Transformation from the Ashes of Global Pandemic
Nearly 800 IT professionals weigh in on the workloads, challenges, data sources, and team collaboration required to drive service delivery in this year of digital transformation.
Too many fingers pointed at the network team and not enough time to read and get ahead of complaints? Logs? Reports? Response time? The greatest challenge with network performance troubleshooting is often knowing where to begin searching for the actual source of the performance issue. This challenge can be worsened as standard networks become abstract and decentralized whether through IoT, SD-WAN, or the complex topology of SaaS cloud technologies.
In today’s remote working world, where many IT departments are limited to remote access to users and their endpoints, the need for comprehensive infrastructure monitoring and insights into the remote end-user has never been greater.
NPM tools from VIAVI proactively identify the most serious network issues with an end-user experience score, problem diagnosis, and out-of-the-box workflows leading IT teams to resolution. All Observer intelligence is backed by complete, unaltered packet and flow data, providing wire data for granular security investigations, observing Transmissions Control Protocol communication with unique IP addresses to MAC address to user ID relationships, powerful network connectivity insights, and root-cause analysis for optimized networking and application performance.
Now, with the version release of Observer v18, packet and enriched flow data now coexist in Observer Apex. This means all levels of expertise access to various tiers of IT visibility, using their preferred data sources for QoS measurements, baselining, capacity planning, and other network performance use cases.
With GigaStor Gen 4, VIAVI also delivers the fastest independently validated wire data capture speeds at 60 Gbps in one easy to install appliance, allowing you to scale with the demands of today’s increasingly connected world.
Observer provides comprehensive status visibility and insight into critical IT resources, whether in the data center core, network edge, or cloud. Delivering network and application product insights from the perspective of the end-user, Observer supports network and operations teams to ensure maximum effectiveness of IT services and data centers, port to port, through three critical use cases:
The network performance monitoring solution from VIAVI serves as the start for troubleshooting service anomalies, packet loss, managing network resources, and aiding investigations of incidents of concern (IOC) or confirmed security breaches. This starting point ensures IT teams can quickly gain access to relevant application, network, database, infrastructure, and user operational metrics for a variety of critical network performance and network security scenarios. This means less time troubleshooting and more time running online digital transformation for your business.
Also referred to as network performance management, NPM is defined as the practice of measuring, analyzing and optimizing the quality of service over a network, from the user’s perspective. Effective network performance monitors characterize and report on relevant metrics tied to IT services and supporting resources. They also provide troubleshooting components for network, application, or security anomalies along with capabilities designed to improve overall service delivery and end-point receptivity.
The tools make use of various data types, including network flow data, packet data and network infrastructure metrics. Armed with comprehensive real-time and forensic data along with superior analytical capabilities, network administrators can manage daily operations and monitor trends while optimizing performance and minimizing security risks.
The increasing network monitoring challenges are tied to the emerging hybrid IT environment in general and cloud-hosted assets specifically along with resource abstractions like virtual server virtualization and software defined networks (SDN). NPMD can help. With control functions previously performed by traditional routers, servers and firewalls now migrating to software-based solutions, monitoring practices have had to adapt quickly to these virtualized functions.
Applications are also becoming ever-more complicated as the number of tiers and their hosting location options proliferate. No longer limited to the on-premise deployments of the past, applications can now be divided between multiple cloud or external geographic locations overlapping with traditional local deployments. This growing complexity has led to a progressive and custom approach which encompasses more big data analytics, machine learning, performance network monitoring software options, and cloud computing.
According to the VIAVI Solutions State of the Network Global Study for 2019, over half of network professionals indicated the single greatest challenge in troubleshooting performance was determining the cause of the problem. Essentially, when faced with performance issues, network teams don’t know where to begin troubleshooting – whether it’s the network, software, application, mobile app, client, or system. These issues become more complex when managing network performance in cloud or remote environments.
Enterprise NPM also presents a complex challenge of device propagation brought about by the Internet of Things (IoT) which only adds to the dilemma. Centralizing NPM can be an effective strategy to minimize the siloing that sometimes leads to incomplete issue resolution and the lack of overall network-wide visibility essential to efficient troubleshooting practices.
The symptoms are easy to recognize. Slow connections, outages and intermittency are among the issues most reported by users. The benefits lie in quickly identifying the correct root cause associated with the symptoms so that effective corrective and preventative actions can be taken.
According to Forrester Research, nearly one third of all network performance issues take over a month to resolve or are never resolved. These unresolved or slowly corrected problems will undoubtedly re-occur without an effective strategy for issue resolution.
A networking performance monitoring solution often provides an avenue to better visualize metrics and other important information using dashboards, displays and graphs. The diagnostic and analytics capabilities of most solutions can be put to task to apply automated troubleshooting analysis to any performance or security issue that arises. Alerts based on defined performance levels are another essential tool that increases awareness of potential issues before they reach critical levels of performance degradation.
Problem remediation can be greatly accelerated by solutions that monitor, capture, and provide long-term storage of all packets, traditional flow, system logs, SNMP, network device and interface IP and MAC addresses, conversations, and transactions. Retention of this critical information and advanced analytics allows IT teams to quickly browse backward through massive network topologies tracing massive amounts of traffic post-event and find the specific time the episode occurred, whether tied to a service issue or a security breach. No need to wait for the problem to reoccur. Once found, the anomaly can be viewed contextually with other activity as it occurred. Think of it as an “always-on” video security system for your network.
Three key capabilities feed into an effective network performance monitoring strategy.
In the past, network operations (NetOps) and security operations (SecOps) would remain relatively isolated from one another. Today, a growing number of organizations have fully converged their IT security with network performance management into one community. This only makes logical sense when security-related issues are among the most common contributing factors behind network service issues. The risk of security threats can be manifested in unexpected events that lead to costly downtime or potentially compromised data. This risk is mitigated through high-fidelity forensics and cutting-edge investigation capabilities that expedite responsive action.
Comprehensive solutions enhance security, offering in-depth visibility into traffic traversing the entire network and underlying infrastructure that controls conversation flows. With the same visibility into their network, SecOps and NetOps teams are empowered to speak the same language, increasing collaboration between the two traditionally isolated departments. Specifically, SecOps and NetOps teams can profile user and device activities, quickly detecting and alerting on possible rogue behavior. In addition, documentation of the discovery of information is valuable post-event to clean-up compromised assets and assess specifically what company intellectual material may have been compromised.
Technology innovation, strategic cloud migration, and driving digital transformation are some of the common organizational objectives requiring highly focused and agile IT teams to remain competitive, which leads to challenges for many Chief Information Officers (CIO’s) in creating the appropriate balance between business innovation and operational excellence. Hence, the benefits engendered through a streamlined solution include a comprehensive approach supporting operational excellence for IT teams, allowing your organization to free up resources to find ways to drive digital innovation and change.
Included within this multi-tiered approach are the management of daily operations, the mitigation of risk from planned and unplanned events, and the optimized investigation and resolution of performance problems.
Management of daily operations is fully enabled through flexible dashboards and reporting providing enterprise-wide situational awareness and real-time visibility of network health metrics and trends. This enhanced visibility is also essential for risk mitigation of changes and unexpected events.
Based on industry research, the average cost for one hour of network downtime is $336,000. This makes staying one step ahead of potential issues, including everything from human errors to configuration issues and security threats, essential for maintaining a profitable operation with satisfied customers.
While open source network monitoring tools can certainly assist with getting to root cause, a comprehensive network performance monitoring solution equipped with advanced forensics and systematic workflows can accelerate performance issue resolution, even for subjective end-user complaints.
Previously, administrators focused on how to monitor baseline network performance, but baseline monitoring is no longer sufficient. The overall focus on operational excellence has many facets with each contributing to ongoing network availability, performance and security. One important aspect that cuts across multiple focus areas is the identification of trends.
With ongoing monitoring in place, trends can act as a roadmap leading to potential performance degradations or security threats. These trends can also be compared to performance baselines to detect potentially damaging conditions, including those that only occur sporadically or during peak traffic hours.
NPM can also play an important role in network planning and configuration management. Resource and bandwidth utilization reporting are readily available to support growth-related network planning functions. Beyond this valuable day-to-day functionality, the importance of keeping networks secure and data protected cannot be overstated. With traffic continuously monitored, potentially harmful files or activities can be identified on a real-time basis and escalated accordingly.
To effectively monitor performance, create value, enable innovation and assure ongoing security, several important features should be considered essential. The list of critical features certainly includes continuous real-time monitoring, analysis and visualization capabilities. With the complexity of today’s networks and the ever-present security threats, any latency associated with awareness and response can be a non-starter.
Remote Monitoring: The top network performance monitoring solutions also include remote-monitoring capabilities that allow complex operations to collect and analyze data from multiple locations, mobile devices and cloud deployments, as well as the requisite intelligence required to detect and roadmap new devices and hardware automatically.
End-User Experience: Another essential feature of these systems is the inclusion of end-user experience and perspective in the monitoring practice. The end-user is the most important and relevant barometer of network performance management system performance, so monitoring endpoint performance and utilizing end-user experience scoring are highly recommended practices. Similarly, effective user interface customization in the form of flexible dashboards, intuitive graphics and metrics are important features for improved IT performance and satisfaction, along with optimized network coverage and easy-to-read reports. Inputs, outputs and alert levels should be easily programmable and accessible.
Automation: Along with this improved visibility and responsiveness at both ends of the spectrum, automation features are essential for diagnosing and correcting issues without direct oversight. Automation has become increasingly valuable with the complexity inherent to cloud propagation, due to exponential increase in connection paths. Minimizing the number of issues requiring direct, manual response by the IT team can be an additional enabler of efficiency and operational excellence.
Obtaining the right network overview solution for your organization is just the beginning. Defining the more efficient infrastructure monitoring process requires review, analysis, and prioritization to make sure this valuable resource is deployed effectively. Important decisions regarding what to monitor, how to monitor, and how often are necessary prerequisites for baselining your key performance indicators. Additional planning and analysis is needed for setting system alert levels. To make alerts meaningful while preventing information overload, these levels need to be set as close as possible to the actual threshold of service-impacting trends or events. Accompanying these setup considerations are the personnel roles and responsibilities determining who will monitor, who will receive alerts, and how information will be accessed and shared. With essential network performance hierarchy and structure in place, operational excellence should be the expected outcome.