you expect (for example, over MPLS or over the internet). Delivery monitoring can also help you answer the questions:

  • Are my service providers living up to their SLAs?
  • How do I determine where network problems are originating?

It allows you to:

  • Monitor network performance between remote offices and the web apps you are using.
  • Monitor network performance between remote offices and the Data Center.
  • Monitor both overlay (over the SD-WAN) and underlay (outside the SD-WAN) networks.
  • Determine if there is an issue in your provider network (for example, MPLS) that is being masked by SD-WAN.

Delivery monitoring prerequisites

  • Monitoring Points deployed with interface(s) on the desired end-user subnets.
  • Important: SD-WAN must be configured to route traffic destined for the Data Center Monitoring Point over specific underlay paths based on traffic identifiers such as port, IP address, or QoS markings, and not via the overlay.

Delivery monitoring procedure

Create a Path Template Group to monitor the health of the underlay network.

  • Use the Data Center Monitoring Point IP address as the target.
  • Specify “Dual Ended” paths.
  • Add source interfaces from each remote office Monitoring Point (typically the “Auto” interface) to create paths.

Step 5: Set up alert notifications

Consider who will need to be notified in real time when issues are detected, what systems they use to manage alerts, and how to integrate AppNeta notifications with those systems. AppNeta Performance Manager supports notification via:

  • Email notification - Use this method if you don’t have any other event monitoring infrastructure or if you prefer email alerts. Set up using the Update Notification Options page.
  • Event integration - Use this method if you already have an event monitoring system in place. Integrate directly with that system via POSTs that contain JSON event payloads.
  • SNMP notifications - Use this method if you are integrating with an SNMP system. Set up using the Manage SNMP page.

Investigating alert notifications

When you receive alert notifications, use the following procedures to investigate the cause:

Step 6: Analyze monitoring results

You can configure Daily Status reports to be delivered for each of the following:

  • Usage monitoring - review site traffic to understand user and application bandwidth usage.
  • Experience monitoring - review user experience to apps being monitored.
  • Delivery monitoring - review overlay network health via single-ended paths to app targets and underlay network health via dual-ended paths to the Data Center Monitoring Point.

In addition, the Application Quality Report combines raw data and violations sourced from Experience and Delivery across a selection of applications, networks, and geographical locations to enable a high-level overview of the performance and trends over time. This report can scale up to span quarterly results and includes a one page summary aimed at an executive audience.