How to Monitor SD-WAN Networks: Mastering SD-WAN Network Monitoring

With the increasing use of cloud-based applications, businesses are more reliant than ever on the Internet to deliver WAN traffic. As a result, they’re migrating from MPLS networks to hybrid WAN architectures and SD-WAN technology. Keep reading to learn how to monitor SD-WAN networks with Network Monitoring to identify issues that native SD-WAN monitoring features often miss.

This article is part of a series of articles about continuously monitoring SD-WAN networks before, during, and after migrations. The articles include:

• How to Monitor SD-WAN Migrations
• How to Monitor MPLS to SD-WAN Migrations
• How to Monitor SD-WAN Networks (this article)
• SD-WAN Troubleshooting
• Common SD-WAN Issues

SD-WAN stands for Software-Defined Wide Area Networking. It is a technology that simplifies the management and operation of a wide area network (WAN) by separating the network hardware from its control mechanism.

In traditional WAN architectures, multiple branch offices or remote locations are connected to a central data center using dedicated private networks or leased lines. Managing such networks can be complex, expensive, and time-consuming. SD-WAN addresses these challenges by providing a more flexible and cost-effective approach to connecting and managing geographically dispersed locations.

SD-WAN uses software-defined networking principles to abstract the control plane from the underlying network infrastructure. It enables the centralization and automation of network management, allowing administrators to define and manage network policies from a centralized controller. This controller can dynamically route network traffic across various connections, including MPLS, broadband internet, 4G/5G, or satellite links, based on the application requirements, network conditions, and security policies.

SD-WAN monitoring plays a vital role in ensuring the optimal performance, security, and reliability of Software-Defined Wide Area Networks (SD-WAN). By monitoring the network infrastructure, administrators gain real-time visibility into network behavior, performance metrics, and security events. This visibility enables organizations to proactively address issues, optimize network resources, troubleshoot problems, and ensure compliance with industry standards.

Monitoring SD-WAN network performance is crucial for several reasons:

• Performance optimization: SD-WAN monitoring allows organizations to gain visibility into the performance of their network and applications. By monitoring network traffic, latency, packet loss, and other performance metrics, administrators can identify bottlenecks, diagnose issues, and take proactive measures to optimize performance. It helps ensure that critical applications receive the necessary bandwidth and quality of service (QoS) while identifying and resolving any performance degradation that may impact user experience.
• Troubleshooting and issue resolution: Monitoring SD-WAN infrastructure provides real-time insights into network behavior and helps identify the root causes of issues. By monitoring network components, such as routers, switches, and links, administrators can quickly identify anomalies, diagnose problems, and initiate timely troubleshooting. This reduces downtime and minimizes the impact on business operations.
• Capacity planning and resource allocation: SD-WAN monitoring helps organizations understand network utilization and bandwidth requirements. By analyzing historical data and trends, administrators can identify peak usage periods, plan for capacity upgrades, and optimize resource allocation. It enables informed decision-making regarding network expansion, link provisioning, and bandwidth adjustments.
• Security monitoring: SD-WAN monitoring plays a crucial role in ensuring network security. By monitoring network traffic and security events, administrators can detect and respond to potential security threats in real-time. Monitoring helps identify unusual traffic patterns, unauthorized access attempts, or suspicious behavior, allowing for prompt remediation and strengthening of security measures.
• Compliance and reporting: Many organizations have compliance requirements that necessitate monitoring and reporting on network performance and security. SD-WAN monitoring provides the necessary data to generate reports, track compliance, and demonstrate adherence to industry standards or regulatory obligations.
• SLA management: If an organization has service level agreements (SLAs) with its network service providers, SD-WAN monitoring becomes essential for measuring and verifying service performance against agreed-upon benchmarks. It allows organizations to ensure that SLA commitments are met and provides the data required for service-level reporting and dispute resolution.

Overall, SD-WAN monitoring is important for maintaining network performance, identifying and resolving issues, optimizing resource allocation, ensuring security, and meeting compliance and SLA requirements. It provides the necessary visibility and insights to effectively manage and maintain an SD-WAN infrastructure, delivering a reliable and high-performing network for the organization's operations.

Many businesses lack visibility of their SD-WAN network. Vendors often exaggerate the promises of the network and application monitoring capabilities of their SD-WAN solutions, however, most solutions don’t offer the depth and visibility needed for monitoring modern WAN networks.

In reality, 75% of IT professionals have significant challenges with the native monitoring features of their SD-WAN services.

Additionally, there are few monitoring tools that can truly monitor SD-WAN network performance from the user perspective, which is extremely important to understand if your SD-WAN service is performing as promised.

That’s why we’re running you through how to monitor SD-WAN network performance using modern decentralized network monitoring solutions, like Obkio.

In addition, if you're migrating to an SD-WAN network, it’s important to deploy your monitoring solution before the migration so you can compare the performance before and after the migration. Check out our article about How to Monitor SD-WAN Migrations for more detail about how to set that up!

How to Monitor SD-WAN Migrations

Learn how to monitor SD-WAN migrations with Network Monitoring for complete visibility over your SD-WAN service, before, after & during migrations.

Learn more

Monitoring SD-WAN networks with dedicated network monitoring tools offers several benefits compared to relying solely on SD-WAN native monitoring features. Here are some advantages:

• Comprehensive Visibility: Network monitoring tools provide a holistic view of the entire network infrastructure, including both SD-WAN and non-SD-WAN components. They offer a unified dashboard that consolidates data from various network devices, protocols, and vendors. This comprehensive visibility allows administrators to monitor the entire network ecosystem, detect issues that may impact SD-WAN performance, and troubleshoot problems effectively.
• Multi-Vendor Support: Network monitoring tools typically support a wide range of network devices and vendors. This flexibility enables organizations to monitor SD-WAN deployments that incorporate equipment from different manufacturers. Native SD-WAN monitoring features, on the other hand, may be limited to specific vendors' offerings. With network monitoring tools, organizations can achieve consistent monitoring across their entire network infrastructure, regardless of vendor diversity.
• Advanced Analytics and Reporting: Network monitoring tools often include advanced analytics capabilities to process and analyze network data. They can generate comprehensive reports, visualize network performance metrics, and provide insights into network behavior over time. These analytics features help administrators identify trends, anticipate issues, and make data-driven decisions for optimizing SD-WAN performance. Native SD-WAN monitoring features may not offer the same level of analytics and reporting capabilities.
• Customization and Alerting: Network monitoring tools allow administrators to customize monitoring thresholds, set up alerts, and define specific monitoring parameters based on their organization's needs. This flexibility ensures that administrators receive timely notifications when critical network metrics deviate from desired levels. Native SD-WAN monitoring features may have limited customization options and may not provide the same level of flexibility in terms of configuring alerts and notifications.
• Future-Proofing: Network monitoring tools are often designed to adapt to evolving technologies and network architectures. They can support the monitoring requirements of both traditional networks and newer technologies. By utilizing such tools, organizations can future-proof their monitoring capabilities and ensure they can effectively monitor SD-WAN networks as they evolve and incorporate new features and functionalities.

To monitor SD-WAN networks, you need a modern solution that monitors end-to-end network performance to identify network problems before and after your SD-WAN network is in place. Traditional monitoring solutions that focus on your device won’t give you real insight into your network’s performance.

A tool like Obkio Network Performance Monitoring software continuously monitors end-to-end network performance with synthetic traffic using Network Monitoring Agents.

• Monitoring Sessions measure network performance between any two points in your network.
• Performance Metrics provide vital data on the health of your network.
• Dynamic Thresholds trigger alerts for latency, jitter, packet loss, packet reordering & packet duplication, MOS score.
• Proactive Alerts identify events that affect network quality before they affect end-user experience.
• Smart Notifications reduce notification overload and emphasize important events.

Obkio’s Network Monitoring Agents are a unique software deployed in key network locations to monitor your SD-WAN network locations and Internet performance, measure network metrics (latency, jitter, packet loss), and alert you about SD-WAN issues in your network.

They create Monitoring Sessions and use synthetic UDP traffic for decentralized network monitoring from the source (your computer or your office) up to the destination (another office, datacenter or clouds).

Here’s what the set-up looks like:

To achieve the level depth required to monitor SD-WAN networks, you need to install Network Monitoring Agents in the customer LAN, behind the SD-WAN appliance, to measure SD-WAN network performance like an end-user.

You need:

• 1 Local Agent per network location (data centers, remote offices etc.)
• 3 Public Monitoring Agents to monitor the Internet

The Agents then create Monitoring Sessions by exchanging synthetic UDP packets between every 2 sets of Agents to measure performance metrics and raise alerts for when network issues are detected.

In the following screenshot shows, you can see an Obkio Chord Diagram with Agents monitoring the performance of:

• ISP-1: A UDP flow from Branch 5 sticky on the first Internet connection
• ISP-2: A UDP flow from Branch 5 sticky on the secondary Internet connection
• SD-WAN Internet: UDP flows load balanced across the two Internet links following the SD-WAN algorithm
• 8 Remote Branches
• 2 Data Centers

To be able to truly see the performance, and SLA or promise, of your SD-WAN network, you need to monitor performance from the end-user perspective, as well as the underlay connections themself to compare the performance.

Luckily Obkio can monitor SD-WAN network performance like an end-user and can also monitor each connection used by the SD-WAN appliance.

For example, the following screenshot shows a dashboard with three network monitoring sessions. The monitoring sessions are configured between:

• A local Monitoring Agent behind the SD-WAN appliance
• And three remote Monitoring Agents that are located at the same location (either cloud, datacenter or head office)

The three network monitoring sessions monitor the network performance between the two locations using different connections:

• The performance as seen by the end-user (load balanced between the connection using the SD-WAN algorithm) - top graph
• The performance of the ISP A connection - middle graph
• The performance of the ISP B connection - bottom graph

This setup is used by many of our customers using SD-WAN technologies. This way, they are able to confirm the real network performance of the end-users traffic and also monitor each ISP connection. In that example, the top graph is the real network performance for the branch end-users. There are 3 connection changes in that example:

• A bit after 18:00: congestion on ISP A, failover to ISP B after a few seconds;
• Around 18:20: congestion disappear, back to ISP A;
• A bit before 20:00: packet loss and higher latency/jitter on ISP A, failover to ISP B.

The SD-WAN underlay represents the underlying physical network that carries the SD-WAN traffic between different locations, such as branch offices, data centers, and cloud resources. When you're monitoring your SD-WAN network performance, you can't forget the importance of monitoring the SD-WAN underlay. When you're monitoring your SD-WAN network performance, you can't forget the importance of monitoring the SD-WAN underlay.

SD-WAN underlay monitoring refers to the process of monitoring the physical network infrastructure that forms the foundation of the SD-WAN deployment. It is crucial for the efficient functioning and optimal performance of an SD-WAN solution. It involves the continuous monitoring and assessment of various network parameters, such as:

• Link Performance: Monitoring the performance metrics of individual links (like latency, packet loss, and bandwidth utilization) that make up the SD-WAN network.
• Path Selection: Analyzing the available paths between different locations and selecting the most appropriate one based on real-time performance characteristics.
• Network Health: Ensuring the overall health and availability of the network components, including routers, switches, and other networking devices.
• Quality of Service (QoS): Monitoring and managing QoS parameters to prioritize critical applications and ensure they receive sufficient bandwidth and low latency.
• Traffic Engineering: Optimizing traffic routing and load balancing to ensure efficient utilization of network resources and avoid congestion.
• Network Security: Monitoring for any security threats or anomalies that might affect the underlay network and subsequently the SD-WAN traffic.

SD-WAN underlay monitoring, using Obkio's end-to-end Network Monitoring tool, helps network administrators identify and address potential issues proactively. By gathering and analyzing real-time data, they can make informed decisions to improve the performance, stability, and reliability of the SD-WAN deployment.

Analyzing historical performance data is key to understanding the effect of SD-WAN services on your network.

That’s why Obkio also measures and collects historical network performance data, so you can analyze, compare, and troubleshoot performance from the past and compare performance as you use your SD-WAN network over-time.

Analyzing historical data allows you to go back in time to identify intermittent network problems that may look like they disappeared.

How to Detect and Identify Intermittent Network Problems

Learn how to detect intermittent network problems to troubleshoot performance issues that are hard to catch with Obkio Network Monitoring software.

Learn more

1. Baseline Establishment: By analyzing historical performance data, you can establish a baseline for network performance before implementing SD-WAN services. This baseline helps you understand the pre-SD-WAN network behavior, including factors like latency, packet loss, and bandwidth utilization. It serves as a reference point for evaluating the effectiveness of SD-WAN in improving network performance.
2. Performance Comparison: Historical performance data enables you to compare network performance before and after implementing SD-WAN. By analyzing metrics such as application response times, throughput, and jitter, you can determine how SD-WAN services have impacted your network's performance. This comparison helps validate the effectiveness of SD-WAN deployment and identify areas where further optimization may be required.
3. Identifying Performance Patterns: Analyzing historical data allows you to identify performance patterns over time. You can observe trends, seasonal variations, and peak usage periods that impact network performance. This knowledge helps in capacity planning, resource allocation, and optimizing SD-WAN policies to meet performance demands during high-traffic periods.
4. Troubleshooting and Root Cause Analysis: Historical performance data serves as a valuable resource for troubleshooting network issues and conducting root cause analysis. By correlating historical data with specific incidents or performance anomalies, you can identify patterns and potential causes of network problems. This insight helps in resolving issues faster and implementing preventive measures to mitigate similar problems in the future.
5. Performance Optimization: Historical data analysis provides insights into areas where network performance can be further optimized. By identifying underutilized or congested links, you can fine-tune SD-WAN policies, adjust bandwidth allocations, and optimize traffic routing. It helps you make informed decisions regarding network resource allocation and optimization strategies to enhance overall performance.
6. Capacity Planning: Understanding the effect of SD-WAN services on network performance through historical data analysis aids in capacity planning. By examining historical trends and growth patterns, you can anticipate future network requirements, plan for network expansion, and ensure sufficient bandwidth and resources to accommodate increasing traffic and application demands.
7. Decision-Making and Performance Reporting: Historical performance data provides a factual basis for decision-making and performance reporting. It enables you to present accurate information on the impact of SD-WAN services to stakeholders, justify investment decisions, and demonstrate the value delivered by SD-WAN in terms of improved network performance and user experience.

You can now use all the data you’ve collected to actually identify network problems related to your SD-WAN network and collect the information you’ll use to troubleshoot.

Analyze the information Obkio collects related to your SD-WAN network performance to identify:

• What the problem is
• Where the problem is located
• What caused the problem
• When the problem happened
• Who is responsible for the network segment

In the screenshot below, we see an SD-WAN dashboard for Branch 10 which shows two events:

• One live
• One in the past

ISP-1 of Branch 10 is experiencing poor performance with significant spikes in packet loss, latency and jitter, but ISP-2 shows a very different situation.

The Internet SD-WAN graph shows the performance of the branch’s users connecting to the Internet:

• The SD-WAN edge is sticking to ISP-1 even though it should failover ISP-2, which shows much less packet loss, latency and jitter.
• The VPN traffic towards the data centers is also sticking on ISP-1.

This is an example of an SD-WAN fabric that is not performance-based and will only switch over in case of complete failure on an Internet link. This is very problematic for voice and video applications that can’t rely solely on up and down routing decisions.

SD-WAN networks can experience various network issues that can impact their performance and reliability. Some common network issues affecting SD-WAN networks include:

1. Packet Loss: Packet loss occurs when network packets fail to reach their destination. It can be caused by network congestion, high latency, faulty network equipment, or unreliable links. Packet loss affects application performance, voice and video quality, and overall user experience.
2. Latency: Latency refers to the delay in data transmission between source and destination. High latency can result from long physical distances, network congestion, or inefficient routing. In SD-WAN networks, latency can affect application response times, especially for real-time applications like VoIP or video conferencing.
3. Link Instability: SD-WAN networks often utilize multiple WAN links, including MPLS, broadband internet, or wireless connections. Link instability can occur due to link failures, intermittent connectivity, or fluctuating bandwidth. Unstable links impact the overall network reliability and can disrupt application performance.
4. Out-of-Sequence Packets: Out-of-sequence packets occur when network packets arrive at the destination out of order. This can lead to retransmissions and delays in assembling data, negatively affecting application performance. Out-of-sequence packets can be caused by network congestion, packet reordering in SD-WAN tunnels, or improper packet handling by network devices.
5. Jitter: Jitter refers to the variation in packet delay, resulting in uneven packet arrival times. Jitter can be caused by network congestion, varying link quality, or improper buffering. In SD-WAN networks, jitter can disrupt real-time applications and voice/video communications, leading to poor audio/video quality and interruptions.
6. Security Threats: SD-WAN networks face security threats like any other network. These include unauthorized access attempts, distributed denial-of-service (DDoS) attacks, malware, and data breaches. Inadequate security measures, misconfigurations, or vulnerabilities in SD-WAN devices can expose the network to these threats, compromising data integrity and network performance.
7. Application Performance Variations: SD-WAN networks prioritize application traffic based on policies and QoS settings. However, application performance variations can occur due to policy misconfigurations, incorrect classification of traffic, or suboptimal routing decisions. Such issues can result in inconsistent application performance and may require fine-tuning of SD-WAN policies.
8. Configuration Errors: Incorrect configuration of SD-WAN devices or policies can lead to network issues. Misconfigured routing, QoS settings, or security policies can impact network performance and introduce vulnerabilities. Regular auditing and verification of configurations are necessary to avoid such issues.
9. Vendor Interoperability: SD-WAN solutions may involve equipment from different vendors. Interoperability issues between different vendor solutions can arise, leading to connectivity problems, protocol inconsistencies, or reduced functionality. Ensuring compatibility and proper integration between different vendor solutions is crucial to avoid such issues.
10. Management Complexity: SD-WAN networks introduce additional complexity in terms of managing multiple WAN links, policies, and configurations. Without effective management practices and tools, network administrators may face challenges in monitoring, troubleshooting, and maintaining the SD-WAN environment, resulting in performance issues and downtime.

Once you’ve identified any network problems affecting your SD-WAN network, a great monitoring solution will also allow you to collect the data you need to troubleshoot these network problems.

Check out our article on SD-WAN Troubleshooting for the next step:

SD-WAN Troubleshooting: How to Troubleshoot SD-WAN Networks

Learn how to troubleshoot SD-WAN issues using Obkio Network Monitoring software and key SD-WAN troubleshooting steps.

Learn more

When monitoring an SD-WAN network, it is essential to focus on several key components to ensure optimal performance and reliability. Here are some of the most important parts of an SD-WAN network to monitor:

1. WAN Links: Monitoring the performance and availability of WAN links is crucial in an SD-WAN network. This includes monitoring metrics such as link utilization, latency, packet loss, and jitter. Monitoring WAN links helps identify congestion, link failures, or performance issues that may affect overall network performance and the quality of applications running over the network.
2. Application Performance: Monitoring application performance is vital to ensure that critical applications meet performance requirements and deliver a satisfactory user experience. It involves tracking metrics such as response times, throughput, and availability of specific applications. By monitoring application performance, organizations can detect bottlenecks, identify potential issues, and optimize application delivery in the SD-WAN environment.
3. Network Traffic and Bandwidth Usage: Monitoring network traffic and bandwidth usage provides insights into how network resources are being utilized. It helps identify bandwidth-intensive applications, peak usage periods, or excessive traffic patterns that may impact network performance or violate service level agreements (SLAs). By monitoring network traffic, administrators can optimize traffic routing, allocate bandwidth appropriately, and ensure efficient resource utilization.
4. Quality of Service (QoS) Policies: Monitoring the effectiveness of QoS policies in an SD-WAN network is essential to ensure that critical applications receive the required priority and resources. It involves monitoring QoS parameters such as application prioritization, bandwidth allocations, and traffic shaping. By monitoring QoS policies, organizations can verify that the intended traffic prioritization and resource allocations are being enforced correctly.
5. SD-WAN Device Health and Performance: Monitoring the health and performance of SD-WAN devices, such as edge routers, gateways, or controllers, is vital for overall network management. This includes monitoring device status, CPU and memory utilization, firmware versions, and device connectivity. Network Device Monitoring helps detect hardware failures, software issues, or configuration errors that may impact network performance and availability.
6. Service Level Agreement (SLA) Compliance: Monitoring SLA compliance allows organizations to ensure that service providers meet their agreed-upon performance levels. It involves monitoring key SLA metrics, such as link uptime, latency, packet loss, and availability. With SLA monitoring, organizations can hold service providers accountable, address performance gaps, and negotiate appropriate remedies when SLAs are not met.

These are some of the critical components to monitor in an SD-WAN network. However, the specific areas of focus may vary depending on the organization's priorities, network requirements, and business objectives. It's important to establish monitoring practices that align with the organization's unique needs and continuously adapt them as the network evolves.

Vendor neutrality is a critical factor to consider when choosing a monitoring tool for SD-WAN networks. It ensures that the tool can seamlessly integrate with and support multiple vendors' equipment, offering consistent monitoring capabilities across the entire network infrastructure.

With an end-to-end network monitoring tool like Obkio, you can monitor the performance of your SD-WAN network, no matter who your vendor is! Monitor all SD-WAN networks like:

• Fortinet SD-WAN
• Cisco SD-WAN
• Fortigate SD-WAN
• Viptela SD-WAN
• Velocloud SD-WAN

Here's why vendor neutrality is highly important when selecting a tool to monitor SD-WAN networks:

• Multi-Vendor Environment: Many organizations have a heterogeneous network environment, utilizing networking equipment and solutions from various vendors. In SD-WAN deployments, this can include different SD-WAN vendors, routers, switches, and other network devices. A vendor-neutral monitoring tool can seamlessly integrate with and support multiple vendors' equipment, providing consistent monitoring capabilities across the entire network infrastructure.
• Flexibility and Scalability: Vendor-neutral monitoring tools offer flexibility and scalability to adapt to changing network requirements and future expansions. As organizations grow and evolve, they may introduce new vendors, technologies, or network devices. A vendor-neutral tool can accommodate these changes without requiring a complete overhaul of the monitoring system, providing scalability and cost-efficiency.
• Avoiding Vendor Lock-In: Vendor lock-in occurs when an organization becomes dependent on a specific vendor's solutions and finds it challenging to switch or integrate other products. By choosing a vendor-neutral monitoring tool, organizations can avoid being locked into a single vendor's ecosystem. This independence allows for freedom of choice and the ability to select the most suitable networking solutions without constraints.
• Interoperability and Integration: Vendor-neutral monitoring tools typically offer better interoperability and integration capabilities with various systems and platforms. They can integrate with other IT management tools such as ticketing systems, configuration management databases (CMDBs), or security information and event management (SIEM) systems. This integration streamlines workflows, enhances collaboration among IT teams, and facilitates centralized management and reporting.
• Reduced Complexity and Cost: Implementing a vendor-neutral monitoring tool simplifies the overall network management and monitoring landscape. It eliminates the need for multiple monitoring tools specific to each vendor, reducing complexity and operational costs associated with managing separate monitoring solutions. Additionally, a single vendor-neutral tool allows for centralized monitoring, reporting, and troubleshooting across the entire SD-WAN infrastructure.
• Best-of-Breed Approach: Vendor neutrality enables organizations to adopt a best-of-breed approach by selecting the most suitable solutions from different vendors. This approach allows organizations to leverage the strengths of various vendors' offerings, choosing the best solution for each aspect of their network infrastructure. A vendor-neutral monitoring tool aligns with this approach, enabling organizations to select the most effective monitoring solution regardless of the SD-WAN vendor they choose.
• Future-Proofing: Vendor-neutral monitoring tools are designed to be adaptable and compatible with evolving technologies and network architectures. They are more likely to support new SD-WAN vendors, emerging protocols, or network innovations. By adopting a vendor-neutral approach, organizations ensure their monitoring capabilities can keep pace with industry advancements, allowing for future-proofing of their SD-WAN networks.

Are you using an SD-WAN network?

Network Monitoring is essential to understanding if you’re really getting what you paid for when you’re using a new SD-WAN service.

With so much reliance on SD-WAN services to deliver optimal Internet, cloud, and UC performance, it’s important to keep continuously monitoring your SD-WAN network with Obkio's SD-WAN Monitoring tool to proactively identify network problems and performance issues!

Put It to the Test: Trying Is the Ultimate Way to Learn!

Networks may be complex. But Obkio makes monitoring SD-WAN networks easy. Monitor, measure, pinpoint, troubleshoot, and solve SD-WAN problems in minutes.

• 14-day free trial of all premium features
• Deploy in just 10 minutes
• Monitor performance in all key network locations
• Measure real-time network metrics
• Identify and troubleshoot live network problems