Firebox SD-WAN Data in Cloud?

Are there any plans to bring SD-WAN data into Cloud & Provide performance reports there? This would be very helpful in dealing with ISP's. A next step would be the ability to plug in SLA terms and be able to get reports on ISP SLA compliance / non-compliance.

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @PatrickSeaman

    As of right now, there's no report like what you're looking for in cloud.

    Is your device cloud managed or locally managed (via WSM or the WebUI?) There are performance graphs in both of these interfaces that show latency, jitter, and loss.

    You can set up notifications for when a SD-WAN event does occur based on the parameters set in SD-WAN, which will follow the notification settings on either WG Cloud or your Dimension server.

    -James Carson
    WatchGuard Customer Support

  • We have multiple fireboxes at various locations. They are managed in dimension. I can capture a screenshot of the data using the WebUI, but it is just a graph and is only available for the period the box has been up and is flushed weekly when the boxes are rebooted. If there is a graph, then there is data. What I'd like to see is that data logged into Cloud, and then have the option to see longer term graphs (like the one in WebUI) as well as actual log data. I can use this for better management as well as a club to use against the ISP's servicing those locations to hold them accountable to their SLA. I already get notifications that they are down/up -- but that's not "data."

  • @PatrickSeaman said:
    We have multiple fireboxes at various locations. They are managed in dimension. I can capture a screenshot of the data using the WebUI, but it is just a graph and is only available for the period the box has been up and is flushed weekly when the boxes are rebooted. If there is a graph, then there is data. What I'd like to see is that data logged into Cloud, and then have the option to see longer term graphs (like the one in WebUI) as well as actual log data. I can use this for better management as well as a club to use against the ISP's servicing those locations to hold them accountable to their SLA. I already get notifications that they are down/up -- but that's not "data."

    The metrics that Bruce Riggs mention make it to where your interfaces will failover once particular metrics are met like packetloss, jitter, and latency. These metrics can usually be used with your ISP for tshooting and show themselves in the “Health > SD Wan” tab in the cloud system if you have your SD was turned on and on policies with logging turned on.

    I usually throttle my bandwidth settings to 95% of what the ISP says to make sure I control any QoS or throttling instead of them.

    There’s not many vendors (if any) I know that will take “SLA Metrics” and use that for alerting as you would need to figure out how to factor things like “how many users are connected” vs “how much can this firewall actually handle with full settings turned on” and THEN run and such.

    We use a monitoring system that’s allowed to externally ping our firewalls and it measures packet loss more so so we know when there are issues of tickets come in.

Sign In to comment.