CA Technologies’ Tim Diep on Network Monitoring for SDN

Enterprises are embracing software-defined networking (SDN) in the data centers and software-defined wide area networking (SD-WAN). SDN allows centralized management, automation and programmability, so the expectation is that this transformation will offer improved global application performance.

However, SDN and SD-WAN present significant operational challenges in getting accurate visibility, trouble-shooting issues, and analyzing performance.  Unfortunately, many incumbent network management tools are not well suited to monitor and troubleshoot these next-generation networks, and new approaches are needed.

In this interview, Tim Diep, senior director of product management at CA Technologies, discusses best strategies for network monitoring in the SDN and SD-WAN space, and the new requirements that are driving innovation in the field.

SDxCentral: A survey from Enterprise Management Associates has found that two-thirds of data centers that had adopted SDN felt their network performance monitoring tools weren’t fully supporting it. Why is this such a problem?

Tim Diep: SDN is made up of multiple complex layers of abstraction, built on top of traditional network elements. To gain a full view of network performance, you need deep analytics and deep correlation, and most of the older monitoring systems are not capable of that.

If you look at SDN, what the early adopters are seeing is a significant change from an operations perspective. In a traditional network, you have standards that most equipment vendors have adopted in their devices that specify organized  tables of data. So, you could rely on that standardization to get the data in the same way from any vendor. In SDN, it’s all vendor-specific data sets that are not nicely packaged together.

There are also a lot of vendors to deal with, so the network will have a lot of data from different sources, and monitoring systems will need to seek out that data from all of those systems and repositories and piece it together, almost like a puzzle.

Also, the old practice of adding network monitoring was to deploy a new network, wait a year or two, and then check into adding monitoring after the fact. But this doesn’t work for SDN because of the aforementioned level of complexity that it brings to the network. When SDN adopters deploy monitoring after the fact, they can find that a large portion of what’s happening in the network is hidden from them.

It’s also important to remember that SDN is a dynamic architecture, with bursty speeds that are transient and can happen any time. Older monitoring systems periodically go and check on a network’s performance, and that was fine when change was seldom and predictable. But with SDN, that’s not going to work—it has to be real-time because the network is always unpredictably changing.

What are some of the other network monitoring challenges that are specific to SD-WAN?

In addition to the general SDN challenges, the challenge in monitoring SD-WAN is that the old WAN hasn’t gone away. It’s still there, and it’s the foundation, the plumbing and electricity of SD-WAN, so you have to correlate network and application impact to that.  Correlating the WAN underlay to the SD-WAN overlay is tricky in Enterprise scale.

SD-WAN works by introducing automation and intelligence in the form of application-aware routing. But how do you know that it actually works? Network monitoring software should substantiate that SD-WAN is improving application traffic, but that’s challenging given all of the multivendor variants out there and the need to correlate to the old WAN. To find out if the app performance and user experience are actually improving requires good analytics.

What do network operations teams need to consider when selecting their network monitoring tools? 

We have an acronym, “FITPAL,” which is a great way to remember the essentials. It stands for: Fault; Inventory; Topology; Performance; Availability; and Logs. A good network monitoring tool that’s a FITPAL for SDN contains all of these diagnostic data.

Also, more and more in SDN you need analytics—you really can’t have monitoring without it, it would be like driving a car without an engine.

Having the right operational user interface (UI) is essential to success as well. As part of their standard operating procedures, we recommend to customers that they make sure they have an operational UI that works for them, with all of the functionality and information they need. It’s not just about pretty charts and visualizations—it needs to fit in with their existing processes and tools and easily extend to new network architectures with minimal effort.

Avoiding silos with a converged approach is another best practice. Companies should avoid getting sucked into deploying vendor-specific tools. Now more than ever, you need a holistic view of the entire network, data center and WAN, across vendors.

Why is a unified approach best when it comes to managing and monitoring SD-WAN specifically?

The unified, converged approach is important in SD-WAN because it’s not just about the WAN itself. It’s really about an enterprise’s journey to the cloud.

Enterprises are evolving and moving workloads and applications in ever-greater numbers to the cloud. At this stage of the journey, that includes a transition for the WAN, as well as connections to data centers and public cloud providers, like Amazon Web Services.

A unified network monitoring approach allows us to look at the WAN as just one part of this cloud journey, with full diagnostics of how it fits into the bigger picture. Its having a FITPAL, end-to-end view from the enterprise WAN to the cloud, with the ability to monitor all pathways in the WAN, the delivery network, the data center and the public cloud.

Is it possible for network operations teams to evolve their existing network monitoring tools to make them work for SDN?

Yes, absolutely. In fact, that’s what we have done with our CA Performance Management and CA Spectrum offerings. We have introduced an add-on software gateway module, dubbed CA Virtual Network Assurance. It essentially converts CA Performance Management into an SDN monitoring tool, while still allowing existing functions to monitor traditional networks. It’s the best of both worlds.

One of the things we focused on was operational UI and how users navigate within the interface for optimal workflow. Our customers can use the same operational UI, navigations and workflow they’re already used to, and apply it to SDN. A familiar operational user experience and continued use of standard network operating procedures to reduce complexity and learning curve: That’s the beauty of our implementation.

What makes CA’s network operations and analytics platform different from its competitors?

Our next-generation network monitoring tool is a comprehensive and highly scalable software platform that enables easy management of SDN architectures along with traditional infrastructure. And there are four attributes that make us stand out.

No. 1 is the ability to do full diagnostics because we are a FITPAL monitoring system, and the second is that we are a full-stack solution.

Between these two, we are one of the few vendors that can provide monitoring for not just the network, but also the servers, systems, and storage pieces. We offer the monitoring of application workloads and performance, and the monitoring of the end-user experience.

Thirdly, we provide full coverage: We can monitor the legacy network, NFV implementations, SD-WAN, SD data centers, and the public cloud.

And finally, we offer full analytics. This is a new area, so all of the tools that we provide are backed by a high-performance analytics engine based on open source.

This advanced network monitoring functionality in our tool set allows us to address all of the monitoring challenges for SDN and SD-WAN that I just discussed. It’s an exciting time.