Top five challenges of managing sd-wan and wi-fi in the modern branch office

For enterprise IT teams today, meeting the connectivity demands of their organizations’ mobile-first employees and other users is an ongoing challenge. With more of their environments moving to the cloud, and with software-defined provisioning of virtualized network resources, the job of managing connectivity and access to network applications and services has grown a lot more complicated.

For teams tasked with handling those responsibilities for branch offices, that complexity can ratchet up significantly. Deploying new and complex network technologies at branches where there usually is little or no on-site IT support creates a whole range of challenges for enterprise networking teams.

To keep branch office users connected and productive, enterprise IT and NetOps teams are increasingly pursuing branch office modernization. In these initiatives, organizations entirely redesign their network infrastructures to match the mobile-first connectivity needs of their customers as well as their branch office employees.

The overall goal is to provide reliable, high-quality connectivity at branch offices so customers and staff have dependable access to applications and network services anywhere, any time and from any device.

Two technology mainstays that enterprises are now using in these projects are software-defined wide-area networks (SD-WANs) and next-generation Wi-Fi systems. While these technologies can deliver the needed connectivity, they both create network monitoring challenges which have slowed their adoption in years past. More recently, however, modern network monitoring
systems have emerged that have the capabilities required to address and overcome those issues.

This paper discusses the monitoring challenges that previously inhibited the use of SD-WAN and next-gen Wi-Fi for modernizing enterprises’ branch offices. It also describes the new class of modern network monitoring solutions and how their advanced capabilities, along with their speed, scale and flexibility, let enterprises get past the old monitoring problems and on
to successful branch office modernization.

Growing Market Traction for SD-WAN and Enterprise Wi-Fi

A recent Gartner report shed light on the growing popularity in the enterprise market of using SD-WANs to create better branch office connectivity while lowering costs. In its “5 Strategic Technologies” report Gartner analysts cite the abilities of SD-WANs to establish a simpler and more cost-effective branch office connectivity model that maps to modern applications and cloud architectures.

SD-WAN solutions offer a lighter-weight, more flexible and lower-cost alternative to traditional branch office connectivity. SD-WANs enable enterprises to shift more and more of their branch office WAN traffic to internet circuits, allowing them to lower their MPLS link costs. With centralized management, SD-WANs are also easier and simpler to operate. According to Gartner, that simplicity creates a wide range of benefits, including, for example, 50% or greater reductions in time required to manage WANs. Gartner underscores this point with a market statistic of its own: over 6,000 Gartner clients are deploying SD-WANs in their production networks.

A look at SD-WAN adoption across the broader market (beyond just branch office modernization) shows even more momentum. For example, an April 2019 Technology Spotlight report from IDC shows strong momentum in the enterprise space for SD-WAN. That report, which drew upon IDC’s annual Worldwide SD-WAN Survey, found that nearly 95% of the enterprises polled reported that they are already using SD-WAN or expect to be doing so within the next two years. This booming adoption was anticipated in IDC’s earlier forecast, which projected that this market will see a nearly 70% CAGR through 2021, when it will reach $8 billion. A more recent analyst report puts this market at $9 billion by 2021.

On the next-gen Wi-Fi front, enterprise adoption has also gained major momentum. One recent report from the research firm MarketsandMarkets projects that this market will reach $15.6 billion by 2022, at CAGR of over 21% during the forecast period. Major factors driving this adoption cited in the report include the growing prevalence of BYOD organizations (and, presumably, in their branch offices), and demand for reliable, high-quality Wi-Fi services requiring a ‘Wi-Fi first’ mentality, not the old ‘best efforts’ approach.

Given this momentum, both SD-WAN and next-gen Wi-Fi have clearly gone mainstream, and they’re showing up often in branch office modernization projects.

Technologies and Challenges Persist

Big changes in enterprise IT never happen overnight. Technologies that are deeply ingrained into companies’ operations live on seemingly forever (like that fax machine in the copy room). The operational challenges they create live on, too.

This is definitely the case with traditional WANs. Even as SD-WANs gain ground, traditional, MPLS-based WANs are still around. That means that lots of enterprises are presently managing both old and new WAN segments. To mitigate technology transition and business disruption risks, enterprises make these changes in measured, careful (and slow) ways. This slipstreaming of new technologies into the mix while still using old and familiar ones makes sense because it mitigates transition and business disruption risks.

These two-pronged strategies and dual deployments create obvious challenges for enterprise IT and NetOps teams. This includes the need for networking teams to create unified views of the disparate parts of their networks and do so quickly and accurately enough for those views to actually be useful.

Then, of course, teams have to grapple with the inherent complexities of their newly deployed, modern technologies.

The Top 5 Challenges Created by SD-WAN and Next-Gen Wi-Fi

Below are brief discussions of the ‘Top 5’ challenges that have held back broader adoption of SD-WAN and next-gen enterprise Wi-Fi. Also included are discussions of the specific ways modern network monitoring systems help enterprise IT and NetOps teams to overcome these operational hurdles.

1. Fixing Problems by Over-Provisioning, but Blowing Budgets

As enterprise connectivity models become more cloud-based, they get more complicated and difficult to monitor and manage - especially for team members without deep experience with cloud-based deployments. In outage or service degradation situations where there is tremendous pressure to address the problem, over-provisioning is a very tempting option. Even though they haven’t figured out exactly what’s going on or why it’s happening, they throw more cloud computing power at the problem and it recedes. Do that two or three times, and it probably won’t be an issue. But choose that option repeatedly, and networking teams watch their connectivity and cloud costs go through the roof.

With faster, more flexible and more scalable monitoring, along with fast and powerful analytics, teams can spot issues before they build into user-impacting episodes. They can also diagnose issues and problems more accurately and remediate them more effectively. All of these things help teams resist the temptation to simply over-provision their way around problems, which in turn, helps them keep the costs under control and their budgets intact.

2. Managing the Change from Static to Dynamic Connectivity

With traditional WANs, connections to branch offices are familiar entities to networking teams. Generally, they go from the data center over a few set hops, usually handled by a small set of well-recognized service provider middlemen, and then on to the specifically identified branch office (or the same in reverse direction). These connections are fixed, are contractually arranged with service providers, and offer little, if any flexibility. If IT and NetOps teams were truck drivers, MPLS-based WANs would be the same delivery routes they would take every day – the same roads, the same onand off-ramps, and the same destinations without variation, day after day.

Managing those static routes is a very different job than what it takes to watch over SD-WAN connections. That’s because SD-WAN fundamentally changes an organization’s network. The technology is designed to detect opportunities to change the way network traffic is delivered (servicing priority locations, selecting particular links, opting for service providers, switching transport protocols, etc.). this helps enterprises better meet policy directives for highest quality and reliability, lowest cost, or some other operational parameters.

In the MPLS world, teams essentially have connectivity maps that they become familiar with and then use to guide their monitoring and problem resolution efforts: “Oh, it’s that shaky link acting up again,” or “Oh, that service provider is still having that problem.”

With SD-WAN, things change rapidly and frequently, so the topological familiarity teams could count on under the MPLS model goes out the window. They must monitor a much broader set of network traffic variables and do so on-the-fly. This ratcheting up of the complexity of both monitoring and management tasks for networking teams slowed down what could have been much faster adoption of SD-WAN.

3. Reducing Network Monitoring Inefficiency

SD-WANs and next-gen Wi-Fi systems are fast and fluid. Traffic flows are complex and dynamic, often involving more hops, service providers, and transport types in between where network traffic originates and gets delivered – and all of those variables can and do change rapidly.

Part of the problem for NetOps and IT teams is the limited monitoring capabilities that come with most SD-WAN solutions. Most providers treat this functionality as a ‘checkbox’ item rather than a real differentiator. The larger problem for these teams is that neither one of their network monitoring resources — their legacy system or out-of-the-box SD-WAN tools — can monitor both their legacy and modern network environments. That results in split views that prevent teams from seeing full paths and create visibility gaps. Without unified and automated, end-to-end network path visibility, efficient monitoring and management remains an unattainable goal.

When network traffic flows traverse mixed WAN environments, it is difficult and time-consuming for teams to stitch together views of the component parts of links, and to figure out if and how their two different network fabrics are impacting one another. By the time teams figure out why a problem happened, everything has changed – so their analysis isn’t particularly helpful.

With this inefficiency, issues that should have been spotted and remediated in their early or building phases are missed and grow into larger disruptions that impact users. Performance degradations and outages cause business disruptions and productivity losses, and remediation or repair actions take too long to be effective.

4. Gauging Service Reliability and Quality with Policy Adherence

With SD-WANs and next-gen Wi-Fi systems, one way to measure service reliability and quality is through the lens of policy adherence. These technologies allow teams to set and configure policies that essentially direct how the service should operate. But assessing policy adherence in these dynamic environments is tricky business– and how well those policies are being adhered to by various involved parties and technologies. In the case of SD-WANs, this includes network operators and their contracted SLAs, and
private, public and hybrid cloud arrangements, and network resources that supporting VPNs and other types of access tunnels.

Policies are set up to ensure that entire, mixed WAN infrastructures work in ways that align with the organizations operational priorities. Effective monitoring is therefore a critical requirement for determining whether or not policy benchmarks are being met.

With policy adherence monitoring, the lack of end-to-end visibility on the SD side, and the visibility gaps between SD and MPLS segments, again create operational challenges. Whether it’s a telco service provider not reporting adequately on performance versus their SLA levels, or being unable to gain a service-level view for connectivity reliability to a priority location, the lack of policy adherence visibility makes overall WAN performance management difficult for IT and NetOps teams. It’s yet another reason why IT and NetOps teams might prefer to put off their SD-WAN transitions.

5. Achieving Operational Agility Goals

Across all functional areas of enterprises today, one of the top goals is to find ways to conduct business with more flexibility and responsiveness, while also controlling costs. With their smart, software-driven ways of automatically finding and utilizing the best connections, whether that means the fastest, most reliable, least expensive, or best according to some other desired
characteristic, SD-WANs should handle making the changes teams need to meet their operational agility goals.

Whether it’s managing new connectivity arrangements during a merger or acquisition, accommodating growth by provisioning connectivity to new branch office, or handling temporary priority changes (such as a CFO working at a regional office for an extended period), SD-WANs should make all of that easy.

Without flexible network monitoring with speed at scale, however, the desired operational agility with IT and networking operations often remains stubbornly out of reach. Device polling that’s not fast or thorough enough, sluggish visualization and reporting tools that mask or delay views of what’s really going on, upticks in manual interventions to address problems – these are just some of the ways that subpar network monitoring can bog down or derail efforts to boost an enterprise’s business agility

Top New Monitoring Features Needed

The new SD-WAN and Wi-Fi technologies being used to modernize branch office operations come with new monitoring requirements. Following are some of these must-haves.

SD-WAN Flow/QoS Analysis – In SD-WAN environments, the paths used between endpoints are dynamic rather than fixed, so the sessions are more fleeting, more elusive for those trying to monitor them. Being able to collect and analyze this dynamic flow information is critical for networking teams. To manage bandwidth utilization and quality of service (QoS) with critical applications and services, networking teams must be able to see and understand what’s going on with their SD-WAN-powered flows with integrated QoS insight in real time. Doing so requires monitoring capabilities that are just as fluid and dynamic as the SD-WAN paths. Broad coverage of all popular flow formats is also a must, as is detailed, real-time visibility into bandwidth utilization and simplified reporting. Only modern network monitoring solutions can deliver these dynamic capabilities.

SD-WAN Tunnel Views – VPN tunnels have been a part of traditional WAN deployments for years. So, for networking teams, the tunnels themselves are nothing new. IT and NetOps teams would manually configure and manage these network tunnels, so they knew all about them, including where they originated and terminated, how their transport worked, their capacity and normal performance. With this close-quarters support, teams basically had all the information and metrics they needed to effectively monitor and manage these tunnels and the traffic that traversed them.

What’s new and challenging about VPN tunnels in SD-WAN deployments is that they are configured and managed automatically by the SD-WAN solution. Precisely as it is designed to do, this automation removes humans from the equation. While that drives tremendous efficiency gains, it eliminates networking teams’ familiarity with these resources. That lack of familiarity combined with the changing nature of these connections make it much more difficult for teams to troubleshoot and resolve problem with these tunnels when they crop up. Only modern network monitoring systems — with the capabilities needed to keep up with SD-WAN tunnels onthe-fly — enable IT and NetOps teams to avoid these issues and the major operational problems they can cause.

Synthetic Indicators – With traditional monitoring systems, there are some metrics that IT and NetOps teams would like to see from their polled devices, but they are simply not available. For example, when polling interfaces, teams can view bytes in and bytes out, but polling total bytes is not an option. In SD-WAN and next-gen Wi-Fi deployments, there are lots of ‘variations on metrics’ that would be informative and useful if they were available. The challenge is that traditional monitoring systems cannot produce them; only modern monitoring systems offer these capabilities. With synthetic indicator functionality, teams gain the ability to generate these types of value-added performance metrics, which can help them to more quickly spot, diagnose and fix issues before they build into major problems.

Synthetic indicators work by performing simple math calculations on multiple metrics collected from a single monitored device. With synthetic indicators, teams can customize their monitoring to include this multi-faceted and previously unavailable performance insight. Networking teams can create and generate these metrics. They also can combine, report on, and generate
alerts based on this ‘manufactured’ data even though the values don’t exist in the MIBs of the target devices.

Synthetic indicators open up many new and useful ways to view and assess network performance – and they’re only available in modern network monitoring solutions.

Next-Gen Wi-Fi Visibility – Not so long ago, when enterprise users needed serious connectivity, they plugged into the Ethernet connections in their office walls. Enterprise Wi-Fi, on the other hand, was viewed by these users as “good when it’s available, but don’t rely on just that.” In other words, it was a nice-to-have, and the monitoring of this source of network activity reflected
its marginal status. In short, like Wi-Fi itself, the monitoring of it was “best efforts,” not mission-critical.

Fast-forward to today and enterprise users aren’t looking around for Ethernet connections. They need – and expect — reliable, full coverage Wi-Fi services so they can use their mobile devices anywhere across their enterprise campuses.

Next-generation Wi-Fi solutions are meeting these needs by incorporating new standards like Wi-Fi 6 (802.11ax), using more of the available wireless spectrum, and borrowing some technologies from the cellular world. As a result, these next-gen wireless solutions are enabling mobile devices to use new wireless capabilities for not just better and broader coverage, but higher speeds with fewer congestion headaches. This is what’s making next-gen Wi-Fi a ‘must-have.”

With more traffic moving faster through more layers and a much broader array of devices, it takes more than a legacy monitoring system to keep up with next-gen Wi-Fi. It takes the faster, more flexible, and more powerful monitoring provided only with next-gen network performance monitoring systems.


SD-WAN and next-gen Wi-Fi solutions are the obvious choice for modernizing branch office connectivity and providing users with more reliable access to network applications and services in these important locations. Less obvious, perhaps, but critical nonetheless is the need to pair these dynamic technologies with network monitoring capabilities that can keep up. For branch modernization strategies to succeed, networking teams need monitoring capabilities that are just as fast, dynamic, and scalable as the newSD-WAN and Wi-Fi solutions they are deploying.

These requirements are well beyond the capabilities of legacy monitoring systems. Attempting to use them to keep tabs on network performance in modern branch offices is a recipe for failure.

A better, smarter strategy is to support these deployments with modern network monitoring. Properly managing SD-WAN and next-gen Wi-Fi connectivity requires speed, flexibility, and scalability — but also simplicity and automation.

That’s precisely what modern monitoring solutions deliver, and it’s how they’re enabling enterprise IT and NetOps teams to move forward effectively and successfully with their branch office modernization initiatives.