Palo Alto Networks ADEM | Optiv
This blog post discusses an add-on for Palo Alto Networks Prisma Access that can provide a great deal of operational efficiency when it comes to troubleshooting performance related issues with remote networks.
The issue at hand is determining where to look when trying to solve for degraded network performance for SD-WAN connected branch offices and remote workers that are using Prisma Access. For anyone that’s been in a frontline IT support role, you know connecting the dots to locate the root cause of poor network performance can be a challenging proposition.
Here’s a common scenario: A remote employee calls the help desk and reports that their connectivity to an application residing in the data center is very slow over the VPN. Those of us who worked on troubleshooting for connectivity performance issues know that this usually leads to limiting the variables as much as you can. In most cases, we may not have visibility into some of these variables. For example, an employee’s home Wi-Fi or latency being experienced with their own internet provider, or a hotel’s Wi-Fi or internet connection. This leads to utilizing tools like ping and traceroute to try and gather data on where the issue may lie. We may have to walk this employee through several steps to look at things like CPU and memory utilization on their laptop as part of our troubleshooting. We may ask them to access different applications in the data center to try and limit the variables.
This “manual” way of troubleshooting can be time consuming, and it depends on the employee’s availability to assist in troubleshooting.
What if we could be more proactive instead of reactive? What if we had insight into every connection point in that employee’s access to that corporate application? What if we could have easy visibility into that employee’s laptop performance? What if we had insight into that employee’s Wi-Fi connection? Or if we could look for trends like a specific application was showing poor performance for everyone in a certain region of the country?
This is where Palo Alto Networks Autonomous Digital Experience Manager (ADEM) tool gives you that instant visibility into your Prisma Access mobile workforce and your Prisma SD-WAN connected remote networks. ADEM is an add-on to Prisma Access.
In Prisma Access for mobile users, ADEM is a module that is enabled in the GlobalProtect agent. Once enabled, the ADEM module collects data from the client machine. This provides ADEM with analytics like CPU utilization, memory utilization, Wi-Fi or local network monitoring. ADEM is also able to collect data around all the connectivity points through the respective ISP including connectivity through Prisma Access. In the ADEM console, in the mobile user view, all this data is presented with drill down capability into the client machine utilization, hop-by-hop analytic visibility and application response time to quickly identify the cause of poor user performance.
To monitor the remote-site-to-application performance for your Prisma Access SD-WAN remote networks, you license and deploy the ADEM for remote networks add-on in your Prisma Access tenant. In the Remote Sites view, we can see the same analytical data but now presented for each remote site and not just a single user view.
ADEM uses synthetic tests to collect network performance metrics (availability, latency, jitter and loss) for each segment (LAN, internet, Prisma Access and application), as well as end-to-end application performance metrics (DNS resolution time, HTTP connect, SSL connect, HTTP latency, time to first byte and time to last byte).
Collectively, ADEM for remote networks and Prisma Access can measure traffic levels, network performance and application performance—from the remote site, to and across Prisma Access, all the way to the web application, whether it is hosted privately, in the public-cloud or accessed directly over the internet.
ADEM gives you the ability to look at a performance overview for all of Prisma SD-WAN connected remote offices and mobile users in one screen.
What If I was able to drill down into a specific application to look at its performance and who may be impacted?
What if I was able to look at all applications and be proactive around poor performance?
Or drill down into a specific user and application?
How about insight to that employee’s machine over time?
One of the latest features to the ADEM is what is called “Self-Serve” ADEM. Self-Serve ADEM will now allow an individual mobile user to be alerted of performance issues that are being identified in their own environment.
Palo Alto Networks ADEM provides all the insight you need to quickly resolve performance and experience issues from either remote Prisma SD-WAN connected offices as well as your Prisma Access mobile workforce.
Gloss