Operational Efficiency with Palo Alto Networks Autonomous Digital Experience Manager (ADEM)

November 8, 2022

This blog post discusses an add-on for Palo Alto Networks Prisma Access that can provide a great deal of operational efficiency when it comes to troubleshooting performance related issues with remote networks.

 

The issue at hand is determining where to look when trying to solve for degraded network performance for SD-WAN connected branch offices and remote workers that are using Prisma Access. For anyone that’s been in a frontline IT support role, you know connecting the dots to locate the root cause of poor network performance can be a challenging proposition.

 

Here’s a common scenario: A remote employee calls the help desk and reports that their connectivity to an application residing in the data center is very slow over the VPN. Those of us who worked on troubleshooting for connectivity performance issues know that this usually leads to limiting the variables as much as you can. In most cases, we may not have visibility into some of these variables. For example, an employee’s home Wi-Fi or latency being experienced with their own internet provider, or a hotel’s Wi-Fi or internet connection. This leads to utilizing tools like ping and traceroute to try and gather data on where the issue may lie. We may have to walk this employee through several steps to look at things like CPU and memory utilization on their laptop as part of our troubleshooting. We may ask them to access different applications in the data center to try and limit the variables.

 

This “manual” way of troubleshooting can be time consuming, and it depends on the employee’s availability to assist in troubleshooting.

 

What if we could be more proactive instead of reactive? What if we had insight into every connection point in that employee’s access to that corporate application? What if we could have easy visibility into that employee’s laptop performance? What if we had insight into that employee’s Wi-Fi connection? Or if we could look for trends like a specific application was showing poor performance for everyone in a certain region of the country?

 

This is where Palo Alto Networks Autonomous Digital Experience Manager (ADEM) tool gives you that instant visibility into your Prisma Access mobile workforce and your Prisma SD-WAN connected remote networks. ADEM is an add-on to Prisma Access.

 

In Prisma Access for mobile users, ADEM is a module that is enabled in the GlobalProtect agent. Once enabled, the ADEM module collects data from the client machine. This provides ADEM with analytics like CPU utilization, memory utilization, Wi-Fi or local network monitoring. ADEM is also able to collect data around all the connectivity points through the respective ISP including connectivity through Prisma Access. In the ADEM console, in the mobile user view, all this data is presented with drill down capability into the client machine utilization, hop-by-hop analytic visibility and application response time to quickly identify the cause of poor user performance.

 

Image
palo_adem_img1.png

 

To monitor the remote-site-to-application performance for your Prisma Access SD-WAN remote networks, you license and deploy the ADEM for remote networks add-on in your Prisma Access tenant. In the Remote Sites view, we can see the same analytical data but now presented for each remote site and not just a single user view.

 

Image
palo_adem_img2.png

 

ADEM uses synthetic tests to collect network performance metrics (availability, latency, jitter and loss) for each segment (LAN, internet, Prisma Access and application), as well as end-to-end application performance metrics (DNS resolution time, HTTP connect, SSL connect, HTTP latency, time to first byte and time to last byte).

 

Collectively, ADEM for remote networks and Prisma Access can measure traffic levels, network performance and application performance—from the remote site, to and across Prisma Access, all the way to the web application, whether it is hosted privately, in the public-cloud or accessed directly over the internet.

 

ADEM gives you the ability to look at a performance overview for all of Prisma SD-WAN connected remote offices and mobile users in one screen.

 

Image
palo_adem_img3.png

 

What If I was able to drill down into a specific application to look at its performance and who may be impacted?

 

Image
palo_adem_img4.png

 

What if I was able to look at all applications and be proactive around poor performance?

 

Image
palo_adem_img5.png

 

Or drill down into a specific user and application?

 

Image
palo_adem_img6.png

 

Image
palo_adem_img7.png

 

How about insight to that employee’s machine over time?

 

Image
palo_adem_img8.png

 

One of the latest features to the ADEM is what is called “Self-Serve” ADEM. Self-Serve ADEM will now allow an individual mobile user to be alerted of performance issues that are being identified in their own environment.

 

Image
palo_adem_img9.png

 

Palo Alto Networks ADEM provides all the insight you need to quickly resolve performance and experience issues from either remote Prisma SD-WAN connected offices as well as your Prisma Access mobile workforce.

Anthony Tanzi
Partner Architect-Palo Alto Networks-Strata | Optiv
Anthony Tanzi has more than 20 years’ experience in the networking and network security space. As a Partner Architect focused on Palo Alto Networks, Tanzi is responsible for Optiv’s pre-sales enablement and support to accelerate growth between Palo Alto Networks and Optiv in existing and new markets across the U.S. and Canada. This includes training and enablement of the pre-sales team as well as supporting them in pre-sales Palo Alto Networks conversations as well as assisting in proof of concepts, running Ultimate test drives, perform best practice assessments as well as being a technical sounding board for Optiv customers. Tanzi works directly with Optiv’s dedicated Palo Alto Channel SE to drive technical enablement as well as being an advocate for our customers. He is also focused on supporting Optiv’s post sale implementation team and working with marketing on Palo Alto specific campaigns.

Tanzi came to Optiv as part of the acquisition of the Philadelphia based integrator Comm Solutions in 2017. While at Comm Solutions for 10 years, Tanzi lead the Palo Alto Networks practice as a pre-sales engineer, post-sale implementation engineer, certified Palo Alto instructor as well as holding his own Palo Alto user groups and other marketing functions and support.

Tanzi is a member of Palo Alto Networks Cyberforce and was the first partner engineer to reach the highest level of “Cyberforce Hero” in the United States as well as being the first worldwide to be awarded “Ultimate Cyberforce Hero”.

Optiv Security: Secure greatness.™

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.