Nearly two years ago, I opined that supplier management might be the biggest threat to SD-WAN adoption. My argument was that SD-WAN required enterprises to equip locations with multiple Internet connections (assuming they were eliminating MPLS), ideally from different ISPs, if they’re to match MPLS uptime.
All of which means that any IT team considering SD-WAN must go from managing one carrier relationship with MPLS to managing many ISP relationships with SD-WAN.
If there’s a problem in some last mile, it’s up to you — not some carrier — to fix it. When managing a global network (or, really, any network with more than a handful of sites), that responsibility can be a big deterrent to adopting SD-WAN.
Few Good Options
At the time, good outsourcing options were sparse. Sure there were virtual network operators (VNOs; also called last-mile aggregators or global managed Internet providers) that would procure and manage your last-mile.
But those companies charge a premium for their services. Management was also often limited to pinging the edge router and detecting lost connectivity.
But with SD-WANs, blackout detection isn’t enough. You need to detect brownouts — slowdowns in your network — as well. More specifically, if you’re outsourcing your last-mile management, you’d like the service provider to:
- Detect brownouts and blackouts
- Monitor for problems to other sites and the public Internet
- Identify problems downstream and upstream to the site’s ISP
And then work with the local ISP to resolve the problems, 24x7x365. (There are a bunch of business considerations as well that I put into a still relevant checklist. You can download it from this blog.)
SD-WAN Services Manage Last Mile
The SD-WAN service players are closer to meeting that criteria. The folks over at Aryaka, for example, have long offered last-mile management with their service.
The service measures packet loss by pinging from Aryaka’s Point of Presence (POP) across their IPsec tunnel to their device at the customer premises. If loss crosses a certain agreed-upon metric then Aryaka works with the ISP to resolve the problem.
It’s a good step past generic last-mile management. You’re managing the line back to the PoP, not just the last mile. You’re also detecting brownouts and blackouts.
The problem I see is that the service does not consider network issues outside of the tunnel. Your site’s connectivity to the cloud and the broader Internet could degrade or be blocked entirely — whether because the local ISP has a routing issue, is playing QoS games, or any other reason — and Aryaka will not address the matter.
Cato Networks, another SD-WAN service player, took a big step this week towards addressing SD-WAN’s last-mile issues. The company just introduced a last-mile management service that manages both the last-mile to their SD-WAN service and the last-mile to the Internet.
Cato Intelligent last-mile management (ILMM) is part of the company’s global SD-WAN service that connects sites, cloud datacenters, SaaS applications, and mobile users with a Cato’s global network, which includes built-in network optimization and a network security stack — firewall, IPS, and more.
I have yet to test Cato ILMM myself but from my conversations with the company, it looks promising. Cato has a massive data warehouse of the traffic metadata from across its customers. The company uses this data warehouse to develop, what it claims, are highly accurate profiles of your last-mile even accounting for seasonal variations from the location through the ISP to their PoP.
The service then monitors jitter, packet loss, and latency variations and outages using Ping, DNS, HTTP, Traceroute, and, apparently, custom-defined services.
Testing is done inside and outside of the Cato tunnel. Should a threshold be crossed, the Cato NOC will open a ticket with your ISP, providing details from all of their testing, and work with them to resolve the issue.
Cato is not offering a provisioning service. They’re expecting you to bring-your-own-line (BYOL). It’s not an ideal world; we’d like them to handle line ordering as well. Still, it’s the ongoing, month-to-month management that’s a far bigger challenge.
Don’t Ignore Your Last Mile Until The Last Minute
Regardless of whether you insource or outsource, prioritize last-mile ordering and management in your SD-WAN plans.
Waiting on the last-mile till the last minute can have disastrous consequences. One customer of mine ended up having to extend their MPLS contract until the Internet lines were in place, paying an additional $250,000 in MPLS charges.
All of that could have been avoided had they ordered their Internet services early on. With a bit of planning that doesn’t have to be you.