Simplify SD-WAN Operations with Greater Visibility

Gain unmatched network and application visibility and control to deliver the highest quality of experience to users and simplify ongoing operations

Ensuring continuous operations and high levels of application performance is a challenging and often time-consuming task for IT. The process of troubleshooting poor application performance — aka a poor user-experience — becomes more difficult as the network becomes more complex with new technology transitions such as the migration of applications to the cloud, IoT and mobility. These technology transitions have created an unprecedented amount of data to be consumed by users and also to be handled by the infrastructure (network, storage, compute). Optimizing the infrastructure is paramount to ensuring application performance and availability to ultimately deliver the highest end user Quality of Experience.

The process of troubleshooting poor application performance becomes more difficult as the network becomes more complicated with new technology transitions such as the migration of applications to the cloud, IoT and mobility.

When users complain about poor application performance, it is often initially unclear to IT if the root cause is rooted in the network, a security breach, a misconfiguration, poor application design, insufficient allocation of resources to the application and so on. What can make troubleshooting even more challenging is the adoption of software-defined technologies like SDN and SD-WAN, which create multiple virtual networks that are decoupled from hardware.

No one disputes the benefits of software-defined technologies in improving management, application performance and accelerating deployments among other benefits. However, a solution that doesn’t provide embedded real-time visibility into network and application traffic burdens IT and increases time to resolution in addressing performance issues when they occur. It is estimated that 80 percent of IT resources are spent on IT operations — just keeping the infrastructure operating effectively (The Total Economic Impact of Cisco TrustSec, Forrester, Sept. 2016). Furthermore, 42 percent of IT time is spent troubleshooting problems. Another data point from Forrester Research reported that roughly one-third of application performance issues take more than a month to fix — or go unresolved entirely.

Increasing Network and Security Complexity

Why real-time visibility matters

The separation of the control and data planes in software-defined technologies along with the virtualized layers carrying different traffic types traversing the wide area network has created blind spots in the infrastructure that are difficult to detect. Real-time visibility into network and application performance metrics can take the guesswork out to speed problem resolution, enabling organizations to run more efficiently by:

1. Accelerating troubleshooting — downtime or slow application performance can be due to congestion, packet loss or security breach. Identifying the root cause of poor performance is rarely simple or easy. It often requires significant IT resources and time to determine if the cause of performance degradation is coming from the network, servers, storage or something else. You can't effectively address the problem until you identify and understand the root cause.

2. Applying preventative measures — having realtime visibility into network health and application flows, on a site by site basis, provides a visual basis to show where things went wrong and enabling IT to proactively avoid future downtime.

Capabilities in Unity EdgeConnect that simplify ongoing operations

Examining bits and bytes to identify and analyze the root cause of network issues or application performance degradation is frustrating, complex and time-consuming. The Silver Peak Unity EdgeConnectTM SD-WAN edge platform leverages adaptive intelligence and algorithmic measurements. The Unity OrchestratorTM centralized management system collects and mines a vast amount of network data in real-time and presents it in a centralized dashboard.

For example, if a user is experiencing slow application response times, a network administrator can quickly identify the root cause of the problem in hours, if not minutes, versus days or weeks. First, Orchestrator classifies data points based on applications which makes it easier for IT to identify and initiate the troubleshooting process. Then the SD-WAN tunnel and overlay that the application traverses is easily identified, along with the WAN path attributes, including packet-loss, jitter and latency. Orchestrator uses this information to generate a full map and view of the application path where the data is available to network administrators in tables and charts with filtering capabilities to quickly isolate the root cause. Service providers or enterprises can use the open API to send alarms or other data points to the NOC or other complementary analytical tools like Splunk, LogRhythm or Solarwinds to further streamline management.

This data provides all necessary aspects of monitoring critical services to maintain and operate the network with greater ease and efficiency. Furthermore, the platform creates a week's worth of data with context allowing IT to playback, similar to DVR, to see what has happened at that specific time and location.

Without this level of detail and real-time visibility, network administrators have a much more difficult time effectively monitoring and troubleshooting application performance — negatively impacting service delivery and end-user Quality of Experience.

A comprehensive dashboard (Figure 1) provides a complete at-a-glance view along with customizable widgets to monitor network attributes and applications in real time. IT defined widgets provide granular details on SD-WAN appliances, including their location, active tunnels, logical topology, appliance health heatmap, top talkers, alarms, MOS (Mean Opinion Score), applications and domains accessed, bandwidth consumed, flow count, latency, jitter, and packet loss (Figure 2).

Figure 1: The Unity Orchestrator dashboard provides a comprehensive view of network health and application performance
Figure 1: The Unity Orchestrator dashboard provides a comprehensive view of network health and application performance
Figure 2: Real-time monitoring of appliances by location, tunnels, bandwidth, flow, jitter, latency, loss, application type, MOS, alarms
Figure 2: Real-time monitoring of appliances by location, tunnels, bandwidth, flow, jitter, latency, loss, application type, MOS, alarms

Unity Orchestrator provides granular visibility into network and applications, including:

1. A topology map showing all IPsec tunnels across all appliances and geographic regions — displays an overview of appliance locations and the tunnels connecting them.

A topology map showing all IPsec tunnels across all appliances and geographic regions

2. A network-wide health map — provides a high-level view of network health based on the filter thresholds configured. Filters are available for packet loss, latency, jitter, MOS and alarms.

One hour color-coded blocks display the most severe events across the selected filters. Clicking a block displays a pop-up window with additional details about that event, the value that triggered it and any additional threshold breach for that appliance during the same hour.

A network-wide health map

3. Loss, jitter and latency charts — the Loss chart shows which tunnels have experienced the highest percentage of dropped packets. The jitter chart displays which tunnels experienced the most jitter; jitter can be caused by congestion across the LAN, firewall routers, access link bottlenecks, load sharing, route flapping, routing table updates and timing drifts. The latency chart shows which tunnels have experienced the highest transmission delay, generally as a result of congestion.

4. MOS — Mean Opinion Score is commonly used to measure the quality of audio and video. The value can be affected by loss, jitter and latency. The score can range from 1 to 5, a value of 4 is considered to be toll quality.

MOS - Mean Opinion Score

5. Alarms — for both Orchestrator and EdgeConnect appliances with three filtering options: active, history and all. Alarms are categorized into four severity levels: critical, major, Minor, or warning. Critical alarms require immediate attention, while major alarms should be addressed within 24 hours. Minor and warning alarms can be addressed at a convenient time for IT. Email alarm recipients can be configured to receive either Orchestrator and/or appliance alarms.

Health alarms summary of Orchestrator and appliances
Health alarms summary of Orchestrator and appliances
Health alarms summary of Orchestrator and appliances
Alarms table describes each alarm and recommended action

6. Tunnel bandwidth pie charts — show the proportion of bytes a tunnel consumes on the LAN and on the WAN. Mousing over the charts and the legends reveals additional information. The WAN charts identify the percentage of bandwidth the EdgeConnect SD-WAN has saved by optimizing the traffic.

Tunnel bandwidth pie charts

7. Application type and bandwidth consumption — application bandwidth charts show the amount of data transmitted and received by each application running across EdgeConnect appliances on both the LAN and WAN sides of the network.

Application Bandwidth
Application Pie Charts

8. Top-talker Charts — list the IP addresses that have consumed the most bandwidth.

Top-talker Charts

9. Flow counts by location — view, filter, and manage different types of flows for all or selected appliances. Network administrators can customize filters and options (i.e. host name, application, domain, protocol, VLAN ID, IP, Port, address map, location, inbound tunnel, outbound tunnel, etc.) to assist in troubleshooting and debugging.

Flow counts by location

10. Port Charts — list the ports that have consumed the most bandwidth.

Port Charts

11. Overlay-Interface-Transport — these charts display the distribution of traffic across three dimensions — overlays, interfaces, and transport. Each option can be viewed individually, or in relation to one another. For instance, for a given interface a network administrator is able to see how the overlay traffic is distributed. Also, administrators are also able to view how much traffic is transported from one Silver Peak appliance to another across the SD-WAN, in relation to how much is broken out locally, direct to the internet.


12. Country Charts — display bandwidth consumed by each country.

Country Charts

In summary, the EdgeConnect SD-WAN edge platform provides a wealth of contextual data that enables network managers to monitor network and applications effortlessly and efficiently. The embedded real-time monitoring capabilities into the Orchestrator, enabling network administrators to operate and maintain the network with greater ease, efficiency and effectiveness.

By providing complete observability of the entire WAN through a single pane of glass, IT spends less time troubleshooting network and application bottlenecks and fielding support/help desk calls day and night.

The Silver Peak platform ensures the highest quality of experience for both end users and IT. End users enjoy always-consistent, always-available application performance including the highest quality of voice and video, even over broadband. With adaptive local internet breakout, path conditioning and WAN optimization, Silver Peak enables IT to keep their users productive and happy.

Silver Peak also frees IT to reclaim nights and weekends, with high availability and resiliency that keeps the network operational even when underlying transport links experience disruptions or outages. Centralized orchestration makes changes faster and easier, minimizing human errors that results in faster trouble resolution, ultimately making IT more responsive to the changing needs of the business.