Government Agency Resolves VPN Performance Issues With NETSCOUT Visibility
- Employees experiencing poor quality performance over VPN
- Bandwidth contention issues at agency internet circuits
- nGeniusONE® Service Assurance platform
- InfiniStreamNG® appliances
- Ensure bandwidth availability over VPNs for quality performance of agency applications for remote employees
- Avoided costly bandwidth increases
This government agency information technology (IT) team provides critical services, including deploying network infrastructure and essential application resources for use by employees located throughout the United States. While many of the agency’s employees are centralized, others are frequent travelers, connecting to the data center from airports, remote sites, and even home offices. There are also several dozen branch offices that depend on resources provided by this IT group. As much of this agency’s work can be unpredictable, so too are the hours they work, necessitating this exceptional IT staff to maintain a strategic 24 x 7 operation.
For several years, this IT staff has depended on NETSCOUT’s nGeniusONE Service Assurance solution and strategically deployed InfiniStreamNG appliances to help ensure the performance of the agency’s business applications and services.
Just prior to the COVID-19 outbreak, the IT team became concerned with emerging trends in traffic flows and bandwidth utilization. The agency was experiencing an increase in remote users at that time and it was corresponding to increased traffic volumes accessing agency resources in the data center. IT was seeing network traffic and bandwidth issues surfacing in key enterprise areas that were tied to their remote users accessing applications.
These changes in volume were presenting significant performance and availability challenges for the IT staff to deal with and merited closer evaluation.
Solution in Action
Given the preview with nGeniusONE into the increased volume of activity, they investigated further. In concert with their local NETSCOUT® engineers, the agency’s IT staff configured real-time nGeniusONE Service Dashboards and Grid views related to the monitored VPN services to understand all the characteristics of the employee VPN traffic and the consumption of network resources. The goal was to evaluate the different traffic flows and make decisions on how targeted adjustments in specific activity could ensure performance of critical application flows.
One area that was uncovered in the agency’s investigation of the traffic was employees, connected to the enterprise network over the VPN, that were streaming music, TV, and movie services like Netflix, Comcast, and YouTube. The analysis showed that these sessions were consuming a large amount of the bandwidth. Given that this was highly unlikely to be agency-related information, the IT staff wanted to reduce or remove that non-essential traffic to optimize the internet bandwidth for accessing business critical services.
Armed with this nGeniusONE analysis, the IT staff decided to make a configuration change to deploy split tunneling for their VPN environment. This would permit the agency’s employees to connect to the essential business applications and services when they were traveling, accessing remotely, or working from home via the secure VPN. However, for other activity like Web surfing and streaming services, the traffic would be routed directly over the internet, without consuming large amounts of bandwidth at the agency’s VPN.
The move to split tunneling by the IT team at this agency provided several benefits. Most importantly, they were able to relieve the volume of traffic on their VPN to provide optimal quality of service to all their employees using key business applications. By reducing this added volume, the agency was also able to avoid costly bandwidth upgrades for their internet links into the data center. Finally, although likely not a goal of the project, but a benefit to the traveling employees was that performance of their favorite streaming media services are better now that they are not contending for bandwidth with other data center services.
The IT team at the agency identified the value of the strategic partnership they share with NETSCOUT. The use of nGeniusONE and the expert help received from the NETSCOUT engineers were keys in the resolution of the problems reported by the agency’s VPN end-users.