| MPLS WAN Explorer extends Packet Design's route
analytics technology beyond enterprise borders to quickly
identify changes in network "reachability"
(the ability of IP traffic to move between any two sites
at a given time) and verify that the service provider
has deployed the MPLS VPN routing architecture according
to enterprise policy (e.g., hub-and-spoke, full mesh,
etc.). Enterprise IT managers, who previously had no
visibility into the routing of traffic over the service
provider's network, gain crucial information on issues
that can significantly impact service delivery.
While an increasing number of enterprises outsource
their inter-site wide-area network (WAN) routing to
service providers, those providers as yet offer no service-level
agreements (SLAs) for WAN routing. Furthermore, there
have been no management tools to show IT managers whether
such services are being delivered as contracted – or
when providers have made routing errors that can affect
service. MPLS WAN Explorer is designed to restore the
missing WAN visibility to enterprises, giving them the
information they need to troubleshoot, determine the
source of problems (i.e., enterprise vs. provider),
reduce operating costs, and effectively plan for network
growth and change.
MPLS WAN Explorer is an enhanced version of Packet
Design's original Route Explorer product, the first
network management system to provide organizations with
end-to-end visibility into their layer 3 (routing) topology.
By extending this capability across the VPN infrastructure,
MPLS WAN Explorer helps network managers quickly find
problems such as 1) loss of reachability to critical
servers even though all sites are connected, 2) a service
provider's failure to adhere to the customer's requested
topology, 3) loss of redundancy because a primary VPN
has gone down and traffic is being routed over a secondary
VPN, and 4) route "leakage" among service
provider customers, with the resulting compromised privacy.
These issues, while they may not display immediate symptoms,
can negatively affect network behavior and service delivery
– and are typically undetectable by conventional management
tools.
MPLS WAN Explorer also works with Packet Design's Traffic
Explorer to overlay actual enterprise traffic on the
network, including on the MPLS VPNs, and monitor it
by specific application and class of service using Netflow
data. This goes beyond the link-specific traffic information
gathered by conventional traffic-analysis tools, providing
site-level and site-to-site data that is aggregated
across all VPN connections.
Visualizing Complex Provider-Enterprise
Interactions
"VPN topologies are highly complex," said
Jeff Raice, Packet Design's executive vice president
of marketing and business development. "A large
enterprise may use several service providers, each providing
multiple VPNs. Corporate policy may dictate that certain
sites talk only to certain providers or VPNs, and some
VPNs may be implemented across multiple providers. Until
now, the enterprise's view of its WAN stopped where
the provider's network started. The IT manager had no
way of knowing if one site was reachable from another,
or of determining whether a WAN service problem originated
with the provider or the enterprise itself. Guesswork
delayed effective troubleshooting, while operating costs
shot up and users suffered.
"With 'MPLS WAN-aware' route analytics, users can
view the complex WAN topology beyond the edges of the
enterprise, using a detailed map that shows distinct
VPNs and highlights reachability problems. IT managers
need no longer fear losing control when outsourcing
their WAN routing. Now they can accurately assess how
well their providers are doing, and hold those providers
accountable for agreed-upon services and policies."
How MPLS WAN Explorer Works
Like Route Explorer, MPLS WAN Explorer listens passively
to routing protocol (BGP, OSPF, EIGRP, IS-IS) exchanges,
creating an accurate, real-time, network-wide routing
map that reveals clearly how each site is connected
to the VPN(s) and whether any given site can talk to
any other. Real-time inter-site reachability is compared
against an established baseline, helping identify possible
problems.
MPLS WAN Explorer offers the following capabilities:
- Reachability monitoring. Alerts can be triggered
to indicate partial or full loss of site-to-site reachability
(by site or VPN), routing instabilities, or enterprise
routing policy violations (e.g., departure from a
mandated architecture).
- Forensic troubleshooting. MPLS VPN Explorer records
a complete history of all routing events, which network
engineers can "rewind" and "replay"
to examine routing and traffic conditions at the time
a problem occurred. This lets them easily diagnose
inconsistent and hard-to-detect problems such as the
intermittent router failures known as "route
flaps," which can severely degrade service delivery.
- Root-cause analysis. If reachability between two
sites is lost, the user can drill down to determine
whether the problem occurred at one of the two sites
or within the service provider's network. Using a
path-tracing capability, the problem can be localized
to the routers and links that were carrying the application
traffic at the time of the problem.
- Modeling and planning. MPLS WAN Explorer works with
the as-running network, providing a completely accurate,
up-to-the-minute topology rather than an offline,
outdated model. The network manager can simulate changes
(e.g., bringing up a new site, assigning a site to
a different VPN) and immediately see their impact
on the topology.
- End-to-end traffic analysis. Used in conjunction
with Traffic Explorer, MPLS WAN Explorer can show
ingress and egress traffic reports (by site and WAN
link); site-to-site traffic statistics; traffic breakdown
by class of service (e.g., gold/silver/bronze) or
traffic type (voice, video, specific application);
and "Top N" reports (e.g., top talkers,
listeners, protocols).
MPLS WAN Explorer can scale to support thousands of
sites in a large enterprise. And because the product
leverages information from standard routing protocols,
no changes are required to the service provider's routers
or network. |
