Fallen Stormtrooper

Performance Is The First Victim In Application Warfare

Fallen Stormtrooper“The more, the merrier!” goes the old cry. Well, not when a multitude of applications jostle for priority across a ‘best effort’ Internet. Oldies among us still remember the days of crystal-clear analog telephone conversations across connections that were completely reserved for our conversing pleasure (of course, telecom costs were outrageous, and there wasn’t any data to crowd voice calls out). Now, thousands of apps spew out across any available bandwidth. This makes traffic load predictions and management an increasingly daunting task, if you still have intentions of delivering end-to-end quality of service.

If your business relies on ecommerce or providing consumer network services, then there are several internal company constituencies who are seriously concerned about service quality degradation. These include (at least): customer care, product owners, sales, marketing, engineering, and, at the end of the day, corporate management who have to answer to their boards and shareholders.

The first requirement is to understand the network’s performance in real time as the user experiences it, and then to manage (and meet) those customers’ expectations. This requires a combination of a number of methods: detection using DPI (Deep Packet Inspection) to identify what apps are running; monitoring of application response time and device performance; and resourcing, allocating network resources (bandwidth and processing capacity) to ensure customer QoE (Quality of Experience).

Cisco has, over the past two decades, invested heavily in addressing these issues on its wide range of Internet routing and switching platforms.  Today many of its proprietary solutions have become quasi-industry standards, partly because they are very efficient and backed up by a huge global support and marketing organization, but partly also because of Cisco’s ecosystem business strategy that allows certified, third-party software developers easy access to its hardware platforms on kit such as the ASR5000. Three Cisco solutions currently dominate the quality of service application management space: AVC (Application Visibility and Control), NBAR2 (Next Generation Network-Based Application Recognition), and Netflow for class-of-service and network congestion management.

CA, with its recently launched NFA 9.2 (Network Flow Analysis), is one such partner in the Cisco ecosystem. Using the NBAR2 ability to ‘fingerprint’ more than 1000 commonly-used applications, the CA solution complements Cisco’s capabilities with heuristic anomaly detection that learns about the network over time, and automatically detects and creates alarms for anomalies that can impact performance and create security risks. The aim is to provide a proactive safeguarding of critical service levels while reducing the costs associated with network troubleshooting. Recent “Zeus” data-stealing malware attacks on Salesforce customers highlights this issue for SaaS providers.

Better application optimization capabilities are also needed to identify and remediate traffic congestion issues before they degrade service quality. The CA NFA 9.2 monitors response times for the NBAR2 ‘fingerprinted’ applications, and also allows network managers to create additional profiles for their organization’s custom applications. This extended application-monitoring capability can improve internal enterprise IT efficiency, but also opens up new revenue streams for telcos and other cloud service providers that can provide application-centric monitoring as a cloud service.

Traffic anomaly identification provides the analytics that can identify security and application performance threats such as misconfigured application servers, the onset of a Denial-of-Service attack, or internal data leakage. This is done by relating ports and protocols to specific applications, understanding response times for those applications, and applying analytics to reveal potential issues on a proactive basis.

Certainly, the rush of new cloud-based apps, greater user mobility, and higher bandwidth demands (just look at the news gushing out from the Mobile World Congress event in Barcelona) maintains the pressure on internal IT and service providers to meet growing user and customer QoE expectations.

The symbiotic dev-ops relationship between a hardware-centric Cisco and a wide range of software developers like CA is hard to beat, because performance improvements can quickly become available to a very large global customer base, offering improved performance with minimal investments in new hardware.

Smaller competitors like Extreme Networks with its ASICs-based Purview solution have to provide it all themselves, notably combining the ability to ‘fingerprint’ 13,000 apps in the context of the user’s present role in the business process, location, time of day, type of device, and type of network they are connected on. Their advantage is the ability to craft more customized solutions.

The business-criticality of application performance and security in many companies requires the IT department to adopt an application QoE strategy that meet real-time performance demands, but also ensures buy-in from a wide range of internal stakeholders from the call center to the board room.

Image credit: JD Hancock (flickr) / CC-BY