Passive Monitoring and Probe-Free Performance Monitoring Quiz

Questions and Answers

Passive monitoring measures the performance of members based on

• Active health checks
• RTT during TCP setup and teardown
• Probe-free approach (correct)
• Ping probes

Passive monitoring is more accurate than active monitoring because

• It measures packet loss based on TCP headers
• It measures member performance based on actual traffic (correct)
• It measures RTT during TCP setup and teardown
• It uses ping probes

Passive monitoring simplifies configuration and reduces network traffic by

• Configuring target servers and protocols
• Measuring latency based on RTT
• Generating monitoring traffic
• Using a probe-free approach (correct)

Passive monitoring measures packet loss, latency, and jitter based on

TCP traffic (D)

Active monitoring requires you to configure

Target servers and protocols (C)

Active monitoring can result in complex SD-WAN configurations when

Configuring multiple health checks and members (B)

Passive monitoring is disabled for hardware acceleration because

Members are always alive (B)

The limitations of passive monitoring include

Only measuring TCP traffic (B)

Active monitoring generates more monitoring traffic than passive monitoring because

It uses probes for each health check (D)

Configuring a ping probe to monitor the health of a member used for web traffic

Doesn't provide accurate performance metrics (A)

Which method is used to calculate latency in passive monitoring?

RTT of TCP connection setup and teardown (B)

What are the metrics calculated based on TCP header information in passive monitoring?

Jitter and packet loss (B)

What does passive monitoring not detect?

Dead members (C)

What needs to be enabled on firewall policies for passive monitoring?

Passive-wan-health-measurement (C)

What is automatically disabled when passive-wan-health-measurement is enabled?

Auto-asic-offload (C)

What does passive monitoring provide more accurate member metrics based on?

Actual traffic passing through the members (A)

What may affect the steering decisions made by FortiGate for SD-WAN rules configured for specific applications?

Lack of granularity (B)

What does per-application passive monitoring instruct FortiGate to do?

Measure the member quality based on the performance of applications (A)

What does FortiGate do if multiple applications use the same member in per-application passive monitoring?

Averages the metrics measured for all applications (C)

What needs to be enabled in SD-WAN rules for per-application passive monitoring?

Passive-measurement (B)

Flashcards

What is passive monitoring?

Passive monitoring measures network member performance based on actual traffic passing through them, without sending out probes.

What is active monitoring?

Active monitoring sends probes to network members to check their health and performance.

Why is passive monitoring more accurate than active monitoring?

Passive monitoring is more accurate because it uses real network traffic to assess member performance.

What are the benefits of using a probe-free approach in passive monitoring?

Passive monitoring simplifies configuration and reduces network traffic by not sending probes.

How does passive monitoring measure network performance?

Passive monitoring measures key network metrics such as packet loss, latency, and jitter using TCP traffic.

What needs to be configured in active monitoring?

Active monitoring needs you to specify target servers and protocols to send health checks.

When does active monitoring become complex?

Active monitoring can become complex when you need to configure multiple health checks for different network members.

Why is passive monitoring disabled for hardware acceleration?

Passive monitoring is disabled for hardware acceleration because members are considered always active in this scenario.

What are the limitations of passive monitoring?

Passive monitoring has limitations as it can only measure TCP traffic, neglecting other protocols.

Why does active monitoring create more network traffic than passive monitoring?

Active monitoring generates more network traffic than passive monitoring because it sends probes for each health check.

Why is using a ping probe not accurate for web traffic?

Using a ping probe for traffic, for example, web traffic, doesn't accurately reflect the actual performance of the web application.

How does passive monitoring measure latency?

Passive monitoring calculates latency from the Round Trip Time (RTT) of TCP connection setup and teardown.

What metrics are calculated based on TCP header information in passive monitoring?

Passive monitoring uses TCP header information to measure jitter and packet loss.

What does passive monitoring not detect?

Passive monitoring cannot detect dead members because it only measures traffic from active members.

What needs to be enabled for passive monitoring to work?

Enabling "passive-wan-health-measurement" in firewall policies allows passive monitoring to function.

What is automatically disabled when passive monitoring is enabled?

Enabling "passive-wan-health-measurement" automatically disables "Auto-asic-offload" for better accuracy.

Why does passive monitoring provide more accurate member metrics?

Passive monitoring provides more precise member metrics by analyzing actual traffic flowing through them.

Why can passive monitoring affect steering decisions in SD-WAN rules?

Lack of granular information in passive monitoring may affect the decisions made by FortiGate for SD-WAN rules configured for specific applications.

What does per-application passive monitoring do?

Per-application passive monitoring instructs FortiGate to measure member quality based on the performance of specific applications.

What happens when multiple applications share a member in per-application passive monitoring?

In per-application passive monitoring, if multiple applications use the same member, FortiGate averages the metrics measured for all applications.

How do you enable per-application passive monitoring?

To enable per-application passive monitoring, you need to enable "Passive-measurement" in SD-WAN rules.

Study Notes

Passive Monitoring vs Active Monitoring

• Passive monitoring is more accurate than active monitoring
• Passive monitoring simplifies configuration and reduces network traffic
• Active monitoring requires configuration and can result in complex SD-WAN configurations when multiple probes are used
• Active monitoring generates more monitoring traffic than passive monitoring

How Passive Monitoring Works

• Measures packet loss, latency, and jitter based on TCP header information
• Calculates latency using the TCP three-way handshake
• Metrics calculated based on TCP header information include packet loss, latency, and jitter

Limitations of Passive Monitoring

• Does not detect application-specific issues
• Disabled for hardware acceleration
• Limited to measuring TCP-based applications
• Firewall policies must enable UDP 37777 for passive monitoring

Per-Application Passive Monitoring

• Instructs FortiGate to monitor application-specific traffic
• If multiple applications use the same member, FortiGate chooses the best member based on application-specific steering decisions
• SD-WAN rules must enable passive-wan-health-measurement for per-application passive monitoring
• Automatically disables automatic WAN routing when enabled