Networking Analytics Increase Visibility into Systems Performance

by   |   December 21, 2012 4:00 pm   |   0 Comments

When the network goes down at an organization, it’s the network manager who gets the call from a department head, a disgruntled user or worse, top management. But while users—who are creating more demands for IT by bringing their own tablets and smartphones to work—typically blame any glitch on their network, the problem could lie elsewhere in an IT infrastructure. It could be an infected file on a PC or server, a coding error in an application, or even corrupted databases on the storage area network.

A new crop of tools from companies such as Riverbed Technology, Network Instruments and NetScout, among others, store terabytes of data about the network and use analytics to pinpoint what’s slowing down application performance before users start calling in. By offering a timeline analysis view of the network that tracks latency down to the millisecond, network managers now have tools that let them diagnose network outages well before users report them.

These new network management tools present a more robust view of network activity compared to the past, when network managers would have separate tools to run packet-based monitoring, track flow records (data about routers and switches) and analyze all the nodes on the network. The latest generation of tools integrates all those functions into one software package to give network managers greater visibility. It also lets them be more proactive.

Related Stories

For telcos, Guavus analytics offers insight into network performance.

Read more»

Splunk shows machine data not just for IT any more.

Read more»

Analytics seen spreading for network security, compliance use cases.

Read more»

Tools featuring networking analytics are appearing at a time when more enterprises are merging their voice networks (via Voice over IP) with their data networks. This is a stepping stone to deploying more unified communications applications such as voicemail in email, softphones and video chat.  Most network traffic is now IP-based and there’s more audio, video and virtual desktop interface (VDI) applications running across the network.

The new tools also play into the IT systems virtualization trend. The big challenge for network managers is gaining visibility into their networks as they virtualize servers, applications and databases. With virtual servers, applications can talk to one another via a virtual switch on the same server. So the new tools are addressing how network managers keep track of all the virtual instances and how they interact with the network.

Tools from Riverbed, Network Instruments and NetScout can make a difference in an IT organization, says Jim Frey, managing research director at analyst firm Enterprise Management Associates.

“The primary value of these tools is that they offer visibility into the network,” Frey says. “The tools are designed to tell network managers what’s traveling across the network links, and that’s where the applications lie. Remember that users don’t experience the network, they experience applications.”

“In the past, when there was a problem with the network, we depended on people to tell us,” says Douglas Van Gelder, IT director for the Morongo Band of Mission Indians in Banning, Calif. Van Gelder uses Network Instruments’ Observer and Observer Infrastructure products.

“Now, we know right away when there’s a problem. When people call in we’re already on it,”  says Van Gelder, who manages the tribe’s administrative and financial systems, as well as the network for public safety, public works, schools and several businesses that do not include the tribe’s casino.

Van Gelder says as the tribe built out its gigabit network, the organization’s IT needs expanded, but his team lacked a way to monitor and manage the network.

Larry Potthoff, CEO of Enterprise Networks Solutions (ENS), a provider of networking services and also a Network Instruments user, says networking analytics ends all the finger pointing. “The network people always blame the application and the application developers blame the network, tools like Network Instruments end all that,” he says.

Potthoff says in one instance, one of his customers, a trader in gold and precious metals, experienced a flood of telephone calls following an infomercial on television. There was such a huge influx of calls, that many of them went into voicemail and roughly one out of 50 were garbled.

The customer thought it was the voice mail server ENS installed, but Potthoff and his team thought it was latency across the wide area network. They ran an analysis with a Network Instruments GigaStor device and it turned out that it really was an issue with the voicemail server. The vendor sent a bug fix and the problem was solved.

“It turned out that the customer was right, but we found out what was wrong,” Potthoff says. “GigaStor stores every packet, we could replay the garbled message and pinpoint where the latency was.”

It’s that kind of granular detail that makes a difference for the Morongo Band’s Van Gelder, who says the tools lets him graphically see a timeline analysis of the network traffic down to the millisecond.

“We can view the timing of how long it takes a request to travel from a PC to and from a database/application server,” says Van Gelder. “We can then determine where the problem is – requesting the PC, network or database/application server and take appropriate action to resolve it.”

Marc Seybold, CIO at SUNY at Old Westbury in Nassau County, N.Y., says Riverbed’s Cascade Profiler also gives him the granular detail he needs to keep on top of today’s network problems.

Seybold says it took the IT staff less than an hour to determine the cause of a network infection that Seybold’s team had been working on for nearly three weeks.

“Riverbed made it transparent to us,” he says. “Once we ran the analysis, it became immediately obvious that certain machines were infected.”

Seybold says people on campus mostly thought that the network was down, but what actually happened was that malware spread across four to six machines. Once the infected machines were disconnected from the network, everything else functioned normally.

“It’s really gotten to the point that we need the next generation of tools to have the level of service and response times people expect today,” Seybold says. “It would be impossible to do the job without them.”

Steve Zurier is a freelance writer based in Maryland. Email him at and follow him on Twitter @szurier.

Tags: ,

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>