Oct 27, 2016
The networking industry is in the midst of a transition to the digital era. The network plays a critical role in the success of digital businesses as many of the digital building blocks, such as IoT and the cloud, are network-centric. This is one of the reasons why there is currently so much focus on network evolution. Technologies such as SDN, SD-WAN, WiFi, segmentation are currently red hot.
However, before moving forward, it’s critically important to go through the exercise of establishing a network baseline. In actuality, setting a network baseline will provide value regardless of whether the network is being evolved or not. Understanding the current state of the network can have many benefits, including planning for growth.
The definition of a network baseline is a set of metrics that describe normal operating parameters. Setting the baseline enables engineers to catch changes in traffic that could indicate an application performance problem or a security breach. It also lets network operations understand the “before” and “after” when a change is made, making it easier to measure the benefit and calculate an ROI. Without an accurate baseline, any kind of measurement being done is basically a best guess. An experienced network professional might be able to make an educated guess, but it’s still a guess.
To understand the role in performance, consider an organization that is running VoIP. There’s a metric called “MOS”, or Mean Opinion Score, that is a combination of network metrics which indicates voice quality. For example, a MOS of 4.0 is business quality. Anything below that number might cause users to complain. Let’s assume that MOS is measured and a baseline is set where the norm is 4.6. Over time network operations notices the metric drop from 4.6 to 4.4 to 4.2. It’s still above 4.0 so it’s unlikely that users are complaining, but when extrapolated out, it’s clear there will be a problem. The business can then go through the process of understanding the root cause and taking corrective action proactively instead of waiting for the workers to be impacted by poor quality calls.
Another example pertains to the role of baselines in network security. Obviously if there’s a huge spike in traffic, that could indicate some kind of volumetric denial of service (DoS) attack. But baselines can do more than that. Take an example of a certain user where normal traffic patterns indicate the network is being used to access the CRM system, e-mail, and Internet. Then suddenly there is traffic going from the user’s computer to the accounting server. That could indicate that the computer was hacked and malware is attempting to access and compromise financial information. Any kind of traffic that deviates too far from the norm should be lead to the quarantining of an endpoint. This can help mitigate risk and minimize the damage when a breach occurs.
Baselines also help measure the impact of architectural changes. As an example, if a company is using a traditional MPLS network it can set baselines to understand the volume of traffic flowing over the WAN links. The baseline can then be used to help the business understand whether they are spending the right amount on the network, or over-spending. Also, if the company then evolves to an SD-WAN and implements WAN optimization technologies, it can reset the baseline to measure the ‘before’ and ‘after’ of how much bandwidth is being used. The company can then adjust the size of the circuits being purchased and lower the amount money being spent on the network.
Businesses struggle with optimizing application performance, securing the network ,and optimizing costs. Setting baselines can be the starting point for successfully achieving all of these initiatives.