All Riverbed Riverbed 2020 Tech Talks

Getting Network Visibility with Riverbed

Riverbed has interesting new developments and emphases in the areas of application visibility, maximizing performance, and its NPM (Network Performance Management) products.

You can tell what a company considers necessary by how it organizes itself and its marketing. Riverbed structures its marketing and offerings around four pillars: SD-WAN, acceleration, WAN optimization, and visibility. The pillars focus on what you do with the products rather than on the product lines themselves. There are links tying capabilities to products.

I like to tie capabilities to actual products and what a user sees and can do with the products to feel like I understand. Marketing people tend to avoid the ‘cannot do’ part, of course. We’ll focus on the can-do; for example, the screen captures and samples of what the user interfaces look like.

The application visibility we’ll be covering here is network-based application visibility, rather than the application-internals-centric detailed measurements the Riverbed Aternity product provides. Aternity is now a sister company to Riverbed.

What can you do with the Riverbed physical and virtual network products related to visibility, performance, and performance management?

Maximizing Performance

Riverbed has a long history of appliances that do application acceleration and optimization. To me, under the hood, those capabilities imply traffic compression and caching techniques, plus probably other protocol- or application-specific optimizations. Of course, no vendor is likely to talk much about their secret sauce.

Maximizing performance translates to the Riverbed SteelHead product line.

Featured product: SteelHead mobile, now known as Client accelerator. This is client software providing services for WFA (Work From Anywhere) users. It is a mature product but has increased capabilities due to the cloud products discussed below, also regarding VPN support.

Application acceleration requires two devices in the traffic flow, one for each end of the flow. The mobile and cloud virtual SteelHead devices interoperate with the physical units you’d have in your sites or datacenters. You might deploy the mobile agent for WFA users, physical SteelHead devices at datacenters, and virtual SteelHead in the cloud (see below).

Hot product: Virtual SteelHead for the cloud known as Cloud Accelerator.

The cloud virtual SteelHead means that Riverbed can accelerate O365, Box, ServiceNow, MS Teams, and SaaS apps. Any traffic volume reduction or compression also reduces the cost of cloud egress.

The cloud accelerator is available in three forms. The IaaS version is a virtual device you yourself deploy in the cloud (AWS, Azure). The SaaS Accelerator is a managed service accelerator for SaaS Applications (Office 365, Microsoft Teams & Stream, Box, ServiceNow, etc..). The frictionless O365 accelerator is a special case of the SaaS accelerator, limited to the O365 applications.

To manage all the mobile agents, Riverbed provides a controller, Client Accelerator Controller also known as the SteelHead Mobile Controller. It can be standalone or clustered, hosted on-prem or in the Cloud. As other SteelHead appliances like SteelHead Interceptors that load balance across physical SteelHead devices at large central sites or datacenters, it can be centrally managed in a SteelHead Controller.

Once you have something in the user’s traffic flow, there are some other services you can provide. Riverbed is all over this!

  • The SteelHead products provide traffic encryption.
  • In addition, an accelerator sees all of the traffic going through it, so gathering statistics about traffic flows fit right in. Centralizing that data then provides comprehensive overall visibility.

Network and Application Visibility

Riverbed has carried visibility further than just described. WFH has created the need to support home users, with home WLAN and internet connections of unknown and possibly poor quality. Support personnel need to determine that the UX (User Experience) is poor and gather information about where a problem lies. SteelHead Mobile can provide some of that data. SteelHead Mobile can do remote packet capture.

Another visibility tool from Riverbed, the AppResponse devices (physical, virtual, cloud), perform inline packet capture. They store packets and packet-based statistics for broad or deep-dive analysis. The NetFlow data can be fed back to a central NetProfiler system as well.

Here are some captures of some AppResponse screens:

As you can see, a variety of traffic and other useful data is provided.

On the centralized data reporting side of this, the Riverbed NetProfiler aggregates general NetFlow data and the enhanced SteelFlow data from any SteelHead device for centralized reporting.

NPM Products

NPM stands for Network Performance Management. Riverbed has a number of products that fit into this category. The main product list: AppResponse, NetIM, NetProfiler, and Portal.

Here’s a summary of the main Riverbed NPM products in outline form, with links:

  • NPM
    • Catch-all name for the various products below
    • Application, network, infrastructure visibility
    • Supports cloud, UC
  • Portal
    • The NPM apps are integrated via common Portal via dashlets
    • Integrated packet, flow, and SNMP information
  • NetIM
    • The IM in NetIM stands for Infrastructure Management
    • Does network baselining
    • SNMP, CLI, Syslog, traps, synthetic testing, UX measurement: performance data
    • Auto analytics: anomalies, violations, config details/changes
    • View path maps from source/client to destination/server showing relevant device health information via colorization
  • AppResponse
    • Physical, virtual, or cloud virtual form factors
    • Does packet capture and analysis: captures all packets and stores them every minute
    • Built-in policies ID potential problems
    • Can do Network Forensics, app metrics (response time), web transactions, database transactions, UC/data interaction and drill down, Citrix problems
  • NetProfiler
    • Centralized flow analysis and reporting
    • Understand traffic patterns and mix, utilization, change over time
    • Flow data provides security visibility. NetFlow/SteelFlow from the optimizers, etc.
    • Cloud migration support: map app transactions (flows) to infra, ID dependencies

AppResponse was briefly covered above. The text below includes some NetProfiler data screen captures (via Portal).

NetIM is Riverbed’s performance management tool, SNMP, and CLI-based. As noted above, it gathers and reports on network performance data and alerts on problems. Given the source and destination addresses, it will display the path between them in either direction. I’m going to leave it at that since it might take pages to describe all that the product does.

Portal is a web-based portal that integrates the various data sources Riverbed provides. It uses pre-defined and user-defined dashlets to allow customized views of various metrics of interest. Clicking on a dashlet typically brings up the relevant part of the web interface for the data source.

Some screenshots from a demo Portal follow. Note the originating application name shows up in the upper left corner of the portal page of dashlets.

Right-click drilldown on a device name in the bottom left corner dashlet leads to the following:

Choosing a different drilldown menu item leads to the following screen:

The data shown is the sort of overview data one expects from a NetFlow type of reporting tool: aggregated data for the dashboard and more specific data where requested.

The following screen capture demonstrates how Portal integrates different Riverbed tools. It happens to show the benefit of acceleration for multiple concurrent viewers of a video stream at a site. Note that 25 concurrent viewers at one site do not come close to consuming 25 times the WAN bandwidth of one user, despite having a video stream per user.

I once had a CIO ask how much Internet bandwidth they’d need for March Madness (basketball) as a worst-case scenario, with some large number of office users viewing simultaneously. They had a solution, but he wanted to know if they could simplify using a bigger connection. The answer was something like 50-100 Gbps, and that was five to seven years ago. So, it was not available or affordable at the time! So, this sort of compression can be useful.

More Info

The Riverbed Global User Conference on November 17, 2020, will have covered these topics before this blog posts.

Theme: Maximize Performance and Visibility. Any User, Network, App. Anywhere.

If you want more info about anything mentioned above, that’s another good source of information.

Conclusion

I’ve tried to summarize some Riverbed products and uses you might find interesting. I included screenshots to give you a feel for the user interface and whether you might want to look into the products in more depth.

You can get more information on the Riverbed website and via the embedded links above.

Disclosure Statements:

My personal disclosure statement

This blog was a paid writing project for Riverbed. My opinions remain my own.

About the author

Peter Welcher

Pete started out as a PhD mathematician teaching college classes, only to eventually discover he likes computers better. He worked for Terry Slattery coding part of the CIsco IOS CLI interpreter, which grew into teaching network classes and consulting. He has been a CCIE for over 20 years, authored or designed several Cisco courses, while designing networks big and small. Pete is deeply interested in R&S, is getting over MPLS, loves doing network design, application troubleshooting, and is now learning all he can about various datacenter technologies.

Pete blogs whenever he can find time. His blog can be found at
http://www.netcraftsmen.net/resources/blogs/blogger/Pete%20Welcher/.

He is on LinkedIn and intends to be more active there.

Leave a Comment