AI-driven SD-WAN in Action: Design, Deploy, and Operate a Full Stack Branch with Mist AI

00:00 [Music]

00:05 the landscape of connecting enterprise

00:07 users devices and applications has seen

00:10 dramatic changes over a short time

00:12 expectations for secure connectivity

00:15 with great user experiences are as high

00:17 as they have ever been

00:19 nowhere are the operational challenges

00:21 resulting from this change felt more

00:23 acutely than at the far edges of the

00:25 network at the remote offices branch

00:28 sites and enterprise campuses

00:32 at juniper networks we have led the way

00:34 in applying innovative modern technology

00:36 solutions to these challenges

00:39 with wired and wireless access powered

00:42 by mist and we are excited to introduce

00:44 the newest piece of the ai driven

00:46 enterprise with win assurance powered by

00:49 session smart routing

00:50 this is what the branch of the future

00:52 looks like it is cloud managed ai driven

00:56 and smart about user experience

00:58 so let's walk through several days in

01:00 the life of this modern branch and see

01:02 what it is like to design deploy and

01:05 operate a full stack network with missed

01:08 ai

01:11 [Music]

01:14 we begin in the mist dashboard where we

01:17 have our sites configured for the

01:19 enterprise organization called acme we

01:22 have sites in westford and sunnyvale

01:24 which are our data center hub sites

01:27 cupertino is acme's brand new site that

01:30 we need to bring online

01:32 in the organization-wide settings we

01:34 have configuration for our when

01:37 starting with networks this is where we

01:39 describe who our user populations are

01:41 and the segments that will be used to

01:43 connect them throughout the wan i've

01:45 created a network tenant segment called

01:48 trusted to describe our corporate users

01:51 next we move to services and we describe

01:54 the networks and applications that our

01:56 users will use the wan to connect to

01:58 services describe the destinations on

02:00 the network that will be given discrete

02:02 policy for routing access and security

02:06 starting simple we have two basic

02:08 services we want our wan to deliver

02:11 one is internet which is described by a

02:13 single quad zero address prefix matching

02:16 all ipv4 address spaces the other is

02:19 microsoft teams which is described by

02:22 one of the many predefined applications

02:24 that the wan identifies automatically

02:26 for services describing applications

02:29 users can pick from a huge variety of

02:31 apps known by our session smartwan by

02:33 default

02:36 can also use categories of applications

02:38 or define our own identifiers to create

02:40 services for custom applications

02:44 now that we have a few named services

02:46 that the wan will deliver and we have a

02:48 network tenant describing who will be

02:50 accessing the services we need to

02:52 describe how the wan will be connecting

02:55 them this starts with topology

02:58 for the acme cupertino site we have mpls

03:00 and broadband for connectivity we need

03:03 to define each of these as overlays and

03:06 give path names to each of our westford

03:08 and sunnyvale hub sites

03:11 moving on to our wan edge templates we

03:13 have some of the local configuration

03:15 that will be applied at the sites

03:18 looking to our sunnyvale wan edge we

03:20 will manage the local device

03:22 configuration using templates since this

03:24 will be the first of many sites for acme

03:27 templates will help our cupertino branch

03:29 and all future sites deploy with

03:31 consistency

03:32 here you can see that our sunnyvale and

03:34 westford templates will inform those

03:36 sites they will operate as hubs in the

03:38 relevant overlays

03:40 and we can see that our new cupertino

03:42 branch is going to be a spoke to both on

03:46 the lan connected to the wired and

03:48 wireless access devices we have our

03:50 trusted network segment

03:52 for defining how the site will use the

03:54 available connectivity we have path

03:57 preferences

03:58 for cupertino and future sites using

04:00 this awan edge template they will use

04:02 overlay paths starting with the mpls

04:05 path to sunnyvale as primary followed by

04:08 the broadband path to sunnyvale and

04:10 finally the mpls and broadband paths to

04:13 westford

04:14 so at this point we have who our user

04:17 populations are what services the wan is

04:20 going to deliver and a strategy on how

04:23 the connectivity is to be used

04:25 a service policy is where we tie all

04:27 these things together oriented around

04:30 the service here we declare that our

04:32 trusted users are allowed access to the

04:35 internet service using the path

04:37 selection policy we have identified that

04:40 is mpls first broadband second

04:43 and that's it our basic design of the

04:45 wan connecting our new cupertino branch

04:47 is complete the wired and wireless

04:50 access is similarly defined and all we

04:52 must do next is unbox our devices and

04:55 connect them

05:00 today is the big day

05:02 our wired wireless and wan devices have

05:05 arrived and today our new branch site

05:07 goes live

05:08 here we have our new ssr branch device

05:11 with a missed claim code on it

05:14 this is consistent with a claim code

05:16 found on our missed access point and

05:19 juniper ex switch also fresh out of the

05:21 box

05:24 as we look at our wired and wireless

05:26 device inventory we have the switch and

05:28 ap already claimed because the devices

05:31 have never been turned on they are still

05:33 disconnected

05:35 let's go ahead and now claim our wan

05:37 edge device by entering the claim code

05:39 we indicate that we want to associate

05:41 the device with our cupertino site and

05:44 initiate the claiming process

05:46 in this instance we are claiming the

05:48 devices one at a time but this can be

05:51 done in bulk as we ramp up the pace of

05:53 deployment

05:54 once claimed the device is instantly in

05:56 our inventory associated with the

05:59 cupertino site

06:00 now we just need to plug everything in

06:13 making the physical wan connections the

06:16 yellow cable is the primary mpls

06:18 connection and blue is the secondary

06:21 broadband

06:28 next power is applied and our devices

06:30 boot up and connect to the cloud

06:33 one by one they learn of their function

06:35 topology and configuration and

06:37 transition into service

06:39 starting with the wan edge providing

06:42 connectivity for the switch providing

06:44 connectivity for the ap and last we see

06:47 from a user device that our acme corp

06:49 ssid begins broadcasting

06:54 we connect to it and get secure

06:56 connectivity for the user

06:58 as a trusted network tenant we can ping

07:00 destinations associated with our

07:02 internet service and open a browser to

07:05 access the web

07:10 heading back to our missed dashboard we

07:12 can now see that all branch wired

07:15 wireless and wan devices at our site are

07:17 now connected

07:21 our wan edge insights shows us that

07:23 telemetry is already arriving from the

07:25 ssr wan edge device

07:27 the device has securely learned its

07:29 place in the topology and is monitoring

07:31 the paths in the mpls and broadband

07:34 overlays

07:36 more than just the wan this is a

07:38 complete branch ztp experience including

07:41 wired wireless and now when

07:44 it is how thousands of sites can be

07:46 rolled out in a frictionless and

07:48 reliable deployment

07:50 before we leave the site let's show that

07:53 our session smart wan is able to

07:54 proactively respond to failures to

07:57 preserve user experience

07:59 let's invite a colleague to a teams call

08:04 our collaboration session gets underway

08:06 and we have high quality connectivity

08:08 through the wireless wired and wan

08:10 networks

08:13 with the call established over the

08:15 primary mpls path let's break the link

08:18 and see what happens

08:21 with ai-driven sd-wan the real-time

08:24 session is seamlessly failed over to the

08:26 secondary broadband path with minimal

08:28 disruption to the application experience

08:31 our site is now live with our user

08:33 experience enhanced by a tunnel-free wan

08:36 that minimizes faults and maximizes

08:38 uptime thanks to session smart routing

08:42 [Music]

08:46 okay our cupertino branch site is

08:48 deployed

08:49 let's fast forward a bit and look at

08:51 some of the wan insights being observed

08:53 by mist

08:54 our insights page gives us a view into

08:57 when performance for the site

08:59 we have a historical view of when

09:01 related events and applications that are

09:03 being used at the site are available for

09:05 review

09:07 also visible is a list of active client

09:09 devices that are utilizing the wan for

09:11 connectivity to services

09:14 these provide a comprehensive view of

09:16 user activity at the cupertino location

09:19 further down kiwan edge device

09:21 performance data is plotted in a set of

09:24 charts we see system resource

09:26 utilization including cpu forwarding

09:29 core and memory

09:30 near the bottom we see wan performance

09:33 for the network paths connecting this

09:35 wan edge to its peers this gives a

09:37 historical look at path behavior

09:39 including loss latency jitter and moss

09:42 score

09:48 being able to see all this when related

09:50 data with your own eyes is great but in

09:52 addition to wired and wireless telemetry

09:55 marvis our ai powered virtual network

09:57 assistant now sees wan data as well

10:01 starting with an organization-wide view

10:03 we see a top-level representation of our

10:05 user experiences in the wan

10:08 as our organization continues to roll

10:10 out to thousands of sites this lets us

10:12 quickly identify problem sites where wan

10:15 experience is being affected

10:18 here the wan telemetry from session

10:20 smart routers is processed to produce

10:23 sles which stands for service level

10:25 experience

10:27 looking at our recently deployed

10:28 cupertino site we can see that it is not

10:31 meeting service levels

10:33 clicking into the site we get a closer

10:35 look at the sles they are broken down

10:37 into three important health categories

10:39 that play a role in user experience the

10:42 wan edge device health the health of

10:44 when links and paths

10:46 and the health of applications

10:48 themselves

10:50 each sle is broken down into a simple

10:52 unit of measure for the user experience

10:55 called a user minute

10:57 simply put this is telling us what our

10:59 user experiences on the wan are per user

11:02 per minute

11:03 behind these seemingly simple

11:05 measurements are the complex and

11:06 powerful ai models of the missed cloud

11:09 fed by rich telemetry from the

11:11 sessionsmart network

11:13 for each sle we get a breakdown of the

11:15 root cause of the issues identified

11:18 whenever user experience is poor in the

11:20 wan mist not only tells us the root

11:23 cause but also tells us what was

11:25 affected

11:26 such as the impacted applications users

11:29 links paths and devices

11:32 let's take a look at a separate example

11:34 of sles in another recent real

11:36 deployment

11:37 here at this site we see that our user

11:39 experiences have not been affected by

11:42 things happening within the wan edge

11:43 device itself or by issues on wan links

11:47 but even still mist has noticed that

11:49 some application experiences are being

11:51 impacted

11:53 what could be going on

11:55 let's hop into our application health

11:57 sle to see

11:59 each sle contains a set of classifiers

12:02 that breaks down the root cause of poor

12:04 experiences in this case 98 of the times

12:07 that user experience has been poor the

12:10 cause has been actual application server

12:12 responsiveness issues going further into

12:15 sub classifiers we can see that apps

12:18 have been slow to respond even while all

12:20 the rest of the wan has been performing

12:22 perfectly looking at items affected by

12:24 this issue it shows us which users and

12:27 applications have been impacted

12:30 so miss told us that the network is fine

12:32 but there are issues out on the internet

12:34 that are causing the poor experience

12:36 let's check the news to see if there

12:38 have been any public reports of these

12:40 issues

12:41 sure enough this very same day there was

12:43 an amazon server outage applications

12:46 reported as impacted are the same ones

12:48 that mist told us about this is wan

12:51 assurance in action helping us find

12:53 impactful issues wherever they are from

12:56 client to cloud

13:01 [Music]

13:04 so what else can marvis do for us meet

13:07 marvis actions the proactive side of

13:09 marvis

13:10 marvis identifies actions that users can

13:13 take to improve their user experience if

13:16 there is action that can be taken to

13:17 improve the network it will be brought

13:19 to the forefront here

13:21 for our wan we see that marvis has

13:23 identified a persisting lte signal

13:26 quality issue

13:27 from here we can drill into the details

13:29 of the issue and get a better sense of

13:31 the impacts looks like i should take

13:33 some action and have the antenna

13:35 adjusted this is a great example of

13:38 marvis helpfully suggesting actions we

13:40 can take to make the user experience

13:42 better

13:46 [Music]

13:48 now marvis isn't just in the background

13:51 working on sles and looking to suggest

13:53 helpful actions marvis is also ever

13:56 present in the forefront of the missed

13:58 experience you can ask marvis questions

14:00 about the network at any time you can

14:03 ask it to help you do things like

14:04 troubleshoot a device or access

14:06 documentation

14:08 at our cupertino site we know teams is

14:11 an important collaboration application a

14:13 particular user at the site has noticed

14:16 periodic issues with poor teams calls

14:18 let's ask marvis to help us out

14:22 marvis quickly responds with a handful

14:24 of team sessions that it determined were

14:26 calls from our user yesterday

14:28 great let's ask marvis to troubleshoot

14:30 one of them marvis returns the

14:33 end-to-end path of the session from

14:35 client to cloud app server

14:37 we can see that marvis points out the

14:39 wan as a source of issues that impacted

14:42 the experience going one step further it

14:45 shows us the wan edges that the session

14:47 traversed and it pinpoints high network

14:50 jitter between the edge devices that

14:52 impacted the experience

14:54 think about that for a moment

14:56 a simple question why was my team's call

14:59 bad a question that would historically

15:01 need to be answered by top technical

15:03 operators across different disciplines

15:05 of expertise going device to device

15:08 pouring through logs and packet captures

15:11 mountains of monitoring information just

15:13 to answer where the session went and

15:15 where it went wrong

15:17 a simple question simply answered by

15:20 asking marvis

15:21 now that marvis has pinpointed the issue

15:23 let's go look at our sles for the wan at

15:26 the site

15:27 going to yesterday we see clear

15:29 indication of user minutes impacted by

15:32 wan link health

15:33 as we look at the classifiers and

15:35 subclassifiers of the issue root cause

15:38 we see the jitter marvis told us about

15:40 in the affected items we see that all

15:42 paths of connectivity for the site

15:44 experience jitter which indicates a

15:47 regional connectivity issue affecting

15:49 both wand types in the area

15:51 it also explains how even with the

15:53 capabilities of session smart routing

15:55 deployed to maximize experience no

15:58 decent forms of connectivity were

16:00 available and the impacts of the event

16:02 were felt by our user

16:09 this is ai driven sd-wan in action

16:13 in this demo we saw how our day zero

16:15 site design was created using powerful

16:18 templates for wan which can be

16:19 flawlessly repeated at thousands of

16:22 sites

16:22 next on day one we brought our site live

16:25 with frictionless deployment

16:27 from freshly unboxed devices to secured

16:30 wired wireless and wan connectivity

16:33 finally throughout day two operations we

16:36 saw how user experiences in the wan are

16:38 assured to be the absolute best they can

16:40 be

16:42 and when they could not marvis was able

16:44 to help us quickly find the cause and

16:46 give us actionable insights to help us

16:48 improve it this is just a taste of how

16:52 juniper's ai-driven sd-wan provides

16:54 exceptional experiences for end users

16:57 and simplifies operations for it

17:00 administrators

17:07 [Music]

17:09 you