Overview
SD-WAN (Software-Defined Wide Area Network) is an intelligent, software-controlled approach to managing enterprise WAN connectivity.
It uses multiple transport links such as MPLS, broadband, and LTE and automatically selects the best path for each application based on real-time conditions like latency, loss, and jitter.
While SD-WAN optimizes network routing, it often hides where performance issues originate. The SD-WAN controller may report that all tunnels are healthy, yet users experience latency or application slowness.
Monitoring SD-WAN provides the visibility needed to identify whether an issue lies in the overlay, underlay, or application layer.
Key Concepts
- Underlay
The underlay refers to the physical transport layer MPLS, broadband, or LTE that carries traffic between sites.
It provides basic connectivity but does not inherently manage or optimize traffic routing.
- Overlay
The overlay is a virtual layer built over the underlay using encrypted tunnels (typically IPsec).
It intelligently routes traffic, applying SD-WAN policies and prioritization to ensure optimal performance and reliability.
Why Monitoring SD-WAN is Important
SD-WAN abstracts physical networks and dynamically reroutes traffic. However, this abstraction can mask performance issues such as:
• Unstable ISP (underlay) connections
• Misrouted SD-WAN tunnels (overlay)
• SaaS, CDN, or DNS degradation
Monitoring both overlay and underlay ensures that IT teams can quickly determine whether performance problems originate in the network, SD-WAN policy, or the application itself.
Catchpoint SD-WAN Monitoring Approach
Catchpoint provides end-to-end visibility across SD-WAN environments using synthetic testing.
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
How It Works
- Deploy two Enterprise Nodes:
- One inside the SD-WAN. (behind the edge router)
- One outside on a public link.
-
Run tests such as Ping, Traceroute, HTTP/Chrome, and Object.
-
Compare overlay and underlay results to isolate the true cause of degradation.
Metrics Tracked
- Latency
- Packet Loss
- Jitter
- Connection Errors
- Bandwidth/Throughput
- Application Load Time
Benefits
• Pinpoint whether degradation occurs in the overlay, underlay, or application.
• Validate SD-WAN path selection and routing decisions.
• Ensure end-user experience aligns with network health.
Use Cases
Overlay vs Underlay Visibility
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Identify where performance issues originate.
Description: Tests overlay and underlay paths simultaneously to reveal latency, loss, and routing differences.
Outcome: Quickly isolate whether an issue is within the SD-WAN tunnel or the physical ISP network.
Branch Link and ISP Path Comparison
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Compare routing efficiency across multiple ISPs.
Description: Catchpoint visualizes route hops and latency differences in real time, highlighting longer or unstable paths.
Outcome: Select the optimal ISP per site and validate SD-WAN routing policies.
PoP Reachability and Underlay Health
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Ensure stable branch-to-PoP connectivity.
Description: Continuous Ping and Traceroute tests monitor link health between branches and SD-WAN provider gateways.
Outcome: Detect underlay issues before they impact SD-WAN tunnels.
Application Experience over SD-WAN
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Measure true SaaS performance across SD-WAN links.
Description: Synthetic browser and transaction tests simulate user journeys to SaaS apps like Microsoft 365, Salesforce, or Zoom.
Outcome: Correlate application performance with SD-WAN path quality.
Failover Validation
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Confirm uninterrupted service during link outages.
Description: Continuous Ping and HTTP tests detect rerouting behaviour and measure failover duration.
Outcome: Validate SD-WAN failover efficiency and maintain uptime during link loss.
Bandwidth Verification (Throughput Testing)
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Measure delivered bandwidth across SD-WAN links.
Description: Catchpoint runs iPerf/FTP throughput tests between Enterprise Nodes to verify capacity and detect degraded links.
Outcome: Confirm link SLA compliance and detect performance bottlenecks early.
User and Endpoint Experience Monitoring
.png?sv=2022-11-02&spr=https&st=2026-04-04T22%3A01%3A02Z&se=2026-04-04T22%3A13%3A02Z&sr=c&sp=r&sig=69xhxuWLiOsG1GkhFhTKZgsEhgKIMEEvJ%2BYm0eQK1ak%3D)
Purpose: Correlate user device performance with network metrics.
Description: Endpoint Agents collect Wi-Fi, DNS, and latency data from user machines and correlate with SD-WAN branch data.
Outcome: Quickly isolate whether slowness is caused by local, branch, or network-wide factors.