Cisco Intelligent WAN

White Paper


Cisco Intelligent WAN (IWAN), is a software-defined wide area network (SD-WAN) solution that allows users to design large scale, highly available, secure and policy-driven WANs. The SevOne Digital Infrastructure Management Platform combines polled/collected metrics, NetFlow and logs to provide complete visibility into how the Cisco IWAN solution is performing in real time.

Policy-driven WANs provide reliability and optimal application performance by routing and re-routing traffic based on performance and availability characteristics of the WAN detected in real time across network transports like MPLS, the Internet and 4G/5G wireless infrastructure. The SevOne Platform understands the performance of all these different WAN transports in real time and adds visibility and clarity in explaining why traffic or an application has taken a different path or transport through the network. While Cisco IWAN is designed to re-route traffic based on policy when a path has degraded performance, SevOne answers the question most often asked by operators: what caused the re-route to happen in the first place?

Managing the performance of large-scale wide area networks was challenging enough when the WAN was fairly static. Now, the flexibility and agility of SD-WAN increases that challenge even further. Cisco IWAN makes it easier for customers to scale out their WAN networks by automating the provisioning of WAN routers. When integrated with Cisco IWAN, SevOne automatically manages WAN routers as they come online and immediately monitors the performance of the new WAN links. Users are kept up to date on the performance of all their WAN links as they are being provisioned. At the same time, SevOne builds an understanding of normal performance so alerts can be sent when issues arise that are not within baseline parameters.

Transitioning from a static legacy WAN into a dynamic policy-based WAN adds enhanced features. However, customers are often left with two WANs - both of which need to be managed. SevOne provides insights into both the legacy WAN and the new software-defined WAN and provides performance metrics from both in a single dashboard or even on the same graph within a dashboard. This reduces risk as the migration occurs.

The level of automation, availability and performance Cisco IWAN provides is critical, for Enterprises, Service Providers and Managed Service Providers alike. All organizations, from small enterprises to large service providers, want to ensure 100 percent availability for the applications that transit their wide area networks. They also want to assure that availability as they use SD-WAN technology to automate the rollout of new locations, ensure configuration consistency and lower connectivity costs with secure Internet communication.


The opportunity for SD-WAN is real.

  • By year-end 2017, Gartner estimates at least five global carriers will have incorporated SD-WAN as a key component of their managed network service designs. At least two Tier 1 operators have already made announcements in line with this prediction.
  • By year-end 2018, Gartner estimates 10% of enterprises will have replaced their WAN routing with SD-WAN-based path forwarding, up from less than 1% today.
  • By 2018, IDC estimates that 50% of enterprises will consider SD-WAN
  • By 2020, IDC estimates SD-WAN to be a $6B market with 90% CAGR

Features and Benefits

The integration of the SevOne Platform and Cisco IWAN gives customers a real-time view into the performance of their existing and new IWAN infrastructure, and alerts operators when performance is not optimal or when an automated change in the WAN occurs due to performance anomalies. Using polled metrics via SNMP, flow via NetFlow, and logs, SevOne provides unprecedented insights into the performance of applications as they transit the WAN. When a performance event happens on the WAN, statistics and notices are sent via NetFlow and logs to SevOne to inform operators of the event. Application performance measurement is done on the WAN routers using NBAR2, while Cisco Application Visibility and Control statistics are exported to SevOne for performance reporting and alerting.

SevOne’s ability to combine polled metrics, NetFlow and syslog messages at scale and alert when performance anomalies occur in real time provides valuable insights into how the WAN is being utilized. These performance insights allow operations to verify that the policies they have in place are having the desired effect. Any change in the environment produces an immediate alert, whether it was detected by a polled value, a NetFlow statistic or a message in a log file.

Operations teams are often asked to explain why an application is taking a certain path through the network and when and why that path changed. SevOne’s collection and alerting abilities help answer that question in real time, while enabling teams to validate operations procedures as they maintain the WAN. SevOne’s year-long historical reporting and analytic features help network planners with sizing the next set of links and determining where Internet links vs. MPLS links might be most attractive. All this functionality is available quickly, thanks to easy-to-use reporting and report creation, which means that very little time is required install and gain value from the SevOne Platform.

Solution Overview

The SevOne Platform uses metrics, NetFlow and syslog messages to gather all the key performance metrics utilized in a Cisco IWAN deployment. Metrics from SNMP would include physical in-tunnel interface state and utilization. NetFlow metrics provide information on volume, type and latency of application traffic as it passes across the WAN. Syslog messages happen when an event occurs that causes traffic to take a different path and they indicate things like packet loss or latency, which help operators understand why a path change has occurred.

SevOne’s ability to scale with deployments allows all the metrics to be gathered from all the WAN routers, including the hub router or routers, and the branch routers. All the information is then available in real time in a dashboard or as a performance alert. A performance alert could occur when a metric, a flow or a log value is above or below its normal value or out of a tolerance configured manually.


Use Cases


Enterprises rely on WANs to carry business critical data 24 hours a day, 365 days a year. The automation capabilities of the Cisco IWAN solution help ensure the necessary network availability. For example, when Cisco IWAN is working properly, the loss of a single link shouldn’t impact the performance of an application because the system will automatically adapt to changing conditions: Voice, video and data should be seamlessly transitioned to backup links. This level of automation is one of the compelling features that make Cisco IWAN so attractive to customers

However, IWAN’s automation is only as good as the policies it is configured to follow, and those policies are constrained by the infrastructure available to them. The level of complexity in the underlying infrastructure can make managing performance issues a daunting task.

The SevOne Platform helps IT organizations understand the current environment and identify issues early, before end users do. By collecting metrics such as QoS queue utilization and trending them over time, queuing strategies can be optimized and bandwidth capabilities can be changed before issues that may impact service arise. This is particularly important because, while Cisco IWAN helps balance traffic load, it doesn’t make more bandwidth available on any given link. Therefore, having the traffic visibility and insight needed to order additional bandwidth 60 to 90 days in advance is important.

Managed Service Provider

Managed Service Providers (MSPs) continue to make money as long as customer attrition is low. Offering services that are highly available and meet established Service Level Agreements (SLAs) are key to achieving this goal. Cisco IWAN helps MSPs by automating the installation and configuration process, so the service can be installed more quickly. A correctly deployed Cisco IWAN increases availability and reliability metrics, and helps ensure that the MSP meets all of its SLA agreements.

The SevOne Platform is designed to support extremely large environments like those found with MSPs. The integration between IWAN and SevOne allows operators to manage the environment in real time, and get performance statistics as soon as a branch site is turned up. The ability to predict when a resource will be exhausted allows the MSP to update customers who need to purchase more resources — thereby keeping them inside their SLA agreements. Real time alerting on metrics, flow, and logs, combined with single-click troubleshooting dramatically reduces the time it takes an operator to locate an issue in a Cisco IWAN environment.

Communications Service Provider

In a large Communications Service Provider (CSP), where circuit availability and performance are engineered in already, another leading use case emerges. CSPs provide the MPLS circuits that customers use to transport their mission critical data. Obviously CSPs lose revenue when customers choose low cost Internet as a secondary link instead of MPLS. The Cisco IWAN technology helps CSPs justify to their customers that the cost of the second MPLS link is well worth the money for two main reasons. First, both MPLS links can now be fully utilized instead of having a primary path and a backup path, which was paid for but idle until there was a failover. Second, the customer gets a secondary path with SLAs tied to it for transporting their critical data -- something not available if they choose low cost Internet as their backup.

The SevOne Platform is designed to support extremely large environments like those found in a CSP. Real time reporting from metrics, logs and flows allows operators to understand the actual current state of the network and quickly resolve any performance issues.