For Remote Sites, ADEM supports monitoring via three
paths - the Prisma Access path, the Secure Fabric path and the direct
path.
Prisma SD-WAN device monitoring—the ADEM agent
on the ION device monitors the following:
CPU utilization
Memory utilization
Historical trends
Remote site traffic visibility—ADEM continuously
provides visibility into real traffic usage between Prisma SD-WAN
remote sites and the applications, for traffic traversing through
Prisma Access, including traffic to SaaS applications, Infrastructure
as a Service (IaaS) applications, as well as traffic to applications
in your own data center.
Synthetic Monitoring—The ADEM-enabled SD-WAN site
and the cloud agents within Prisma Access use synthetic tests to
baseline end-to-end network quality metrics—latency, jitter, and
loss—for each segment from the remote site to the monitored applications
on all WAN paths (active and backup). In addition, ADEM-enabled
SD-WAN site and the cloud agents within Prisma Access also use synthetic
tests to collect web performance metrics, which capture metrics
about the HTTP and HTTPS transactions to a specific application,
including application availability and uptime, DNS lookup, TCP Connect,
SSL connect, HTTP latency, Time-to-First-Byte, Data Transfer rate
and Time-to-Last-Byte.
Because the synthetic tests are layered,
they give a good baseline view of the digital experience segment-by-segment
across all monitored applications, and allow you to quickly visualize
when and where a change occurred that led to degradation of your
users’ digital experience.
An ADEM enabled SD-WAN site can
monitor all WAN paths (active and backup) based on forwarding policies
configured on the SD-WAN. It can monitor Prisma Access path, Secure
Fabric path as well as Direct access path.
The three paths shown in the above image are described in detail
below:
Prisma Access Path
This path is used for
applications that are configured to use Prisma Access for security.
Secure Fabric (Prisma SD-WAN) Path
When using
this path, ADEM can monitor applications hosted on SaaS, IaaS, or
private applications hosted in a data center via the Secure Fabric
tunnel between the Prisma SD-WAN remote site device and Prisma SD-WAN
data center device.
Direct Access Path
When using this path, ADEM
monitors SaaS applications directly from the Prisma SD-WAN remote
site over the internet. This test does not go through the Prisma
Access or the Secure Fabric path.