When talking to infrastructure and operations teams, one common concern when moving to a SASE architecture is the loss of visibility and control that they have historically been accustomed to. Overnight traffic destined for critical business applications, both private and public, routes through what is often seen as a black box, or in today’s world, more of a “gray cloud.” Providing full visibility, including what is happening within the SASE platform, becomes a key requirement, allowing networking teams to answer questions including “Why is Salesforce slow for all my users in a specific country” or “Why is the CEO’s important WebEx call breaking up?”
With the launch of Netskope Proactive Digital Experience Management (DEM), we are enabling customers to answer these questions quickly and efficiently, including an understanding of the per component latency within the SASE platform—and more importantly enabling both self-healing and customer driven remediation. All of which helps networking teams reduce both incident mean time to detection (MTTD) and mean time to resolution (MTTR).
So why Proactive?
Far too often, network operators have to react to issues. We wanted to proactively manage and remediate issues where possible and that requires both deep insight and full control of all aspects of the platform. To be truly proactive and correct for all networking issues, we need full control of our connectivity, one of the key benefits of our decision to deploy our own private cloud environment and not rely on public cloud providers.
What’s SMART about it?
Conventional DEM tools available in existing SASE platforms rely on only synthetic probes, but this does not provide the insight needed to spot transient issues and fully troubleshoot a specific transaction issue.
At the very core of Netskope Proactive DEM is a comprehensive set of both Customer and Netskope controlled monitoring capabilities that we are calling Synthetic Monitoring Augmentation for Real Traffic, or SMART Monitoring. SMART Monitoring utilizes a combination of both Real User Monitoring (RUM) to investigate issues from a user, network, or application perspective and Synthetic Monitoring (STM) components, used both to monitor for potential issues and provide in-depth network performance tracing. With the ability to monitor at the endpoint, from within the customer network, from any location on the internet and within the Netskope SASE platform, Proactive DEM offers the most comprehensive view of traffic flow offering four stages of visibility. These stages include:
- Endpoint health and performance metrics
- Pinpoint the source of a performance issue related to the endpoint. Is the user laptop utilizing 100% cpu? Do they have too many processes running?
- Hop by Hop visibility to the SASE platform
- Pinpoint the source of the issue. From poor wifi performance, network congestion or packet loss on home broadband/5G, through to a core issue with the peering to the Netskope POP.
- Visibility into the SASE Platform
- As we believe per component insight is an important metric to expose, customers need to be able to differentiate between service degradation and increased latency due to deeper transaction analysis. An example of this could be a new data protection rule utilizing natural language processing or computer vision detection capabilities impacting all traffic to an application due to too broad a scope.
- Application Performance Monitoring
- Proactive monitoring of top 47 critical business applications provides focus on what matters the most to your organization, helping network operations teams react quicker to critical incidents, including incidents both in the first mile and within the application providers network.
Many organizations may utilize third-party DEM solutions that can monitor some of the aspects above, but without full end-to-end visibility, including an understanding of processing within the SASE platform, existing solutions really are “monitoring” solutions that provide some insight, and require substantial user effort to remediate. Traditional DEM providers also lack the ability to “see through the proxy,” so although they may be able to provide round trip time (RTT) metrics, they provide very little insight into the source of the issue.
Solving Client Problems
With a full understanding of the source of the problem, we want to be able to streamline the remediation process. First, let’s look at client issues. How much time would it save both the user and your helpdesk teams if you could provide a popup to a user to inform them that you are seeing performance degradation due to poor wifi performance and to move closer to their router? How about notifying the user automatically to close browser tabs or a particular application to remediate their issue? With Proactive DEM you will soon be able to do just that!
How about that CEO WebEx issue referenced above? With Endpoint SD-WAN built into the Netskope Endpoint Client, a tunnel can be established to Netskope with optimization enabled, greatly increasing WebEx performance by correcting for a bad internet connection.
Solving Connectivity Problems
Now let’s look at the connectivity to the Netskope POP. First, Netskope already offers advanced POP selection capabilities by connecting to the POP offering the best performance, not simply connecting to the nearest geographic POP. But what happens if an ISP develops a routing issue? Having identified this, clients and SD-WAN tunnels can be updated to point to a different POP, thus routing around the ISP issue or if related to the user’s ISP, the user can be prompted to connect to an alternative ISP or switch to 5G.
Solving Application Performance Problems
Finally, how about that use case of users in a country having poor Salesforce performance, identified as a problematic router on a particular path to a Salesforce data center? With Netskope having full control of the outbound connectivity from the SASE platform, we can re-route traffic to mitigate the issue with the application provider, all without any involvement from our customers, and even before users start to report issues.
Beyond the remediation options, organizations also need to understand the detail and scope of an incident, so alongside the new visibility and remediation capabilities, we are also introducing a new alerting mechanism. Customers will be able to enable notifications via traditional methods including email, but also operationalize alerts through web hooks and API connectors, allowing integration with SOAR, IR, and ISTM solutions, all helping to drive down TCO through automation.
With DEM Standard, Netskope’s current offering, customers have benefited from insight into tunnel health, client usage, private apps publisher health, bandwidth, and proactive latency monitoring. Our new Proactive DEM Professional package offers full 360-degree visibility in both user and application views alongside the new alerting mechanism and is available immediately.
For more information on Netskope Proactive DEM, visit https://www.netskope.com/products/digital-experience-management.
