Site Summary Dashboard
Focus
Focus

Site Summary Dashboard

Table of Contents

Site Summary Dashboard

Learn more about the Site summary dashboard in Prisma SD-WAN.
Where Can I Use This?What Do I Need?
  • Prisma SD-WAN
  • Active Prisma SD-WAN license
Starting with release 5.6.1 the site summary dashboard provides an information-rich display of branch-related metrics. These include new metrics such as network health as well as existing network, device and application metrics.
  • Select MonitorSites and then select a site to view the Site Summary widget.
  • The default time range to view the metrics is 3 hours but can be adjusted to shorter or longer periods of time depending on the desired scope of information.
  • For time ranges longer than 7 days a Network DVR license is required. For more information contact your Palo Alto Networks Account Team.

Site Health Overview

The Site Health Overview widget contains the Current Best Health Score and the Overall Site Consumed Bandwidth. Each of these metrics has a time series view that is displayed upon clicking.
The Current Best Health Score metric is determined by the Secure Fabric Link with the current highest score. In the time series chart the score is determined in any given time sample by the healthiest Secure Fabric Link at the site. This value will fluctuate as the health of the underlying network connectivity changes.
  • The Health Score metrics are available to customers with an active WAN Clarity or AIOps license. For unlicensed customers a trial preview is provided in the Prisma SD-WAN Release 5.6.1. For more information see, https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/autonomous-dem/autonomous-dem.pdf.
  • The Autonomous Digital Experience Monitoring (ADEM) for Remote Networks agent is delivered natively from the Prisma SD-WAN device software. The ADEM for Remote Networks agent provides visibility into cloud infrastructure performance, application performance and user traffic monitoring. This feature is available if ADEM is enabled for a site.

Current Overall Consumed Bandwidth

The Current Overall Consumed Bandwidth metric displays current total bandwidth consumption, ingress and egress bandwidth consumption as a raw value and as a percentage of the total available. Upon clicking the tab a time series chart of the ingress and egress consumed bandwidth are displayed in reference to the total configured bandwidth at the site.
The Circuit Connectivity and Health widget displays the name of the circuit, its physical connectivity, its tunnel connectivity, tunnel health, a time-series graph indicating the best-performing tunnel's health score over a period of time, and current consumed bandwidth both in egress/ingress direction.
Upon clicking a circuit there are several widgets displayed including Circuit Metrics, Insights, and Secure Fabric Connectivity and Health.
The Circuit Metrics widget displays the time-series graphs for the health score of the best performing tunnel and the circuit bandwidth utilization between the configured ingress/egress and the actual ingress/egress over time.
Insights are determined by the system using a suite of machine learning algorithms. These insights identify conditions such as:
  • Excessive Packet Loss Detected
  • Excessive Latency Detected
  • Bandwidth Upgrade Recommended
  • Configured vs Consumed Bandwidth Mismatch Detected
  • Low Circuit Throughput Detected
Insights are available to customers with an active WAN Clarity or AIOps license.

Secure Fabric Connectivity And Health

The Secure Fabric Connectivity And Health widget displays each of the Branch to DC Secure Fabric Links along with their respective Connectivity status, Health chart, and associated current link metrics Packet Loss, Jitter, Latency, and Link MOS.
Upon clicking a Secure Fabric Link a comprehensive view of link metrics is displayed in a time series chart. Along with the time range, the selected Secure Fabric can be changed as well as the Direction.

Circuit Health

The Circuit Health widget displays the list of tunnels with their name, connectivity details, and health score. It also displays the packet loss, jitter, latency, and MOS for the ingress or egress connections. You can also see the capacity prediction details at the circuit level.
The circuit's health score is calculated on a per-path basis, factoring in various elements such as ingress packet loss, egress packet loss, and round-trip time (RTT). The scoring mechanism takes into consideration both the circuit's load and its baseline, resulting in a more precise assessment of its health. To illustrate, consider a 100Mbps circuit: when it operates without any load but experiences 1% packet loss, its score will noticeably differ from the same circuit running at 100% load with 2% packet loss. This discrepancy in scores reflects our evaluation of circuit performance expectations during increased capacity utilization.

Consumed Bandwidth

The Consumed Bandwidth widget displays the circuit bandwidth utilization and the anomaly between the configured ingress/egress and the actual ingress/egress over time.

Devices

The Devices widget displays the device's name, status, software version installed, whether the Admin interface is up, its routing peers, the HA status, consumed CPU, and consumed memory data.
Additional controller connectivity status for Config and Events, Analytics, and Flows is available when you hover over or click the status icon.
Possible Device Connection States are:
  • Online: All three connections - Config and Events, Analytics, and Flows are online.
  • Partially online: Config and Events online and Analytics, and/or Flows may be offline.
  • Offline: All three connections - Config and Events, Analytics, and Flows are offline.

Top Events by Priority

The Top Events by Priority widget displays the list of the top events by priority. All events in the selected time range are displayed regardless of status including the Resolved and Acknowledged events are also displayed in the list. To view all current standing alarms select View All Site Alarms and Alerts. This will display the standing alarms regardless of time range.

Application Utilization

The Application Utilization widget displays information about the application utilization at the site during the selected time range. The total application ingress and egress traffic for the time range is displayed. The top 10 applications by traffic volume are displayed along with the other traffic. For each application the total bandwidth utilization, ingress, egress, and percentage of total traffic based on the bandwidth utilization. By clicking the ellipses flow information or the time series utilization data can be viewed.
The Recent Site Audit Logs widget displays the recent configuration changes made to the site within the selected time range. To see the full list of changes select View All Site Audit Logs.

TCP Connection Stats

The TCP Connection Stats displays the data related to the TCP connection metrics in the selected time range and includes four (4) metrics:
  • Init Success - A successful TCP connection was established
  • Transaction Success - After a successful TCP connection, a successful data transaction was observed.
  • Init Failure - A failed attempt to establish a TCP connection
  • Transaction Failure - After a successful TCP connection, a failed data transaction was observed.
The metrics for all TCP applications are initially displayed but, any one of the top 10 TCP applications can be selected to more narrowly focus on a specific top application.

Top Media Audio Performance

The Top Media Audio Performance widget displays statistical information about the observed Mean Opinion Score for audio traffic at the site. The top audio application by traffic volume is automatically selected but, other top 10 media audio applications can also be selected as needed. The MOS score is measured in both the ingress and egress directions. The median value for the selected time range is displayed along with a trend indicator to display any observed performance changes from the previous time period. The box plot displays the low, 25th percentile, median, 75th percentile, and high observed MOS scores. Upon hovering over the bar chart the numeric values are displayed. Recent flows for the media traffic can be viewed by selecting View Flows. The see detailed time series media performance metrics select View Media Activity.

App Health

App Health tracks each instance or service associated with a given application on all allowed paths. Statistics are always sent for an app/path pair as long as there is active traffic for that pair. In case of prolonged inactivity, records for app/path are not sent after 10 minutes of inactivity. A refresh record sent every 50 minutes shows the last known state of the app/path based on the previously known application health. No metrics are reported in the 50 minutes refresh records as there are no new flows.
The App Health chart reports are on a per-app basis. Select a site and an app to display data on your charts. Select at least one app to view the App Health by Path table. The health of the selected paths is indicated by color. The Health Events by Prefix table, associated with each application instance or service, displays all the transaction or init failures. Refer to the table to understand descriptions of the different health states.
Legend Description
Good Application is reachable on all paths. Indicates all prefixes on all paths are reachable.
Partially GoodOne or more instances or services associated with an application instance are not reachable on one or more paths. Indicates either some paths or some prefixes on a path are unreachable. A partially good path is not a cause for concern. Multi-origin applications such as Office 365 may display as partially good, but still be functioning well.
UnreachableAll instances or services associated with an application are unreachable. Indicates all used paths and prefixes on all paths are unreachable.
No Data No application data is available as the application does not use this path or is not allowed to use this path by its policy. Indicates that the application is not in use.

App Response Time

Prisma SD-WAN uses application response time to determine the path a flow may take and confirms that the path adheres to the application SLA. Application response time is a combination of Network Transfer Time (NTT), Round Trip Time (RTT), and Server Response Time SRT) metrics and calculated for a flow on each path before a decision is taken to send a flow on that path. These metrics reflect in the App Response Time chart.
The chart displays detailed information on the application transaction time for each prefix within an application. It determines network and server performance for a specific application, including information from the moment the client generates a request to the time the server receives the response in the cloud or the data center. It also takes into account L1 – L3 and L4 – L7 characteristics of an application, including end-to-end performance rather than just latency, jitter, and packet drops for an application.
App Response Time chart reports on a per-app basis. Select at least one app to view the App Response Time by Path table. The health of the selected paths are indicated by color. You can view specific Health Events table associated with each application instance or service with transaction or init failures. Refer to the above App Health to understand descriptions on the different health states.
Using NTTn, RTT, SRT, and UDP-TRT metrics, this chart provides information on the source of an under performing application.
  • Network Transfer Time (NTTn)—The measure of network congestion. The amount of time it takes to transfer incoming data from an external server to a local client.
  • Round Trip Time (RTT)—The measure of network latency. RTT is measured only for TCP flows and defined as the time taken between a forward and return related protocol exchange; TCP SYN to SYN-ACK for outbound flows, TCP SYN-ACK to ACK for inbound flows and the time between a data sequence and ACK of that data sequence.
    Thus, RTT is measured throughout the life of a flow and not just at the TCP establishment. Measuring RTT throughout the flows life allows the system to account for TCP proxy devices like WAN optimization in the path, providing a more accurate measurement of RTT.
  • Server Response Time—The amount of time it takes for the server to start transmitting data after it has acknowledged the client’s request. SRT measured for TCP flows only from the time request is received to the time the server sends the first response packet.
  • UDP Response Time (UDP-TRT)—The amount of time it takes for the server to respond to the UDP transaction request from the time the request is received. Currently, UDP-TRT provides information on UDP DNS traffic only.