Can your network meet the challenges of Office 365?

Network Challenges of Office 365

Microsoft’s focus on growing commercial adoption of Office 365 in 2018 has resulted in the number of licensed seats growing an average of 29% on a yearly basis for each quarter of fiscal 2018. With an estimated 135 million commercial users worldwide, Office 365 is performing well for Microsoft. But with that success comes growing pains.

The problem for customers is network performance. A 2017 survey by TechValidate noted that nearly 70 percent of companies experienced weekly network-related performance issues after deploying office 365, even after increasing both firewall and network bandwidth capacity.

Office365 Challenges

To be clear, availability of the application’s different services is covered by Microsoft’s SLAs, which guarantees 99.9% of Office 365 uptime. However, availability is not the same thing as ensuring end users have a frustration-free experience. For one, the solution to performance problems is sometimes dependent on which Office 365 application users are having trouble. For example, doing live video streams from Microsoft Teams can saturate a corporate network, in which case companies can use proxy servers or enterprise content delivery network (eCDN) add-ons to reduce bandwidth consumption.

Office 365

The other issue is that performance issues are frequently network related, yet IT personnel struggle to correlate network issues with application performance because of limitations with monitoring and management tools.

Current “best practices” for network performance issues

Microsoft provides guidance on how users can mitigate network-related performance issues, suggesting things like adding memory to your computer, ensuring there’s no Malware running, and the like. Among the most useful of the recommendations Microsoft offers: create a performance baseline. Understanding what performance should look like is essential to figuring out why there is deviation from the standard. Mapping your application data flows from device to egress point to understand latency is a key step. This includes:

  • Measuring the time it takes to egress to Office 365, including identification of the devices between your client computer and your egress point. This could include proxy servers, switches, and the like. Any misconfigurations or malfunctions along this path could be contributing to performance issues.
  • Knowing the location of the server that resolves the URLs for Office 365. Allowing the application to route requests to the nearest Microsoft datacenter, rather than the one nearest the corporate datacenter, could improve performance.
  • Measuring the speed of the customer’s ISP DNS resolution in milliseconds (if not using a private hosted or managed DNS service). ISPs don’t always do a good job of managing their DNS servers, which could result in performance issues for Office 365 apps.

Solutions- ExpressRoute or Managed SD-WAN?

Assuming that an enterprise was still fielding user complaints about Office 365 after implementing the best practices (like not “tromboning” Office 365 traffic through the corporate datacenter), there are two other network segments where issues may be occurring: the public internet path that the traffic is traversing, and the datacenter network where connecting (peering) with Microsoft’s network occurs.

ExpressRoute and Office 365 – Pros and Cons

One way to address the performance issue with cloud-based services like Office 365 is to move traffic off the public internet and onto more direct, private connections. ExpressRoute is Microsoft’s Azure’s direct connect service.

Enterprises can buy connectivity from a network service provider (NSP) that is a Microsoft ExpressRoute partner. The NSP has already connected with Microsoft at a multi-tenant datacenter, thus providing the “direct connect” between enterprise and the Office 365 service.

Both independent testing and real-world experience suggest that ExpressRoute will help performance for voice and video applications like Skype for Business and Office Teams, but not for Sharepoint and Outlook. In the latter instances, proximity to Microsoft’s POPs, along with sufficient bandwidth, are the key determinant of service quality.

Considering that employees, partners, and customers are accessing services via mobile devices, also that companies often have many offices around the globe, and IT managers quickly realize that ExpressRoute isn’t the answer for another reason: it’s hard to manage. Microsoft itself recommends using the public internet for cost and ease of implementation, compared to ExpressRoute.

Using the public internet for branch connectivity, while convenient and cost effective, has trade-offs in terms of control over jitter, latency and packet loss. Routing is done on a best effort basis, meaning, that good network paths to Office 365 will change based on traffic congestion at different network interconnection points. If the link goes down, your data is going to be re-routed along alternative paths along with everyone else’s traffic.

Managed SD-WAN and Office 365 – Pros and Cons

Going back to the example of Skype for Business, the issue of controlling jitter, latency, and packet loss can be aided by the use of SD-WAN technology.

One of the core features of SD-WAN is the ability to aggregate broadband links to remote or branch office sites and manage these links along with the core enterprise WAN through a centralized control plane. SD-WAN also has programmability, unlike MPLS, offering the ability to do automated failover to different network paths, for instance. The network manager gains more control over Office 365 traffic running on the enterprise WAN, but traffic management and monitoring capabilities end there unless the SD-WAN network is extended all the way to a datacenter where Microsoft has a POP for Office 365.

The cons? SD-WAN alone also doesn’t solve all performance problems if the underlying physical network isn’t architected with Office 365 in mind.

Managing Office 365-What else is needed?

The next requirement from the SD-WAN service should be the ability to provide an integrated look into network and application health. A managed MPLS service provider is mainly concerned with ensuring the network is meeting SLAs for uptime. Even an SD-WAN service alone does not solve performance problems.

For instance, one of the challenges of managing a large Office 365 deployment is ensuring firewalls and antivirus application are continually updated with valid URLs and IP addresses being used by Office 365. For many IT managers, this is still a manual copy and paste operation because their equipment doesn’t support update using Microsoft’s web services.

If network monitoring isn’t integrated with monitoring of other applications and hardware on the enterprise network, how does one go about determining the source of a performance issue? Is it simply because a config file in the firewall is outdated? Needless to say, it’s usually a lengthy process to correlate events across disparate systems. An integrated, end-to-end view of application and network performance is needed.

Conclusion

Office 365 adoption has increased dramatically over the last year. Application performance challenges have increased as a direct result of its popularity. Optimizing the performance of Office 365 applications presents challenges – each particular application has different usage characteristics and resource needs. Ultimately, a combination of SD-WAN technology, advanced monitoring and analytics is needed, underpinned by a re-architected enterprise network that leverages optimized network routes and peering relationships. All these elements need to come together to enable an application-aware network capable of properly supporting Office 365 performance requirements.

By Marc Casey

Derrek Schutman
Implementing Digital Capabilities Successfully Building robust digital capabilities can deliver huge benefits to Digital Service Providers (DSPs). A recent TMForum survey shows that building digital capabilities (including digitization of customer experience and operations), is the ...
Jonathan Custance
IoT –  Part of Your Essential Kit Jonathan Custance, Co-Founder of Green Custard outlines how industrial organisations can leverage IoT to dramatically reduce their carbon footprint  Technological progress and environmental sustainability have always been at ...
Dinesh Varadharajan
The Future with Automation Many entrepreneurs believe digital technologies will transform the way their companies work. By 2022, the worldwide hyper-automation technology market is expected to be worth $596.6 billion. And by 2055, almost half ...
Threat Security
Azure Red Hat OpenShift: What You Should Know What Is Azure Red Hat OpenShift? Red Hat OpenShift provides a Kubernetes platform for enterprises. Azure Red Hat OpenShift permits you to deploy fully-managed OpenShift clusters in ...
Gilad David Maayan
What Is SSPM? SaaS Security Posture Management (SSPM) is a set of security tools that an organization’s security team can use to gain visibility and manage security for their Software as a Service (SaaS) applications ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.