Power Community

Power Community

Network provider connectivity attribution in the Microsoft 365 admin center

When you think of Microsoft 365 services and network recommendations from Microsoft, the first thing that comes to mind is Microsoft’s network connectivity principles. These principles are the guidelines to follow when it comes to designing enterprise network connectivity for accessing Microsoft 365.

The Health | Network Connectivity page in the Microsoft 365 admin center is where you can view network connectivity assessment results for your users, which is represented as an aggregate at your tenant level and location level. “Location level” refers to your Office locations that are automatically discovered or defined by you.

You can find complete product documentation at https://aka.ms/networkproviders, but we wanted to share some details on how the new experience works.

In Health | Network Connectivity, you can find network insights to help you improve your assessment results, by understanding factors in your enterprise network design that don’t align with the network connectivity principles. 

For example: Backhauled network egress has been detected at Location X and we recommend using a closer egress point.

Network provider devices are affecting your network, we detected proxy servers or firewalls between your users’ devices and Microsoft 365 endpoints.

The common feedback we heard was to improve the quality of actionable information provided through these network insights: “Don’t just tell me I am backhauling network traffic, tell me what I need to do to rectify the situation.

Here are other examples where actionable information is missing today:

“How are the network devices affecting my network and what are the steps I can take to prevent it?”

“Are there better network connectivity providers that I can explore for my users network connectivity?”

We listened and have been working hard to improve your admin experience with Health | Network Connectivity, today we are thrilled to announce that the following features are generally available for all tenants in the Microsoft 365 admin center:

  • Network Providers in use for your tenant users, shown at the tenant level and location level.
  • Network connectivity Performance and Availability assessment results for your network providers.
    • Network Provider details impacting performance assessment results.
  • The Network Provider Index chart shows top performing network providers at a given location (for the USA only, coming soon for rest of the world).

These features have been in limited public preview since June 2023. We have more than 170 enterprise customers enrolled in the public preview and provide direct feedback to improve product quality. Go to Health | Network Connectivity today to experience the new features. You can sign up for the preview of upcoming features at https://aka.ms/networkpreview.

How can I access the new features?

The new features are under Health | Network Connectivity in Microsoft 365 admin center. To access them you must be assigned the Network Administrator or Global Administrator role. You can view the Network Traffic tab, which shows you your network providers at the tenant level. You can also view the table of network providers by location on the Locations tab.

How can I view network providers in use for my users at my tenant level?

You can view this in the Overview tab of Network Connectivity, where there is a widget that shows the top five network providers in use for your tenant users.

Widget for Top five network providers for the tenantWidget for Top five network providers for the tenant

 You can also see this on the Network Traffic tab, which contains all the information about network providers used by your users.

Network traffic tab in network connectivity pageNetwork traffic tab in network connectivity page

What do you mean by Overlay and ISP?

We classify network providers as ISP, Overlay, Corporate, or Satellite. This identifies the type of solution or service offered by the network provider. For example, a VPN solution or cloud proxy service is classified as Overlay, and an Internet link is classified as ISP or Satellite depending on the delivery of the service (terrestrial or satellite). Some organizations have their own ASN or network infrastructure and this is classified as Corporate.

 

How can I view network providers in use for my users at my Office location level?

When you go to the Locations tab, you should see the list of Office locations that were automatically discovered or added by an admin. If you do not see any discovered or added locations, jump to the next question.

In the list of locations, you should see a Network Providers column that shows you the network providers used at each location.

List of office locations along with network providers in Locations tabList of office locations along with network providers in Locations tab

Click on a Location, and then scroll to the end on the Summary tab to see the list of network providers in use at that location.

List of network providers used at a specific locationList of network providers used at a specific location

How can I filter my list of locations for a particular network provider?

In the Network Traffic tab where you see the list of providers at the tenant level, you can click on any network provider and a flyout panel appears with an option to View Locations that you can click to view the list of automatically filtered locations for this provider.

Flyout panel for network provider along with the view locations linkFlyout panel for network provider along with the view locations link

When you click on View Locations, you will be taken to a filtered list of locations for the provider.

List of locations automatically filtered for a network providerList of locations automatically filtered for a network provider

Why do I not see the View Locations option in the flyout panel?

View Locations is not shown when we can’t identify the office locations where the network provider is used. This could be because you do not have any or some of your office locations have not been discovered or added.

Why do I not see any locations discovered or added in the locations tab?

We depend on location information from Windows Location Services (WLS) to discover your location, it’s possible that WLS is not enabled on your user’s devices, or you chose to not share the location information with Microsoft in the Settings for Network Connectivity in Microsoft 365 admin center.

Some admins define their locations manually using the Add Location option in Locations tab, or the Manage multiple locations option, to import their locations using a csv or tsv file or the building data file exported from Call Quality Dashboard.

If you have not shared location information with us or defined locations manually, you will not see any locations for your tenant. Go to the next question to sign up for an alternative option to automatically discover your locations without sharing your location information.

How can I get my Locations discovered automatically without sharing my location information or using WLS?

If you prefer not to share location information with us or do not have the information required to define locations manually, you can use a new option we are introducing to discover your locations based on the network telemetry. In the network telemetry we have information like your LAN Subnet ID, Egress IP address that enables us to show all your locations from where your users are connecting to Microsoft 365. You can sign up for the public preview at https://aka.ms/networkpreview to explore this new option and provide us feedback.

When defining locations manually, can I use supernets instead of specific LAN subnets?

Yes, we now support supernets when you add locations using LAN subnets. For example, You added a location using /20 LAN subnet, we received a LAN subnet attribute containing /24 (if part of the supernet you defined uses /20 and there is no other specific match for the /24 subnet) in the network assessment, we will map this network assessment to the location based on the /20 supernet definition.

I have too many locations, how can I manage the view to prioritize?

You can filter the list of locations using location type (automatically discovered vs admin added), work type (onsite or remote). You can also select multiple locations and hide them by using the Hide option.

Can I edit the location by adding more details?

Yes, you can edit the location by selecting it and using the Edit option. In fact, this is a great way to build on the automatically discovered locations by adding LAN subnets or egress IP’s or both to make the location view more accurate or scoped to your needs.

If my network provider’s performance is low, where can I view details that will help improve performance?

From the list of locations, you can click on a location to go to its Summary tab. If you scroll down to the end of the Summary tab you will see the list of network providers used at this location.

List of network providers used at a specific locationList of network providers used at a specific location

From this list of providers, you can click on a specific provider to view the Summary and Details for that provider. For example, I can click Fabrikam to view the flyout with summary and details for Fabrikam.

Summary for network provider FabrikamSummary for network provider Fabrikam

In the Details tab there is information that typically affects provider performance. For example, we detect network provider device interference between your users and Microsoft 365.

Here are the types of device interference we can detect.

  1. SSL break and inspect test: This detects a private or unknown certificate presented by a network device to your users for data path connections to Microsoft 365, a private certificate is typically used when the network device intends to perform break and inspect operation at the SSL or TLS layer for those connections. We may not be able to show you the detected certificate issuer names due to privacy reasons.
  2. Incorrect destination IP address detected: This indicates that the destination endpoint representing Microsoft 365 endpoints have incorrect or unfamiliar IP addresses assigned to them. Typically, this means there is an intermediate network device acting as a proxy and we will show you the incorrect or unfamiliar IP address detected.
  3. VPN or tunneling detected: This indicates that the network taken to connect to Microsoft 365 endpoints involves a VPN or traffic tunnelling. A VPN or traffic tunnelling may cause backhaul of network traffic and lead to network performance issues that impacts user experience.

If no device interference is detected, the implementation is considered to be aligned with our network connectivity principles.

Interference details like SSL break and inspect, Incorrect destination IP address and VPN tunneling detected for a network providerInterference details like SSL break and inspect, Incorrect destination IP address and VPN tunneling detected for a network provider

NPI

The Network Provider Index (NPI) chart is a monthly index that can be viewed by office location. It lists network providers with the highest performance used by Microsoft 365 customers in the same country/region and state as your office. We include availability and performance information attributed to these providers. This index also shows a target baseline that shows the best performance observed in the same country/region and state.

Network provider index chart for a locationNetwork provider index chart for a location

How can I use the NPI chart?

You can use the NPI chart to find top performing network providers and view their performance assessment at a given location, such as your office location or any other location from where users connect to Microsoft 365. Note that the index is provided at the State level and not City level.

You can also use the NPI chart to determine the best performance observed at a particular location. This is referred to as the Target baseline. For example, sometimes the best performance assessment observed 80 points out of 100, this means you are unlikely to find a network provider who can deliver better performance at this location.

— The Microsoft 365 Network Engineering team

This post was originally published on this site

- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement - Advertisement

Latest News

ON DEMAND | SharePoint in-depth: Learning content

There’s the thinking cap. And then there’s the deep-thinking cap. It’s time to put on the latter. This article contains...

More Articles Like This

- Advertisement -spot_img