What Is Cloud Application Prioritization?

Cloud application prioritization gives precedence to business-critical application traffic when a network is experiencing congestion, loss, or unstable links. This helps to enhance the user experience for SaaS and cloud-hosted apps that are regularly used by the business.

Cloud application prioritization can use various levers to implement prioritization, including:

• Application identification and classification
• Quality of Service (QoS) priority
• Traffic shaping
• Path steering

While application prioritization doesn’t ensure zero latency, it can help to reduce potential impacts on business-critical network traffic during times of contention. It’s also not a replacement for proper network design and capacity planning.

How Cloud Application Prioritization Works in Practice

Cloud application prioritization gives preferential treatment to certain types of traffic when links are busy, reducing loss and delay. Common prioritized traffic types include videoconferencing, remote desktop, customer relationship management (CRM), and payment workflows. Prioritization can be enforced using a few different levers and in various locations, such as edge devices, branch routers, gateways, or cloud-delivered control points, depending on the architecture.

What Counts as a “Cloud Application” in This Context?

Cloud applications include SaaS apps, cloud-hosted web apps, and IaaS-hosted internal apps that are accessed over the corporate WAN. Collaboration tools, CRM/ERP, remote access, dev tooling, and similar applications are examples of apps that may be cloud-based and benefit from prioritization. Additionally, supporting traffic, such as DNS and identity and auth flows, that these apps rely upon should be similarly prioritized.

However, identifying cloud applications can be tricky for several reasons. One is that IP addresses and ports can’t be trusted to identify modern apps due to the use of content delivery networks (CDNs), shared hosting, and dynamic endpoints. Also, the fact that most application traffic is encrypted makes it necessary to use metadata and classification for prioritization rather than payload inspection.

How Prioritization Is Different from Bandwidth Management

Prioritization differs from bandwidth management in that prioritization defines how available bandwidth is used, rather than allocating additional bandwidth. The goal is to ensure that business-critical apps have first priority on limited bandwidth when congestion is high.

For example, at times of congestion, real-time apps like videoconferencing will be prioritized, offering lower latency and greater reliability. In contrast, social media usage may be throttled or capped to reduce traffic volumes. This allows the company to achieve better performance for key apps with a lower amount of total bandwidth.

Why Cloud Applications Need Prioritization

Some cloud applications, such as videoconferencing, are extremely latency-sensitive. Latency can introduce laggy video, impair employee productivity, damage the customer experience, cause lost sales, and contribute to higher ticket volumes for IT helpdesks.

At the same time, cloud applications struggle with distributed users, shared network links, unpredictable Internet routing, and bursty background traffic. As a result, businesses with “enough bandwidth” may still experience network congestion due to microbursts, peaks, and last-mile constraints.

What Performance Problems Does Prioritization Actually Reduce?

Cloud app prioritization is designed to address impacts that directly impact the user experience, such as:

• Latency
• Jitter
• Packet loss

For some types of traffic, like voice/video and interactive apps, even small delays can cause significant lag, and hurt the user experience. In contrast, short delays and network congestion have minimal impact on more throughput-heavy tasks, such as backups or OS updates. When a micropeak causes a small window of congestion, prioritization defers these throughput-heavy tasks to prioritize/applications where the potential delays would actually be noticeable.

When Does Prioritization Not Help?

Prioritization can be a useful tool, but it’s not perfect. Some issues it can’t solve include:

• Constant Congestion: Prioritization depends on the ability to delay some traffic to a less-congested time in the near future.
• Incorrect Identification: If apps are misidentified, the wrong traffic will be given priority.
• Upstream Congestion: If congestion is outside of your control, then localized prioritization may have limited impacts.
• Priority Inflation: If all traffic is labeled as top priority, then no traffic is actually prioritized.

Prioritization addresses temporary congestion in an otherwise healthy and well-sized network. If any of these issues exist, the organization needs to address the root cause of the problem via capacity planning, routing architecture, and app rationalization.

How Cloud Application Prioritization Works

Setting up cloud application prioritization is a multi-stage process that includes discovery, classification, and priority assignments. From there, the organization can deploy and enforce the system in production, monitor, and adjust as needed.

Cloud application prioritization can be deployed to complement path selection when multiple links are available. Assigning critical apps to better-performing paths can automatically reduce latency and loss without the need for prioritization.

How Are Applications Identified and Classified?

Applications can be identified and classified via various methods, including:

• Application signatures
• Categories
• IP ranges (less reliable)
• Port/protocol (least reliable)
• DSCP marking

After applications are identified, they can be classified via policies. Often, policies are defined based on the combination of the application and the user/group, site, and traffic direction. Policies may also have exceptions and overrides, such as break-glass, executive rooms, and call centers.

What Role Do QoS Markings and Queues Play?

Quality of Service (QoS) markings are appended to network packets to help network devices identify and apply appropriate policies. For cloud application prioritization, they encode the classification and prioritization that differentiates business-critical apps that require priority from traffic that should be capped or throttled.

Queues are memory buffers where packets can be temporarily stored while they wait their turns to be transmitted. Different priorities of traffic will be assigned to different queues, which decides how much bandwidth will be allocated to each of the types of traffic.

The Traffic Signals and Metrics That Matter Most

When assessing the effectiveness of app prioritization, look at metrics that impact the user experience, such as latency, jitter, packet loss, etc. These metrics should be measured at various points, including the endpoint, branch edge, WAN path, and cloud edge. Additionally, it’s important to take and use granular measurements since small periods of congestion can be concealed by broad averages.

How Do You Know Which Apps Are Truly “Critical”?

When implementing prioritization, it’s vital to properly identify business-critical apps. Key criteria to consider include:

• Revenue impact
• Operational dependency
• Customer-facing
• Compliance
• Time sensitivity
• User population

A good place to start is identifying a few workflows that are central to the business, such as payment processing for e-commerce. From a vital app, map out the dependencies, including both obvious and hidden ones, such as identity providers, DNS, and device management. Labeling all of these together as a single class should enhance the performance of the workflow as a whole.

How Do You Validate That Prioritization Is Working?

Validating prioritization can be difficult without digging into the network traffic itself. Key effects to look for include:

• Improved stability under load
• Fewer spikes in jitter and loss for critical traffic
• Reduced tickets

Prioritization can be tested in a controlled environment, such as a lab or pilot site, by introducing intentional congestion to the network and monitoring effects on key systems. Additionally, teams can compare performance before and after implementation for the same time windows and workloads.

When testing, it’s important to look at all critical applications to ensure that a fix doesn’t enhance one while breaking the other. Also, since business needs can change, regular reviews should be performed to update classifications and prioritizations as needed.

Common Policies in Cloud Application Prioritization

Cloud application prioritization policies generally focus on separating high-priority and bulk/bandwidth traffic. Each of these requires special handling that differs from the rest of the organization’s network traffic.

Which Applications Typically Get the Highest Priority?

Top priority should be given to applications that are important to the business and iterative, with a low tolerance for jitter or loss. Common examples include:

• Voice/video conferencing
• Remote desktop and VDI
• Call center tools
• Payment workflows
• Time-sensitive authentication flows

Different organizations may have different critical apps, so it’s important to validate on a case-by-case basis. While executive exceptions may be needed in some cases, they should be limited to avoid policy sprawl.

How Should You Treat Bulk and Background Traffic?

Bulk and background traffic is less important or latency-sensitive and can be handled via capping, rate limiting, or scheduling for off-peak hours. Common examples include:

• Backups
• OS updates
• Large file sync
• Patch downloads
• Media streaming

In some cases, an organization may have high-volume but important traffic, such as software builds or data pipelines. These may require custom policies or the use of path selection (where available) to limit the impact of these flows on latency-sensitive apps.

Implementing Prioritization Across Branches and Remote Users

Prioritization should be deployed via a staged process designed to standardize templates and policies as much as possible while addressing consistency challenges across heterogeneous links and sites. Common challenges to consider include remote users whose traffic should be prioritized at the edge of the corporate WAN and conflicts between policies, which should be managed via ordered rules.

What Is a Safe Rollout Plan?

A safe rollout plan involves a staged process designed to maximize time to value. Often, this includes selecting 10-20 apps, including the most critical ones and the unimportant ones that consume the most bandwidth.

Policies for these should be deployed in a couple of representative sites with monitoring and rollback plans in place and clear definitions of success criteria. Once deployment is successful in the pilot, the rollout can be expanded iteratively to include additional sites or applications.

What Are the Most Common Mistakes to Avoid?

When rolling out cloud application prioritization, some of the most common mistakes include:

• Priority Inflation: Top priority should be granted to only a small number of business-critical apps.
• Ignoring Dependencies: Failing to prioritize dependencies like authentication and DNS can break business-critical workflows.
• Overfitting: Policies should be kept as general as possible and not overfit to a single site’s traffic patterns.
• Missing Enforcement: Marking traffic does nothing without enforcement based on those markings.

No Follow-up: Policies should be reviewed and updated regularly, especially after changes to application portfolios.

FAQs about Cloud Application Prioritization

Is cloud application prioritization the same as QoS?

No, QoS is a broad class of functions and methods used to manage network traffic to enhance the performance of certain apps. Cloud application prioritization focuses on prioritizing cloud applications and data streams and is a specific way of implementing QoS for these apps.

Do you need SD-WAN to prioritize cloud applications?

No, cloud application prioritization can be implemented in several different ways. However, SD-WAN-style architectures commonly include all of the required capabilities, including app identification, policy, and multi-path steering.

How many priority tiers should an organization use?

In general, three or four tiers are sufficient to implement prioritization, separating out business-critical apps and heavy bandwidth users from the rest. Implementing too many tiers can backfire since it adds work without providing meaningful benefits.

Can prioritization fix poor call quality on its own?

It depends on the root cause of the issue. Prioritization helps when network links are temporarily congested; however, it can’t help with chronic issues related to link health. Understanding and addressing the root cause of the issue is essential to fixing chronic poor call quality.

How often should prioritization policies be reviewed?

Prioritization policies should be reviewed regularly and in response to certain events. For example, a team may perform quarterly reviews along with extra reviews after significant application changes or incidents. These reviews should include pruning and simplifying policies where possible to avoid policy bloat.

How Cloud Application Prioritization Improves Cloud Application Performance Over Time

Managing cloud application performance is an ongoing challenge since changes to an organization’s application portfolio and business needs can force reclassification at any time. For this reason, teams should continuously monitor and measure key metrics and regularly review policies.

When first starting out, the focus should be on enhancing performance and reliability for top, business-critical apps, then expanding as needed. Throughout the entire process, details such as app tiering decisions, policy intent, exceptions, and validation results should be clearly documented for future use.

Defining the right policies, enforcing them, and continuously monitoring and measuring are vital to success. Done well, application prioritization offers more consistent app experience under load, fewer avoidable disruptions, and clearer visibility into what actually drives performance.