Applications fuel the digital economy: the application layer is where technology meets the business and revenue is realized. Any disruption to application performance or availability results in real loss of revenue or an increase in costs. Let’s look at the main drivers that make delivering a consistent application experience to users so difficult.
Increasing Number of Applications
The typical enterprise now has 100s of applications and the number continues to grow rapidly
Applications are hosted everywhere: on-premises, in the data center, the public cloud, the hybrid cloud, etc.
Users access applications now from anywhere: from the headquarters, branch offices, home, mobile devices, and even as IoT clients distributed across factories and field sites
For CIOs and IT teams of a distributed enterprise operating in such a dynamic and evolving environment, ensuring optimal application performance and securing users and workloads is one of the biggest challenges.
The network plays a crucial role in delivering an optimal and productive application experience. Most existing SD-WAN solutions rely on an overlay-underlay architecture. The virtualized nature of the overlay network provides agility and cost advantages over MPLS. Also, an SD-WAN overlay leverages policy-based routing to guide application traffic through multiple transport underlay networks such as MPLS, the internet, 5G/LTE, etc., that is best suited to deliver on an application’s requirements.
But overlay SD-WAN solutions have neither control over the underlay network’s performance, nor can they provide true visibility into potential performance bottlenecks.
An IT team needs two critical capabilities to ensure application performance: end-to-end visibility and true control – which an SD-WAN overlay cannot provide.
Enterprises that use SD-WAN overlay solutions utilize multiple additional tools for each silo to overcome the visibility shortcomings of their underlay networks. However an increased number of tools exacerbates the problem with swivel chair operation and increased complexity in troubleshooting any issues. And even with multiple tools, network control remains elusive and is dependent on the underlay network service provider. This further creates disjointed and time-consuming workflows when application issues appear or when needing application optimization.
Aryaka’s cloud-first architecture combines a global core backbone, connected in a mesh services fabric via HyperScale PoPs, with Aryaka’s edge appliance for a distributed data plane. Aryaka’s AppAssure is deployed on its edge appliance and Hyperscale PoPs. This architecture provides an inherent advantage by combining an integrated SD-WAN controller with a managed underlay transport network. There is no underlay-overlay separation. Aryaka AppAssure builds on this advantage to provide end-to-end visibility and total control to deliver a best-in-class application experience. Intuitive and closed workflows further simplify operations, ensuring a consistent application experience.
Aryaka AppAssure delivers a set of application visibility and control capabilities to optimize, monitor and ensure application performance across the enterprise. No matter if a user connects from a branch, headquarter or remote office location.
These integrated capabilities allow enterprises to overcome the limitations of an overlay SD-WAN solution:
1. Deep Packet Inspection and Application Classification
|The deep packet inspection (DPI) engine deployed on Aryaka’s Hyperscale PoPs and Aryaka’s managed CPE, the ANAP, can automatically identify over 3500 applications. With additional application mapping methods such as a 5-tuple in the IP header, DNS and destination server name, AppAssure can identify enterprise-specific, proprietary applications. First packet identification capability within the DPI engine for most of the application flows avoids any performance penalty. Once an application is identified, AppAssure allows to classify the application in the corresponding applications group to manage it most efficiently.|
2. Application Steering and Optimization
|The ability to guarantee the network transport performance is imperative to meet application performance requirements. QoS guarantees can never be outsourced to an underlay transport network to which the policy-based routing engine has no control over. The Aryaka high performance global network delivers on end-to-end network SLAs and application QoS. |
AppAssure provides the ability to steer an application over multiple WAN paths and granularly apply traffic optimization. Aryaka’s optimization capabilities including WAN optimization, last mile link assurance, traffic overflow, and SLA based network selection. These are available for individual application group and per site/site group. The ability to control the transport network provides guaranteed delivery of the steering and optimization policies.
3. Application Monitoring and Troubleshooting
|Aryaka AppAssure provides complete and immediate visibility into network and application performance via the web-based MyAryaka portal with vertical and horizontal visibility across and into every element involved in packet delivery, including last mile, middle mile and any physical or virtual resources. |
Further, application traffic visibility is available in multiple dimensions – across ISP links, WAN networks, LAN segments and application groups. Application performance parameters such as QoS and SLA may be monitored across all network types. The user can drill down and across any dimension to quickly triage an application issue. A user can also monitor individual traffic flows that constitute total traffic in any given dimension. With AppAssure deployed in each PoP combialong with NCP, now we can help restrict application access for remote users. Admin now can have a consistent policy to drop traffic for blocked application for both office users and remote access users.
4. Co-management and Simplified Workflows
|In a constantly changing world of application requirements, IT teams need robust co-management capabilities to stay on top of application performance and security needs. By deploying Aryaka AppAssure on the ANAP and in PoPs, with remote user connecting to the nearest PoP via Aryaka’ managed VPN as-a-service, administrators can restrict application access and drop traffic for blocked applications for on-site and remote users with a consistent policy. AppAssure provides expanded co-management capabilities with simple workflows for users: |
|Total Control||Aryaka’s high-performance global core network integrated with SD-WAN orchestration, can exercise complete control over the required performance and access level for any given application. Deterministic performance is always guaranteed and immediately fine-tuned. Total control over the transport network can deliver application QoS and required network SLAs for any given application.|
|End-to-end Visibility||By eliminating the opaque visibility that overlay SD-WAN architectures provide into the underlay, network architects gain complete visibility over application and network behavior. Network architects can see a direct correlation between underlay network behavior and application performance issues. Enhanced performance visibility helps to manage QoS and enables the audit of SLAs.|
|Simple Workflows||AppAssure simplifies delivering a consistent application experience with intuitive and closed-loop workflows. With ease of use, network architects don’t need to perform swivel chair operations with multiple tools to diagnose issues and follow disjointed workflows to fix the issue. A single tool – the MyAryaka portal – provides visibility, configuration, and orchestration functions to drive immediate optimization. The MyAryaka portal also provides effective tools to expedite all aspects of troubleshooting from problem notification to problem isolation to problem resolution to reduce overall MTTR significantly.|
|Co-Management||Maintaining optimum application experience in dynamic enterprise environments requires swift action by IT teams. Expanded co-management capabilities with AppAssure provides IT teams with flexibility and the ability to respond quickly to application issues or updated application needs. Network architects can carry out granular network capacity planning, optimizing the network for both cost and performance.|