Enterprises are being offered a new product that can monitor MPLS traffic 'in the cloud', allowing them, to keep a direct eye on the levels of service being delivered by WAN providers.

Packet Design's MPLS WAN Explorer will be able to assess changes in what the company calls "reachability"- that is, the ability of IP traffic to move between any two sites at a given time) and verify that the service provider has deployed the MPLS VPN routing architecture according to enterprise policy.

Althought there have been products that will monitor MPLS traffic within an enterprises, (NetScout's NGenius has an MPLS monitoring option for example) this is the first time that managers have been able to reach into their service providers cloud said Alex Henthorn-Iwane, VP of marketing at packet Design.

"This is the first product that lets customers monitor the Layer 3 routing of their WANs that run across service provider MPLS VPNs. There isn't any other product that does this"

He said that existing products would monitor application traffic flowing in and out of an enterprise site, but were not able to provide any insight as to whether " routing issues either at a site or in the VPN are the cause of an application problem, whether a primary VPN has failed or whether administrative errors at the SP have inadvertently mixed two enterprise VPNs together and have compromised their privacy."

He added that the product would offer an improvement on service providers' own stats. "The sort of stats that MPLS VPN providers typically offer are: latency from edge to edge within their network, and uptime availability of links between the SP and customer sites. However, they typically don't offer any stats on whether the site-to-site IP routing is operating correctly or not," he said.

All enterprises will have SLAs in place with their service providers but often there's no accurate way of assessing their effectiveness., MPLS WAN Explorer would be able to offer accurate information on a service provider's performance. "Given the lack of service provider SLA's or stats on the proper Layer 3 routing operation of a MPLS VPN WAN, this product helps enterprise managers ensure the proper operation of their network including the portion outsourced to the VPN, and by extension ensure that service providers are fully meeting their SLAs," said Henthorn-Iwane.

MPLS WAN Explorer is an enhanced version of Packet Design's Route Explorer and also works with the company's Traffic Explorer to monitor traffic by specific application and class of service using Netflow
data. The product works by listening passively to routing protocol exchanges, to create an accurate, real-time, routing map.

Managers would be able to use the product in a variety of ways. MPLS WAN Explorer offers: Reachability monitoring; forensic troubleshooting (ie diagnosis of routing problems); root-cause analysis (ie the ability to determine whether a problem between two sites occurred at one of the sites or on the service provider's network); network modeling and planning, and end-to-end traffic analysis.

MPLS WAN Explorer is particularly effective for enterprises with multiple service providers.

"If, for example, an enterprise has BT as a primary VPN provider and Orange or Cable and Wireless as a backup VPN provider, then the product will monitor both (or multiple) VPNs that are part of the enterprise's overall network architecture," said Henthorn-Iwane. "

In fact, I was just at a conference last week and spoke with a network manager from a large enterprise that has just this situation, where hundreds of sites across UK, Europe and Africa connect to one more of three different VPN providers, and where they have a lack of monitoring visibility into how the network routing is behaving across those VPNs, or even the status of the various VPN cloud," he added.

Henthorn-Iwane said it wasn't easy to give an accurate figure of the cost as there were many different factors at play. He offered a sample European pricing of about €80,000 (£72,000) but said that was for the larger enterprise that could have dozens to hundreds (or even thousands) of MPLS VPN-connected sites.

"There is a base price for the bundled hardware appliance that the software runs on and licences for the IP routing protocol support required (such as BGP and OSPF), while a scalable pricing component is based on the total number of enterprise routers being monitored," he said.