Monitor Your Remote Networks
Table of Contents
Monitor Your Remote Networks
Prisma Access for remote networks simplifies the configuration and management of
endpoints, ensuring users are always connected and secure.
Prisma Access for remote networks removes the complexity of configuring and managing
endpoints at every site. Add new sites and minimize operational challenges with ensuring
that users at these locations are always connected and secure. The Remote Networks
dashboard gives you a bird’s eye view (of health, connectivity of your Remote Networks, and the usage) of all your
Remote Networks deployed in different Prisma Access locations. It shows you the
real-time connectivity status and bandwidth consumption details, along with other
deployment details. Mobile Users, branch offices, and retail locations connect to Remote
Networks.
View the Health of Your Remote Networks
The Remote Networks > Monitoring Summary tab shows a summary of the health
of your Remote Networks, such as top open alerts, Prisma Access Location status,
site and tunnels status, and bandwidth utilization.
Top 5 Open Alerts by Severity
View the top five most severe alerts that are still
open. Select any alert to view its context or select View
All RN User Alerts to view all Remote Networks alerts
from the Alerts dashboard. This widget is
empty when your system is healthy and there are no alerts to display.
Deployed Prisma Access Locations
View the location of all the Remote Network sites and
their connectivity status in real time. You can see the status where
they are deployed around the world. You can hover over an icon to
see the number of offices connected and the number of Remote Networks
nodes that are up, down, in a warning state, or have an unknown
status.
Site and Tunnel Status
You can see the Remote Network sites and the tunnels
associated with them. The number of sites are typically less than
the number of tunnels, because a site can have multiple tunnels
associated with it. You can also see which sites or tunnels are
up, down, warning, inactive, or not available. The following status
are supported:
- Up—the tunnel is up
- Down—the tunnel is down
- Init—the tunnel is in the init state
- Inactive—this status indicates one of the following:
- The tunnel was removed from the configuration and therefore you cannot get the tunnel status
- No tunnel status was reported for four consecutive minutes
- Not available—The tunnel is in the init state or did not get initiated after configuration.
- Warning—The site is up, but one or more tunnels associated with it is down.
Top 5 Most Active Prisma Access Locations
Monitor the Prisma Access locations that have the most bandwidth consumption for your remote
networks. See the trends of their bandwidth consumptions in a graph. Hover your
cursor over the trend lines to see details of your bandwidth consumption at a
specific time or view the peaks and lows to better estimate the bandwidth
capacity for your environment. Select the location from the legend to isolate
its status on the trend line.
Top 5 Sites Approaching Max. Available Bandwidth
View the sites that are approaching their maximum allocated bandwidth and therefore need your
attention. You can see at a glance which site is about to reach the maximum
bandwidth based on its bandwidth allocation, so that you can plan for additional
capacity if needed. As a follow-up action, you could direct these sites to other
SPN nodes or provide additional bandwidth capacity for these sites. Hover your
cursor over the trend graph to see the bandwidth consumption for the site in
Mbps. The bandwidth is reflected in percentages.
Top 5 Sites Trends with Peak Bandwidth Utilization Over Time
This widget shows you the trends in the bandwidth consumption
by the top five sites. When you hover over the trend graph, it shows
you bandwidth in Mbps.
View Connectivity Status of All Deployed Remote Networks
The Remote Networks > Map View tab gives you an overview of the
connectivity status of all the Prisma Access Locations where remote networks are
deployed. Selecting a marker in the map gives you an overview of the health and
consumption metrics in detail. Drill into each of the locations on the map to get a
better understanding of the current health of your networks and connectivity over
time.
The inverted triangles on the map are color-coded to indicate Prisma Access location status:
- Green: All instances are up.
- Red: All instances are down.
- Yellow: Instances are a combination of up, down, and unknown, and may require your attention.
- Gray: All instances are unknown.
See Remote Network Site Details
The Remote Networks > Site List tab
lists all your Remote Network sites and their details.
Status Distribution
View the number of sites configured to your Remote Networks
and their real-time status. The widget is color-coded to display
the severity of the status. Click a color on the circle to filter
the Site list table below. For example, clicking on the yellow portion
filters the list to display all sites that have a warning status
along with the details associated with the status. Click again to
remove the filter. By default, the table displays the status for
all sites and locations. Select a site name to drill down specifically
into that site.
Bandwidth Consumption Over Time
View Aggregate Bandwidth Consumption trends across all Remote Networks.
The average tunnel bandwidth is computed as an average across all sites, while
the peak is reported as a peak value seen at any site and is not aggregated. To
see the trend chart for a single location or site, select an option from the
filter at the top left corner of the page:
- Prisma Access Location or Compute Location: The average across all the sites in a location and the peak value for any site in the location.
- Site: The average and peak bandwidth observed for the site.
All Remote Network Sites
The (Number of) Total Sites table displays an overview of all sites. The
following table shows data when aggregate bandwidth is deployed. Each site has a
primary and a secondary (or backup) tunnel configured. If both tunnels are up,
shown in the Tunnels (Current) column, the Site Status
says Up and shows a green circle. If only one tunnel is
up, the status is Warning with a yellow dot, and if both
tunnels are down, the status is Down with a red dot.
To view in-depth data about a specific remote network site, select
a Site Name to see tunnel bandwidth, round-trip
time (RTT), connectivity, and consumption trends about the site
you chose. Hover over the graphs to see details about the tunnel
bandwidth and RTT at that specific time.
The remote networks RTT graph shows the average RTT trend over the IPsec tunnel originating from
an remote network to its Prisma Access IPSec termination node. RTT,
expressed in milliseconds, measures the time taken to initiate a network request
from an originating source and receive the corresponding network response from
the target destination. RTT values can range from tens of milliseconds to
hundreds of milliseconds, with higher RTT values indicating link degradation
conditions resulting in degraded application experience for remote network
users. The RTT metric depends on factors such as propagation delay, queuing
delay, encoding delay, processing delay, and so on, of which the propagation
delay is generally considered the most significant. Depending on the
connectivity service offered by a service provider to your branch locations, the
propagation delay reflects delays in the path, very often the Internet, from
your branches to Prisma Access.
You can use the data in this graph to learn about RN tunnel connectivity
performance and the RTT metric variability over time. When you view
this data over a period of time, you may notice established patterns
that can be flagged as normal or anomalous, therefore requiring
further investigation and possible remediation.
Select a Compute Location from the Total Sites table
to open the IPSec Termination Node Utilization Details window,
which displays the bandwidth consumption details of each Security
Processing Node (SPN) in the site.
