Thursday, 23 July 2020 10:19

How pervasive visibility reduces network downtime in the new tomorrow

By Rami Rammaha, Gigamon

GUEST OPINION by Rami Rammaha, Senior Product Marketing Manager, Gigamon:  The only certainty about today’s work environment is uncertainty and change. One primary inhibitor for organisations embracing any kind of transformation is network complexity. Complex networks are too expensive to operate and audit, and often have too many outages.

According to a recent global survey of about 1,600 IT professionals by the Uptime Institute, network failure is rivalling power failure as a cause of downtime.1

The cost of outages is astronomical: According to the Cisco 2020 Global Networking Trends Report, the average cost per network outage is US$402,542 in the United States and US$212,254 in the United Kingdom.2 Further, the Uptime Institute survey found that one in ten major outages cost over $1 million.1

Correlation between visibility and network outages

Outages are increasingly spanning multiple data centres as users adopt hybrid infrastructure. Outages can result from breaches or attacks, or network or application performance-related issues. Also, outages can be simply the result of network misconfiguration.

NetOps and SecOps agree that organisations can’t manage, operate and troubleshoot what they can’t see, especially in a mixed physical, virtual and cloud-based environment.

So visibility must be context-aware L3–7, delivering a multi-dimensional overview of applications: visualisation, identification and filtering of applications running on the network, with rich attributes/metadata extraction and analysis that examines the behaviour of network, app and user.

How does pervasive visibility reduce network outages? The lack of visibility, transparency and accountability are key roadblocks to providing enhanced business productivity and quality of user experience.

In order to reduce outages, pervasive visibility must provide deep and granular insight into the application or data in motion gaining critical flow details.   

Then how do we Identify and analyse data in motion? This goes beyond relying on TCP port information. The visibility platform must offer deep packet inspection into Layer 7 that automatically identifies thousands of common business, IT and consumer applications as well as thousands of HTTP web applications. Identification of traffic must include encrypted traffic, where decryption and encryption may be required without disruption or performance impact to the network.

Furthermore, the visibility platform must provide rich attributes and metadata that shed light on security and network status and to help to prevent breaches and poor performance where NetFlow falls short. These rich sets of metadata include:

  • DNS parameters: Request/response, queries and device identifiers
  • HTTP: URL identification, command response codes 
  • Identification: Social media user, file and video names, SQL requests
  • IMAP and SMTP: Email-based communications with sender and receiver addresses
  • Service identification: Audio, video, chat and file transfers for VoIP and messaging
  •  SIP and RTP: Session control and media transport for VoIP and messaging

The key factors

Speed and deep packet visibility in extracting rich and meaningful metadata are key factors in reducing network outages. This includes decrypting and encrypting SSL/TLS flows where needed.

Without these capabilities, the performance and security tools won’t be able to process the sheer volume of data crossing the network and identify the root cause(s) quickly and efficiently. For example, a network can be down due to DNS, but without extracting and providing the right DNS parameters to PCAP tools, it will take IT hours or days to determine and restore network availability.

At least one advanced vendor is now supporting a visibility platform, that offers Layer 7 visibility and automatically identifies application traffic from a growing list of more than 3,000 applications. With individual application traffic identification, security and network teams can also zero in on performance issues more quickly and make the distinction between high value apps and ones needing fewer tools for coverage.

Application filtering intelligence doesn’t rely on Layer 4 (for example, TCP) port information, which can be easily spoofed. Instead, it’s powered by deep packet inspection. The classification is based on flow pattern matching, bi-directional flow correlation, heuristics and statistical analysis. Packet data is matched against analysis from researchers, which is constantly kept up to date. Of course, a significant portion of traffic on a modern network originates within users’ web browsers, so application filtering intelligence also offers deep insights into HTTP traffic, identifying traffic from thousands of web applications.

ESG economic validation

As seen in Figure 3, ESG’s Economic Validation found that customers deploying application filtering intelligence recognised substantial benefits including lower hardware costs, less time needed to analyse traffic for security, reduction in overall complexity, and improved business enablement.3

Network-related downtime is frequently estimated to be between 16 to 20 hours per end user per year. Companies deploying application filtering intelligence find their downtime numbers reduced by 30–50 percent due to the efficiency and intuitiveness of the platform. While downtime hours recovered are not always fully measurable to the bottom line, a company of 5,000 employees that recovers just two hours per employee per year will recognise a savings of $290K annually.

References

  1. 2019 Annual Data Center Industry Survey Results. 2019. Uptime Institute. https://uptimeinstitute.com/2019-data-center-industry-survey-results
  2.  Cisco 2020 Global Networking Trends Report. 2020. Cisco. https://www.cisco.com/c/dam/m/en_us/solutions/enterprise-networks/networking-report/files/GLBL-ENG_NB-06_0_NA_RPT_PDF_MOFU-no-NetworkingTrendsReport-NB_rpten018612_5.pdf
  3.  Economic Validation: Analyzing the Economic Benefits of Gigamon. 2019. The Enterprise Strategy Group. https://www.gigamon.com/resources/resource-library/analyst-industry-reports/ar-esg-evv-gigamon.html

Subscribe to Newsletter here

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
BACK TO HOME PAGE

ZOOM WEBINARS & ONLINE EVENTS

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research & Case Studies

Channel News

Comments