- play_arrow Introduction
- About the Administration Portal User Guide
- Administration Portal Overview
- Administration Portal Tasks for SP Administrators And OpCo Administrators
- Accessing Administration Portal
- Personalize the Administration Portal
- Switching the Tenant Scope
- About the Administration Portal Dashboard
- Changing the Administration Portal Password
- Resetting Your Password
- Configuring Two-Factor Authentication
- Resend Activation Link in Administration Portal
- Changing the Password on First Login
- Resetting the Password for OpCo and Tenant Users
- Setting Password Duration
- Extending the User Login Session
- About the Display Preferences
- Add a Theme in Administration Portal
- Apply or Modify a Theme
- Upload a Custom Font
- play_arrow Managing E-Mail
- play_arrow Managing Authentication
- play_arrow Managing Tenants
- Tenant Overview
- Full Mesh Topology Overview
- Understanding Specific Route-based Routing Within the SD-WAN Overlay
- About the Tenants Page
- Adding a Single Tenant
- Edit Tenant Parameters
- Importing Data for Multiple Tenants
- Allocating Network Services to a Tenant
- Viewing the Create History of Imported Tenant Data
- Delete a Tenant
- Viewing the History of Deleted Tenant Data
- Dynamic Mesh Tunnels Overview
- Configuring Dynamic Mesh Tunnel Thresholds for all Tenants
- Updating the Terms of Use
- play_arrow Managing Operating Companies
- play_arrow Managing Resources
- About the POPs Page
- Creating a Single POP
- Importing Data for Multiple POPs
- Viewing the History of POP Data Imports
- Viewing the History of POP Data Deletions
- View the History of Device Data Deletions
- Manually Importing Provider Hub Sites
- About the Tenant Devices Page
- About the Provider Hub Devices Page
- Add a Provider Hub Device
- Edit Provider Hub Site Parameters
- Manage a Provider Hub Device
- Upgrade a Provider Hub Device
- Delete a Provider Hub Site
- Perform Return Material Authorization (RMA) for a Provider Hub Device
- Grant Return Material Authorization (RMA) for a Provider Hub Device
- Generate Device RSI for Provider Hub Devices
- Managing a Tenant Device
- Device Redundancy Support Overview
- Viewing the History of Tenant Device Activation Logs
- Secure OAM Network Overview
- Secure OAM Network Redundancy Overview
- Rebooting Tenant Devices and Provider Hub Devices
- Identifying Connectivity Issues by Using Ping
- Identifying Connectivity Issues by Using Traceroute
- Remotely Accessing a Device CLI
- Device Template Overview
- Multi-Service Shared Bearer Overview
- About the Device Template Page
- Cloning a Device Template
- Importing a Device Template
- Configuring Template Settings in a Device Template
- Updating Stage-2 Configuration Template in a Device Template
- Configuring Stage-2 Initial Configuration in a Device Template
- Modifying a Device Template Description
- Deleting a Device Template
- Configuration Templates Overview
- Configuration Templates Workflow
- About the Configuration Templates Page
- Predefined Configuration Templates
- Edit, Clone, and Delete Configuration Templates
- Deploy Configuration Templates to Devices
- Undeploy a Configuration Template from a Device
- Dissociate a Configuration Template from a Device
- Preview and Render Configuration Templates
- Import Configuration Templates
- Export a Configuration Template
- Assign Configuration Templates to Device Templates
- Add Configuration Templates
- Jinja Syntax and Examples for Configuration Templates
- View the Configuration Deployed on Devices
- APN Overview
- Configuring APN Settings on CPE Devices
- Device Images Overview
- About the Device Images Page
- Staging an Image
- Deploying Device Images to Devices
- Uploading a Device Image
- Deleting Device Images
- Network Services Overview
- About the Network Services Page
- About the Service Overview Page
- About the Service Instances Page
- Allocating a Service to Tenants
- Removing a Service from Tenants
- play_arrow Managing Signatures
- Signature Database Overview
- About the Signature Database Page
- Downloading a Signature Database
- Download Locations for Signature Database
- Application Signatures Overview
- About the Application Signatures Page
- Understanding Custom Application Signatures
- Adding Application Signatures
- Editing, Cloning, and Deleting Application Signatures
- Adding Application Signature Groups
- Editing, Cloning, and Deleting Application Signature Groups
- play_arrow Managing Licenses
- play_arrow Managing Users and Roles
- Role-Based Access Control Overview
- About the Users Page in Administration Portal
- Add Service Provider and OpCo Users
- Edit and Delete Service Provider Users and OpCo Users
- Resetting the Password for Service Provider, OpCo, and Tenant Users
- Roles Overview
- About the Roles Page
- Add User-Defined Roles for Service Provider, OpCo, and Tenant Users
- Edit, Clone, and Delete User-Defined Roles for Service Provider, OpCo, and Tenant Users
- Access Privileges for Role Scopes (Operating Company and Tenant)
- play_arrow Managing Jobs
- play_arrow Managing Audit Logs
- play_arrow Monitoring
- About the Monitor Overview Page
- Alerts Overview
- About the Generated Alerts Page
- About the Alert Definitions/Notifications Page
- Creating and Managing Security Alerts
- About the Alarms Page
- BGP Alarms on Provider Hubs
- Monitoring Support for LTE Links on Dual CPEs
- Enable E-mail Notifications for SD-WAN Alarms
- Rogue Device Detection
- Multitenancy
- About the SLA Performance of All Tenants Page
- About the SLA Performance of a Single Tenant Page
- Monitoring Application-Level SLA Performance for Secure SD-WAN-Advanced
- Viewing the SLA Performance of a Site
- Viewing the SLA Performance of an Application or Application Group
- Understanding SLA Performance Score for Applications, Links, Sites, and Tenants
- Syslog Streaming
Application Quality of Experience Overview
Contrail Service Orchestration (CSO) supports Application Quality of Experience (AppQoE) that enables you to effectively prioritize, segregate, and route business-critical application traffic without compromising performance or availability.
AppQoE utilizes the capabilities of two application security services:
Application identification (AppID) to identify specific applications in your network.
Advanced policy-based routing (APBR) to specify a path for the application traffic.
AppQoE-enabled devices perform service- level agreement (SLA) measurements across the available WAN links, and then dynamically map the application traffic to the path that best serves the application’s SLA requirement.
AppQoE is applicable only for SD-WAN sites.
AppQoE is supported on the following devices in both hub-and-spoke and full mesh topologies:
vSRX instances
SRX300 series
SRX550M
SRX1500
SRX4100
SRX4200
You can configure an AppQoE between two SRX Series device endpoints (book-ended) when both the devices run the same version of Junos OS.
CSO pushes the SLA parameters, path selection parameters and
related configuration to the device and the device monitors the links
for SLA violation. If there is a violation, the device switches the
link and generates APPQOE_(APP)_SLA_METRIC_VIOLATION and APPQOE_BEST_PATH_SELECTED system log messages. The device also aggregates and averages the
SLA metrics, and generates periodic APPQOE_APP_PASSIVE_SLA_METRIC_REPORT system log messages.
AppQoE measures the application performance across multiple links by collecting real-time data by continuously the monitoring application traffic and identifying any network or device issues by sending active and passive probes. To monitor the SLA compliance of the link on which the application traffic is sent, the Customer Premises Equipment (CPE) device sends inline probes (called passive probes) along with the application traffic. Additionally, to identify the best available link for an application if the active link fails to meet the SLA criteria, the CPE constantly monitors and collects the SLA compliance data for the other available links by sending probes (called active probes) over the links. The active probes are sent based on the probe parameters that you configure in the application traffic type profile.
The CPE device switches links at the application level, which means that only the traffic corresponding to the application that reported the SLA violation is moved to a link that meets the specified SLA. Traffic for the remaining applications remain on the same link until those applications report an SLA violation.
You can configure traffic type profiles to specify the class of service (CoS) and probe parameters for each traffic type. When you add a steering profile (SLA-based or path-based), you specify the SLA parameters and SLA sampling criteria, and link the steering profile with a traffic type profile. The steering profile is then linked to an SD-WAN policy intent and the SD-WAN policy is deployed to enable AppQoE.
You can view the SLA performance details of all tenants from the Tenant SLA Performance (Monitor > Tenant SLA Performance) page. For more information on the AppQoE workflow, see Configure and Monitor Application Quality of Experience.
Benefits of Application Quality of Experience
Enables cost-effective QoE by real-time monitoring of application traffic, which provides a consistent and predictable level of service.
Improves the user experience at the application level by ensuring that the application data is sent over the most SLA-compliant link.
