Network Analytics: Dialing Up Performance and Protection in Digital Infrastructure

For those organizations pursuing an aggressive digital transformation, heightened network visibility and control has become a critical success factor. For less aggressive digital transformers, the COVID-19 experience has served notice that more timely and precise monitoring and management of the network is required both during and after the pandemic.

Here at IDC, we’ve been monitoring network spending throughout the pandemic. Our survey results indicate that two areas of network investment have actually increased in 2020 – Unified Communications & Collaboration and Network Management. The former is obvious given our increased dependence on remote working, virtual teaming, and distance learning during the pandemic. The latter stands out as a sign that organizations are reassessing their whole approach to networking – including technologies, techniques, tools, even talent. Why is this? Well, the pandemic has accelerated digital transformation for all organizations and with this acceleration comes more calls for a dynamic, stable, secure, automated, and adaptive network infrastructure. In networking, our next normal is nothing like the old normal.

Network Analytics and IT’s Most Pressing Challenges

Before the pandemic, IDC surveyed IT executives on their most significant challenges – across IT and the network. The Top 5 were (in rank order):

1. Security threats
2. IT automation
3. Resource (staff, budget, time) constraints
4. New technology adoption
5. Strategic alignment with the business.

In an examination of these challenges, it is easy to see how the enhanced network visibility and control offered by Network Analytics solutions contributes to answering these greater IT challenges. For example, detailed visibility into network traffic patterns aids in identifying developing threats as soon as they appear in a network. In-depth network analysis exposes existing or developing conditions that drive precise automated management actions – within the network or across networked IT resources. And all this network data and analysis and automation drive more efficient and effective use of infrastructure spending and staff time and expertise. It also enables greater utilization of network components and resources and more timely upgrades – where and when needed; and helps redirect resources from tactical (deployments, operations, problem resolution…) to strategic (analysis, evangelism, planning, design…) responsibilities.

The Positive Impact: Far beyond the Fast Fix. Far beyond the Network.

For a long time now, network management functions have focused on network devices, deployments, and diagnostics. Networks were installed and expected to operate as designed and configured. If a problem occurred, the race was on to fix it and return to the status – and static — quo.

Enter the digital business model. Here, all network metrics increase – e.g., connections, end-users/devices, traffic volumes, complex flows, cloud services, applications, data, customer interactions, and threats. And the infrastructure is expected to adapt readily to changing conditions. Despite all these changes, staff and budget are expected to be contained. The message… Do more with less.

Fortunately, network management is evolving so that systems – not staff – bear more and more of the responsibilities relating to collecting network traffic and component data; applying in-depth processing to all available network data; and, ultimately, directing precise actions aimed at improving the state of the network – and associated resources and services. All of these more evolved management capabilities drive greater positive impact…

• From Repair to Readiness. While all organizations wish to resolve all problems faster, there is even greater value delivered by avoiding problems. Here, fully understanding how ready the network is for that digital-driven addition; validating new components, applications, exchanges, etc. before being put into production; making precise network adjustments to improve service levels… All these and more deliver great benefits above and beyond fixing problems faster.
• From Network to Security. Network traffic data and in-depth analysis of that data serves both network service levels and IT’s security posture. Network exchanges and components can be measured along performance lines – from the simple (e.g., latency, jitter, utilization…) to the complex (e.g., call quality, application response…). While there is method to the madness; still security is tough to achieve. The signal-to-noise ratio is great; however, the best approaches to network intelligence can classify the end-user experience based on statistical profiles, suspicious network activities (unusual ingress/egress port activity), and the quality and consistency of application delivery and sessions.
• From Core to Client. Today’s core IT infrastructure and application portfolio is comprised of a complex web of private and public systems and services. At the other end of the network, today’s clients are a mix of internal workers, external partners, end customers, and increasingly intelligent devices (e.g., IoT sensors). Detailed visibility into the “experience” of the end client, the inner workings of the network, and the service quality of computing resources – hardware and software, public and private, server and storage – drive IT service levels and satisfaction on the part of users, IT management, and business executives.

The Next-Normal in Network Management: Words of Advice

So how do we get ahead – and stay ahead – in networking in the digital era? We can focus on certain key areas:

• Shape the user experience and business outcomes. Understanding the network is one thing. However, in the digital business model, everything revolves around the user experience and the business outcome. Visibility and control over network-centric experiences and outcomes drive the greatest value to those people and processes the infrastructure serves.
• Simplify the management toolset and techniques. Think of all the tools available to the IT staff today. Most are highly specialized – focused on a singular function (e.g., configuration), target (e.g., router), or vendor (Cisco). Most operate as standalone systems. When evaluating tools, prioritize wide-range use, integration potential, and process improvement.
• Shift to a proactive management approach. Be better prepared for anything. Be better able to predict developing needs. Be better at prescribing solutions that minimize or altogether avoid problems. Be better at taking precise actions that enhance network services and lower network risks.
• Sharpen the network “programming” focus. Given the potential value of automation – within the network and across IT – it is no wonder most every network operator and engineer are developing their programming skillsets. And while learning to best use Puppet and Ansible and other tools is certainly useful, one must be sure to add value to off-the-shelf solutions and already available data and functions. Leverage industry solutions and what they bring to your own automation thrust. You’ll deliver greater value to your organization and to your career.
• Share the wealth in network data, analysis, and automation. IT executives are working hard to break traditional IT silos. They form cross-IT project teams. They adopt DevOps practices. They realign talent. The use of network traffic data and analytics tools beyond the networking staff helps the cause here. It gets experts looking at the same information, using the same tools (albeit for different purposes), and driving to the best possible outcomes… together.

For more information, check out the IDC paper Network Analytics: Driving Insights, Integrity, and Innovation 

—

About the Authors

Chris Kissel is a Research Director in IDC’s Security & Trust Products group, responsible for cybersecurity technology analysis, emerging trends, and market share reporting. Mr. Kissel’s primary research area is Cybersecurity Analytics, Intelligence, Response, and Orchestration (AIRO). The major technology groups within this practice are SIEM, device and application vulnerability management, threat analytics, and automation and orchestration platforms. Mr. Kissel effectively covers the processes that security operation center (SOC) analysts employ to monitor, detect, remediate, and mitigate threat actors attempting to attack a network within a security and vulnerability management and security analytics paradigm.

Mark Leary is Research Director for Network Analytics and Visibility responsible for worldwide technology market research and analysis.  Mark’s core research coverage focuses on the broader network management/monitoring and service assurance domains, including the related analytics, AI/ML, automation and programmability aspects as they apply to a secure agile network. Based on his current work and background, Mark’s research also examines advancements in enterprise and cloud network technologies; adoption of cloud services and software-defined systems; network management best practices; and the evolution of IT staff roles and skills in this demanding hyper-connected digital era.