Monitoring Within the Enterprise Network
Most businesses rely on communication and collaboration tools like email, Zoom, Teams, etc. So, staying connected over a reliable network can go a long way to increase efficiency and security in the day to day business.
A corporate network that connects geographically dispersed users, from areas that could be anywhere in the world, is called an Enterprise WAN. Every enterprise has special use cases for certain network designs that meet the specific needs of the individual business.
Typically, the selection of the underlying network design/technology is based on the need to
- Improve connectivity between the enterprise branches at a lower cost per Mbps as traffic increases
- Have high quality, low latency access to main SaaS providers and public clouds
- Have high quality, low latency access to internal applications hosted on an on-premise datacenter or private cloud
- Be able to use several service providers for connectivity for resilience and best of breed choices
Let’s have a look at some of the most popular technologies used in enterprise WAN. Depending on the size and nature of the business, an organization may resort to one or a combination of these underlying network technologies in place.
1. Multi-Protocol Label Switching (MPLS)
MPLS is a dedicated private network provided to enterprises by operators. It is a data transport mechanism that is designed to increase speed and reduce memory overhead in extremely large networks, such as within global WAN service providers.
Instead of routing packets based on IPv4 or IPv6, as is the case with most enterprise network designs, MPLS uses fewer complex labels to route traffic to its intended destination. Also, when there are multiple applications being accessed over the network in an organization, MPLS allows prioritizing one type of application over the other by entering different QoS information in the packet label.
Image 1: MPLS Schema
Major drawbacks of MPLS include expensiveness and longer time to deploy/provision it within the office network.
2. Software-Defined Wide Area Network (SD-WAN)
A software-defined wide area network is a software approach to manage wide-area networks. It offers ease of deployment, central manageability, and can improve connectivity to branch offices and the cloud.
SD-WAN solutions enable flexible pathways depending on individual application requirements. It prevents congestion spots from being created by diverting the traffic to alternate less-busy channels. This ensures a reliable flow of data transfer, instead of making it vulnerable to getting lost, dropped, or blocked.
Image 2: SD-WAN Implementation
It is less expensive than MPLS.
3. Direct Internet Access (DIA)
DIA gives the enterprise a dedicated link to the internet i.e., to the ISP and not to the other branches of the organization as in the case of MPLS. The connection and bandwidth are not shared with others.
Image 3: DIA Schema
While DIA is cheaper, there can be a lot of security concerns in this case and organizations may choose to have a VPN set up to mitigate this issue only to a certain extent.
With all the complexities involved, it becomes extremely important to monitor the health of the network to ensure seamless reachability to different applications (be it SaaS or internal app) and connectivity within an organization.
Recently, one of our larger enterprise customers reached out to us with a problem, the employees of the organization noticed that accessing a specific application to download files took longer than usual and they were unable to identify the root cause.
The office network infrastructure is set up in such a way that any traffic is set to follow one of the 3 routes through:
- MPLS
- SD-WAN
- Open Internet
To analyze the issue, the first step we took was to deploy the Catchpoint Enterprise Nodes to help identify exactly where the slowness was noticed. The node served as checkpoints in our customer’s network infrastructure and monitored the performance and availability of intranet and SaaS applications used by employees.
We then set up synthetic tests to monitor the web application, the data indicated that the slow Load times were seen across MPLS and SD-WAN when compared to the open internet line. In the chart below, the Load time varies across different network types.
Image4: Data from MPLS, SD-WAN, and DIA set up
Analyzing the data from the Enterprise nodes, the customer was able to determine, for certain, that the issues were local to the sites. After further analysis of the different network components, changes to the local firewall configuration helped improve the Load time.
Monitoring within the enterprise network is key to maintaining employee experience. Consider another example, Catchpoint Enterprise nodes were able to identify problems within the SD-WAN network. The Sankey chart below illustrates the issue.
Image5: Sankey Chart
In this case, the enterprise nodes were deployed across multiple branch offices (shown on the left side of the Sankey chart), from where the employees access an application used for collaborating with other teams within the organization (this is the destination, indicated by IP addresses on the right).
There are two internet breakouts for reaching the destination and it is seen that only one of them is used most of the time where the latency is high.
We saw the same issue using Catchpoint’s Custom Dashboard pinpointing where the latency is higher.
Image6: Catchpoint Custom Dashboard
Enterprise network architecture varies across locations, Catchpoint’s Enterprise nodes can be leveraged to determine whether employee experience problems are internal or external through first-mile testing or testing from within the network or behind the firewall. Monitoring using Enterprise nodes will help gain a complete view of the organization’s network health including reachability, availability, performance, and reliability ensuring that the employee experience is not compromised.