Connecting a Customer Environment to Riverbed IQ SaaS

This illustration shows how data sources residing in the customer environment connect to Riverbed IQ:

Customer Environment Connectivity to IQ SaaS

Note these prerequisites:

  • The target data sources must be configured with credentials that permit Riverbed IQ to connect and establish the two-way conversation that is needed for the data source to stream key measurements to Riverbed IQ, and for the data source to process/reply to Runbook requests that occur over the course of an automated investigation.

  • The target Riverbed Edge platform needs to be selected and prepared (currently, Riverbed IQ supports deploying Riverbed Edge on the following: AWS, Azure, and VMware ESXi).

  • Riverbed IQ employs a shared ownership model for the Edge in which Riverbed supplies an Edge image for deployment on top of a customer-supplied and managed VM.

    • Configure the Riverbed Edge gateway on your Riverbed IQ tenant (see Configuring Riverbed Edge and Data Sourcess).

    • The target customer-owned/managed VM environment needs to be selected and prepared (currently, Riverbed IQ supports deploying Riverbed Edge

      in a number of VM environments).

    • Use the Riverbed-supplied cloud-init or ISO file to configure the Edge on your target VM-environment (see Configuring Riverbed Edge and Data Sources).

  • Once the Riverbed Edge gateway is configured, configure the target data sources on your Riverbed IQ tenant (see Configuring Riverbed Edge and Data Sources).

Once all Riverbed Edge(s) and data source(s) are configured on the Riverbed IQ tenant, data will begin to flow into the system and:

  • the Data Ocean will begin to take shape:

    • This is a distributed repository of customer environment information that is accessible to Riverbed IQ. It comprises a small amount of core information that is cached in the customer’s Riverbed IQ tenant and the vast full fidelity data that resides in the native Riverbed data sources (e.g., while executing an automation, the Runbook may quickly retrieve cached information from the customer’s Riverbed IQ tenant, or may issue a query directly to a data source to tap into high fidelity data).

  • Key Measurements will begin to flow into the pipeline:

    • Ingest & Analytics: will begin processing key measurements

      • Certain key measurements have a simple model (e.g. static threshold) that enable anomalies to be immediately detected/processed all the way through incident-generation and Runbook execution.

      • Other key measurements employ a more complex model (e.g time-series baseline) that will require time to build the model. As a result, it will take time to detect anomalous behavior for these key measurements (and further process those anomalies into Incidents with associate Runbook-executions), e.g.,

        • It takes two days to build an initial daily-seasonal time-series baseline model, and 14 days to build an initial weekly-seasonal time-series baseline model.