Know, Understand, Execute: Network Monitoring and

#vmworld

NEDG2576BU

Know, Understand, Execute: Network Monitoring and Analytics with SD-WAN

Tony Banuelos, Product Line Manager

Jaspreet Bhatia, Technical Product Manager

NEDG2576BU

#vmworld #NEDG2576BUVMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Disclaimer

This presentation may contain product features or functionality that are currently under development.

This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.

This information is confidential.

2

The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation to deliver any items presented herein. VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Agenda

3

VMware SD-WAN Overview

Optional subtitle

Network monitoring

Optional subtitle

Network monitoring enhancements

Optional subtitle

External network monitoring interfaces

Optional subtitle

External monitoring tools integration

Optional subtitle

VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc. 4

vSphere

BRANCH

BRANCH

EDGE/IOT

TELCO/NFV

BRANCH

BRANCH

DCDC

DC

BRANCH

Virtual Cloud Network

Tied Together.Everywhere.

vRNI

CLEAR VISIBILITY

Containers | Virtual Machines | Bare Metal

VCN


6©2019 VMware, Inc.

VMware SD-WAN by VeloCloudOverview



Branch Data center100s to 1000s

Expensive Private Lines, Capex and Opex

Slow Deployment Times

Backhaul for Cloud Services

Applications Run Slow

Private Line (MPLS)

Traditional WAN ChallengesExpensive, Complex and Inefficient



Use Multiple Transports, Reduced costs

Optimized Cloud Access

Assured Application Performance

Ease of Deployments

SD-WAN Edge

SD-WAN Edge

MPLS+Broadband+LTE

Apps move to cloud

Data centerBranch100s to 1000s

SD-WAN Network Benefits



Cloud-Delivered Network for Today’s Cloud Era

Data Center Application Storage Network

The Cloud is the..



Simplified WAN Management

Assured Application Performance

Managed On-ramp to the Cloud

VMware SD-WAN by VeloCloud Benefits

Branch Edges

SaaS / IaaS

Zero-touch deployments, simplified operations, one-click service insertion

Direct cloud access with performance, reliability and security

Datacenter Edges

Transport independent performance for the most demanding apps, leverages economical bandwidth

SD-WAN OverlayPrivate /MPLS 3G/4G LTE

Internet Broadband

VMware SD-WAN Orchestrator

Cloud Gateways

Software Defined WAN Overlay



Cloud Infrastructure

Cloud Scale Redundancy

SSAE16 Type II Audited Data

Centers

99.99% Reliability SLA

Regions

30

Orchestrators

60+Gateways

900+



Hyperscale

Client to Cloud to Container

Emerging Trends for WAN Edge

Multi- & Hybrid Cloud

Native Advanced Security

Advanced Analytics

Self-healing Networks

SD-WAN enables all enterprises to reach any cloud - private, public, mid-mile, security, application, IoT - securely at scale.VMworld 2019 Content: Not for publication or distribution


• Drives automation and optimization

Assured Application Performance over Any Type of Link

VMware SD-WAN DMPO - MEASURE, STEER, REMEDIATE

• Sub-second steering without session drops

• Aggregated bandwidth for single flows

• Protects against concurrent degradation

• Enables single link performance

Dynamic Per Packet Steering

On Demand Remediation

Continuous Link Monitoring



Video conference over a WAN link with 2% packet loss

End-user Experience

Without VMware SD-WAN With VMware SD-WANVMworld 2019 Content: Not for publication or distribution


• O365 on a Single Link (Brownout condition) from Branch in Thailand to Gateway in Singapore

VMware SD-WAN

Non-SDWAN

Optimized Performance for Cloud Apps – Office 365



10x faster response time

SD-WAN Solution – SaaS/Data Performance

Dual 20Mbps Links / 50 MB Box File Transfer

Without SD-WANby VeloCloud

VMware SD-WANby VeloCloud

No Loss 22 sec 12 sec

2% Packet Loss 134 sec 13 sec



How do I know my SD-WAN is working? • Network availability

• Predictive Application Performance

• Alerts and Notifications

• Troubleshooting

• Trending and Capacity Planning



Real-Time Network Stats Summary

Enterprise Network Overview

• Update timer can be changed

• Sums of Network Status:

• Edges status with Quick view of Tops per category

• Links status with Quick view of Tops per category (coming)

• VNF status

• HA (Active Standby Pair) status

• IPSec tunnels (via GW) status

• Sums of Configurations:

• Profiles usage

• Segments usage

• Software Version

Edges status summary Links status summary

Enterprise wide Edge summary list

Enterprise wide VNF hosting, HA, NVS and configuration status



VMware SD-WAN Network State

VMware SD-WAN Network Monitoring

• Site/Edge monitoring landing page:

• Map sites to physical locations and obtain get site status by color code

• Obtain Edge details ( SW version, link status, HA status, profile assigned, etc.)

• Use search tool to sort and find Edges with common state



SD-WAN site Overview


• Per site Network Status

• Two sections under overview tab

• Link Status:

• Cloud and VPN state

• WAN Interface

• Link Status

• BW capacity

• Throughput

• Quality Metrics: Latency, Jitter, Packet Loss

• Enable/disable alert notifications

• Bandwidth Usage:

• Top Applications

• Top App Categories

• Top Sources (Users)

• Top OS (Requires DHCP server role)

• Statistics can be analyzed across time (last 60 minutes up to 2 weeks

• Enable ”Stay in live mode” for real-time monitoring

Link measurements (historical or real-time)

Data usage summary



VMware SD-WAN Quality of Experience – predictable app performance


• Quality of experience (QoE) score for voice video and transactional traffic

• QoE score calculated for transport links as well as VeloCloud Enhanced Overlay tunnel

• At a glance view of ISPs not meeting SLAs (Before) and whether user experience is being affected (After)VMworld 2019 Content: Not for publication or distribution


Measure and Report per Transport Link


• Detailed link metrics

• Ability to run measurements in real-time or historical trends

• Show TCP and UDP details in ”Live Monitoring” to understand protocol data usage

• See top applications per linkVMworld 2019 Content: Not for publication or distribution


Identify top applications

VMware SD-WAN Network Visibility

• L7/Application level visibility

• Obtain top applications based on data usage

• Click an application to see top users, top destinations and which transport group

• Change viewing time range to see up to 2 weeks of application usage trendsVMworld 2019 Content: Not for publication or distribution


Top Talkers and their applications


• Obtain per device application usage trends

• Devices identified by IP address, MAC address or hostname (manually assign a hostname if DNS resolution not available)

• Each client device identified by a color on the graph

• Identify anomalous network usage and pin point the culprit sourceVMworld 2019 Content: Not for publication or distribution


Analyze SD-WAN Top Destinations


• Visualize traffic to destination server(s) for a given application

• View destinations stats by domain, FQDN or IP address

• Quick insights on destination data usage based on color coded measurements

• Click a destination to see served application and top users



System Level Health


• Edge health stats across time

• CPU, Memory, Tunnel count, Flow count and Handoff Queue drops.

• Min, Max and Average value over an 8 hour period by default



Centralized Route Monitoring

Overlay Flow Control

• Single pane enterprise view for routing

• Both underlay and overlay routes

• Quickly identify incorrectly learned routes

• Identify, click and fix

• Monitors dynamic, locally connected and static routesVMworld 2019 Content: Not for publication or distribution


SD-WAN Network MonitoringWhat enhancements are coming?



Export site analytics

SD-WAN network reporting

• Generate network status report

• Once-click option with defaults or custom

• Provide network insights and business impact



Export network performance and analytics

SD-WAN network reporting

• Generate detailed network status report and export to .pdf or .csv

• Once-click option with defaults or customized report

• Provide network insights and business impact to leadershipVMworld 2019 Content: Not for publication or distribution


VMware SD-WAN MonitoringPath Visibility

QoE scores between sites

OUZO

• site-to-site metrics (jitter, latency, packet loss)

• Data usage statistics

• Quickly diagnose user experience impact

• historical network insights and real-time monitoring

• Ability to generate a printed report



VMware SD-WAN Network MonitoringNotifications and Alerts



System Events

VMware SD-WAN Monitoring



Service Alerts


Alerts Configuration

• Enable alerting for service disrupting events

• Alerts sent to admins via SMS and/or email

• Send Alerts to SNMP trap collector/incident response system



Troubleshooting



Troubleshooting


• Edge Remote Diagnostics

• Ping

• Traceroute

• DNS lookup

• Real-time Interface status

• List active flows

• List Clients (DHCP server)

• List Paths

• System Health stats

• VCRP, BGP and OSPF

• Bandwidth test

• PCAP capture

• Diagnostic bundle for advanced support



External Network Monitoring InterfacesNetFlow, Syslog, SNMP and API



External Monitoring Interfaces


VMware SD-WAN Orchestrator VMware SD-WAN Edge

RESTful API

• VCO exposes API to retrieve

• Network Topology

• Flow metrics

• Link Quality Events

• Events

• And more….

Open Interfaces

• Edges stream network related information using

• NetFlow IPFIX

• SNMP

• SYSLOG (Events and Firewall logs)

Windstream SD-WAN portal

Plixer SD-WAN report



VMware Network Insights Integration



Users/Apps/Data

VMs, Containers, Microservices

Branch Offices,WAN

Public Clouds

Telco Networks

Private Data Centers,

WAN

Pervasive visibility, application-centricity, and self-driving operations for Net/Sec/App ops.

The Virtual Cloud Network Monitoring & Operations

The Virtual Cloud Network

Discovery Visibility Analytics

Planning Troubleshooting Metrics/Insights

Sec Enforcements Threat Analysis Compliance

Sec

App

Net

OPS

NI

NI

NI

NI

NI

NI

NI

NI

NI

NINI

Real-Time Search Alerts/Events Self-Heal/Mitigate

SD-WAN/Edge-Routers(VeloCloud)

vRealize Network InsightvRNI/NI



Agent-less, Vendor-neutral, End-to-End, Scale-out Software Solution

vRNI: Most Comprehensive Network & Security Visibility Solution

VMC, Public Clouds

(VMC, AWS, Azure, etc.)

Containers(K8s, PKS,OpenShift)

Virtual(NSX V & T,

PACE,vSphere)

Physical Network(Switches/Routers)

vRNI

FW and LBs SD-WANEdges

In-band Telemetry



End-to-end Visibility and Analytics across Branch, WAN, SDDC, Cloud for NSX/non-NSX customers


Assessment Visibility & Analytics Troubleshooting Capacity Planning

Use-Cases

Security*

Analyze existing WAN Infra B/W analysis, type of traffic, Infra/App QOE Cost Optimization Recommendation

Dashboards, Site/App/Flow Analysis Top Performance Dashboards Analytics Path visibility and hotspots

(SDDC to branch to SAAS apps)

Predictive based on ML Current capacity based

on analytics.

Unprotected Apps Business Policy

recommendation Audit & Compliance

*Future

VCO

Edges/Hubs

Config, Runtime

IPFIX, SNMP*



DEMO



• VMware SD-WAN platform delivers enterprise wide monitoring and short-term analytics

• Fast notifications of service impacting events

• Centralized advanced troubleshooting capabilities

• SD-WAN platform offers open Interfaces to integrate to external monitoring tools (API,

NetFlow IPFIX, SNMP*, Syslog*) for advanced long-term analytics

Summary




Book Signing

(Expo floor near VMworld Booth)

Visit Us in the Network Edge Zone

Breakout Sessions (Thurs)

C

1:30pm - 2:30pmAchieving a Best-of-Breed SD-WAN Technology Ecosystem

Available in the bookstore!

Visit us online for a digital copy

Available on Amazon!

We

dn

esd

ay S

ess

ion

s

www.velocloud.com @VeloCloud







Reference slides



VMware Smart AssuranceOperators view of the network



5G InternetVoLTE IoTIMSEPCSD-WAN IPTV

Cro

ss-T

ier

Co

rre

lati

on

Infrastructure Tier

Virtualization Tier

Access Tier

Services Tier

Ela

stic

ity

Transport Tier

Optical

FTTx

MetroE

Customer Edge

Core

Public

MPLS

HFC

SD-WAN4G/5GVPNBroadband

AppsAnalyticsBursting

CNFIoT5G OpticalNFVi

VNFCNFNFViBackbone

VMware Smart AssuranceIntelligent operations. Cross-domain, edge to core visibility

Tenants & SLAs



Service Assurance Integrating VMware SD-WAN by VeloCloud

VMware Smart Assurance

VMware SD-WAN Orchestrator

SD-WAN Edge SD-WAN Gateway

Service Impacting Events | Service Changes Logs | Link Statistics

Monitoring

Troubleshooting

Automation

Performance Root Cause Analysis

API integration



InternetPublic Internet

PrivateCircuit

SD-WAN Orchestrator

PrivateMPLS

ProviderEdge

Edge:Appliance or

Virtual

EnterpriseData Center

Edge Cluster

ProviderEdge

Hybrid Data Center

Automated discovery and topology mapping of SD-WAN & physical

RCA of problems in in SD-WAN fabric

Impact analysis – map edges to authorized applications/services

* To monitor MPLS network, Smart Assurance must be licensed for network

VMware Smart Assurance

Single Pane of Glass ViewLAN, WAN, NFV, SDN and SD-WAN environments



Automated Root Cause Analysis + Business ImpactUnderlay and overlay events correlation with impact analysis

Automated Root Cause Analysis:

Correlates

• SD-WAN infrastructure

• Services/Applications

• Tenants

• LAN infrastructure

• Virtual infrastructure

• WAN network

Applies impact score for prioritization

• Importance of service or customer/tenant

Alarms have been reduced from 210 to 36

Impact score shows the

importance of the issue from a

business perspective



Splunk Integration



1. The custom Splunk App periodically retrieves event logs from a VeloCloudOrchestrator (VCO) and output the logs to Splunk for consumption.

2. The provided app is a Splunk input add-on specifically used to poll the VCO Rest API to get Edge events.

3. The custom Splunk app will use the user provided username and password to authenticate with the VCO and subsequently call the VCO Rest API using the returned session cookie to get the event logs. The API call utilizes the /event/getEnterpriseEvents method

Retrieving VCO Logs from Splunk














Documents

Know, Understand, Execute: Network Monitoring and