This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

Adaptive ML Baselining to Detect Network Performance Degradations

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Blogs
4 min read

Adaptive ML Baselining to Detect Network Performance Degradations

MSharma11
L2 Linker
‎11-04-2025 12:16 PM

General Graphics (2).jpg

Author: Maninee Sharma

 

Modern IT operations are measured less by uptime and more by the quality of user experience. Yet that experience can differ greatly depending on geography, last-mile conditions, and service providers. For decades, IT teams have relied on fixed industry benchmarks to flag when metrics fall outside expected ranges. Today, however, more sophisticated statistical techniques allow anomaly detection with far greater precision, distinguishing issues tied to specific regions, ISPs, and LAN performance.

 

Intelligent baselining addresses this by learning what “good” looks like for each network segment and scoring deviations in context. Instead of applying a single global threshold, the platform adapts to historical performance across LAN, ISP. The result is faster triage and greater clarity into what users are actually experiencing

 

Dynamic Baselining 

 

Dynamic baselining addresses this gap. By continuously learning from historical data, it evolves the definition of “normal” and applies context-aware scoring. 

 

Dynamic baselining gives IT the ability to:

 

  • Capture nuance by highlighting degradations that may be masked by fixed industry benchmarks.
  • Take actionable steps, such as fixing a LAN gateway issue inside the office or escalating when ISP performance drops.
  • Provide a baseline that adapts to real-world conditions and more accurately represents user experience.

 

ML-Driven Statistical Approach in ADEM

 

We treat baselining as a living profile of continually adaptive network performance. Rather than relying on a single universal rule, our platform maintains baselines for each network segment, including LAN, ISP, and overlay tunnels.

 

By applying statistical analysis and machine learning–based scoring, deviations are measured against what is normal for that specific segment and peer group. This ensures that alerts reflect local realities instead of arbitrary global limits.

 

Key elements of our approach include:

 

  • Segment-wise scoring :
    Each segment of the digital experience, from LAN performance to ISP connectivity and overlay tunnels, is baselined and scored independently, providing precise visibility into where degradation originates.

    • Business value: accelerates root cause analysis and shortens mean time to resolution (MTTR).

  • User clustering for peer context :
    Metrics are evaluated within clusters of users who share common vectors such as ISP, geography, or gateway path. This allows us to distinguish between a single user’s connectivity issue and a widespread outage.

    • Business value: reduces false positives and helps IT prioritize issues that impact the most users.

  • Correlation engine :
    Symptoms, supporting evidence, and probable root cause are linked to highlight what issue the users are experiencing, what evidence supports it, and the most likely source of the problem. 

    • Business value: enables IT teams to move directly from detection to action, cutting down misrouted tickets and wasted cycles.

 

ml baseline v3.gif

 

From Detection to Action

 

Adaptive baselining and scoring highlight degradations at both the individual and cluster level. A single user’s performance issue can be surfaced with context on whether it is their individual issues with the network. At the same time, clustering users into peer groups allows IT teams to detect a widespread issue impacting multiple users at once.

 

When widespread issues occur, IT is aware of the blast radius and impact of the issue and can act immediately. Examples include:

 

  • ISP degradations that impact a peer group in a region
  • LAN or office network issues that disrupt a location
  • Overlay tunnel health problems that affect secure access connectivity

 

Empower Your IT Team with Intelligent Baselining 

 

If you are interested in learning how intelligent baselining can improve user experience, let’s connect. With ADEM available within Strata Cloud Manager for both Prisma SASE and NGFW, IT teams can reduce operational complexity, accelerate troubleshooting, and enhance productivity by improving digital experiences.

 

Ready to see ADEM in action? Explore intelligent baselining with ADEM today through Strata Cloud Manager Pro. Visit our ADEM webpage for more information or request a demo to see ADEM in action.

  • 238 Views
  • 0 comments
  • 1 Likes
Register or Sign-in
Labels
Contributors
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks