Skip to main content

APM for Vendor Provided Business Critical Enterprise Applications

Sri Chaganty

Traditionally, Application Performance Management (APM) is usually associated with solutions that instrument application code. There are two fundamental limitations with such associations. If instrumenting the code is what APM is all about, then APM is applicable only to homegrown applications for which access to code is available.

However, the majority of business critical applications are not homegrown. As the chart below shows, the $320B enterprise software market is driven by vendors who provide solutions for which there is no access to the source code. The enterprise software market in the chart covers a full assortment of commercially off-the-shelf products ranging from corporate databases to Enterprise Resource Planning (ERP) solutions and from Cloud-enabled productivity tools to mission-critical vertical applications. However, there are technical challenges with code instrumentation that are overlooked with this traditional association.


Source: Apps Run the World, 2016

Vendor Provided Software

Traditional APM vendors focus on application software that is developed in house, mainly based on Web Services. These solutions employ Byte Code Instrumentation (BCI), a technique for adding bytecode during "run time." These solutions are developer focused. If developers want to debug or profile the code during run time, BCI is an effective solution.

In reality, enterprises depend on both in-house developed software as well as vendor provided software. Applications that businesses use can be dived into two categories: 1) Business Critical Applications and 2) Productivity Applications. While business critical applications are the foundation on which the business success is dependent upon, productivity applications like email are also equally important for enterprises.

Generally, about 80% of the applications that enterprises use in either category are packaged applications supplied by vendors like Microsoft, SAP, Oracle, PeopleSoft and others. Only 20% of the applications are developed in-house. In the majority of cases, the in-house developed applications generally wrap around vendor provided software.



A common example is an application developed based on web services customized for a business that are supported on SAP in the background. Instrumenting vendor provided software is not possible as the source code is not provided by the vendor, therefore, code instrumentation techniques are not feasible for vendor provided software.

Instrumenting in-house developed application software at different points gives a rich view to optimize the application throughout development. However, there are several types of problems that such instrumentation just can't see. It does not, and cannot, always deliver the complete visibility that users think they're getting. In addition, code instrumentation is not "free", even with the expensive tools commercially available, it takes considerable coding skills (not widely available) to achieve effective code instrumentation without degrading the performance of the production code execution.

Technical Challenges

Code instrumentation can report on the performance of your application software stack, but the service offered to customers depends on far more than just the software – it depends on all of the networks, load balancers, servers, databases, external services like Active Directory, DNS etc., service providers and third parties you use to provide the service. 

Traditional APM products do only BCI. They claim to be transaction management solutions, though there are limitations to what they can do in Java environments, and they have zero visibility of non-Java topologies.

A real transaction management product needs to follow the transaction between different types of application-related components such as proxies, Web servers, app servers (Java and non-Java), message brokers, queues, databases and so forth. In order to do that, visibility into different types of transaction-related data is required, some of which only exists at the actual payload of each request. Java is an interpreter and therefore hides parts of the actual code implementation from the Java layer. The Java Virtual Machine (JVM) itself is written in C, therefore there are operating system-specific pieces that are not accessible from Java and thus not accessible through BCI techniques.

If you want to use features of TCP/IP packets for tracing a transaction between two servers, the actual structure of packets is not accessible from the Java layer. There is information that is crucial to trace transactions across more than just Java hops. Such information is available only at a lower layer than the Java code, thus not accessible by BCI, which limits the ability to trace transactions in the real world.

Conclusion

For vendor provided software, BCI is an ineffective technique. For in-house built software, BCI allows programmers to enhance the code they are developing. It is a necessary tool for development teams but insufficient as it does not offer the visibility that IT Operations require in order to understand the application service delivery chain performance. If your business depends on mission-critical web or legacy applications, then monitoring how your end users interact with your applications is more important than how well the code is written. The responsiveness of the application determines the end user's experience. The true measurement of end-user experience is availability and response time of the application, end-to-end and hop-by-hop – covering the entire application service delivery chain.

Sri Chaganty is COO and CTO/Founder at AppEnsure.

Hot Topics

The Latest

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...

IT and line-of-business teams are increasingly aligned in their efforts to close the data gap and drive greater collaboration to alleviate IT bottlenecks and offload growing demands on IT teams, according to The 2025 Automation Benchmark Report: Insights from IT Leaders on Enterprise Automation & the Future of AI-Driven Businesses from Jitterbit ...

A large majority (86%) of data management and AI decision makers cite protecting data privacy as a top concern, with 76% of respondents citing ROI on data privacy and AI initiatives across their organization, according to a new Harris Poll from Collibra ...

According to Gartner, Inc. the following six trends will shape the future of cloud over the next four years, ultimately resulting in new ways of working that are digital in nature and transformative in impact ...

2020 was the equivalent of a wedding with a top-shelf open bar. As businesses scrambled to adjust to remote work, digital transformation accelerated at breakneck speed. New software categories emerged overnight. Tech stacks ballooned with all sorts of SaaS apps solving ALL the problems — often with little oversight or long-term integration planning, and yes frequently a lot of duplicated functionality ... But now the music's faded. The lights are on. Everyone from the CIO to the CFO is checking the bill. Welcome to the Great SaaS Hangover ...

Regardless of OpenShift being a scalable and flexible software, it can be a pain to monitor since complete visibility into the underlying operations is not guaranteed ... To effectively monitor an OpenShift environment, IT administrators should focus on these five key elements and their associated metrics ...

An overwhelming majority of IT leaders (95%) believe the upcoming wave of AI-powered digital transformation is set to be the most impactful and intensive seen thus far, according to The Science of Productivity: AI, Adoption, And Employee Experience, a new report from Nexthink ...

Overall outage frequency and the general level of reported severity continue to decline, according to the Outage Analysis 2025 from Uptime Institute. However, cyber security incidents are on the rise and often have severe, lasting impacts ...

APM for Vendor Provided Business Critical Enterprise Applications

Sri Chaganty

Traditionally, Application Performance Management (APM) is usually associated with solutions that instrument application code. There are two fundamental limitations with such associations. If instrumenting the code is what APM is all about, then APM is applicable only to homegrown applications for which access to code is available.

However, the majority of business critical applications are not homegrown. As the chart below shows, the $320B enterprise software market is driven by vendors who provide solutions for which there is no access to the source code. The enterprise software market in the chart covers a full assortment of commercially off-the-shelf products ranging from corporate databases to Enterprise Resource Planning (ERP) solutions and from Cloud-enabled productivity tools to mission-critical vertical applications. However, there are technical challenges with code instrumentation that are overlooked with this traditional association.


Source: Apps Run the World, 2016

Vendor Provided Software

Traditional APM vendors focus on application software that is developed in house, mainly based on Web Services. These solutions employ Byte Code Instrumentation (BCI), a technique for adding bytecode during "run time." These solutions are developer focused. If developers want to debug or profile the code during run time, BCI is an effective solution.

In reality, enterprises depend on both in-house developed software as well as vendor provided software. Applications that businesses use can be dived into two categories: 1) Business Critical Applications and 2) Productivity Applications. While business critical applications are the foundation on which the business success is dependent upon, productivity applications like email are also equally important for enterprises.

Generally, about 80% of the applications that enterprises use in either category are packaged applications supplied by vendors like Microsoft, SAP, Oracle, PeopleSoft and others. Only 20% of the applications are developed in-house. In the majority of cases, the in-house developed applications generally wrap around vendor provided software.



A common example is an application developed based on web services customized for a business that are supported on SAP in the background. Instrumenting vendor provided software is not possible as the source code is not provided by the vendor, therefore, code instrumentation techniques are not feasible for vendor provided software.

Instrumenting in-house developed application software at different points gives a rich view to optimize the application throughout development. However, there are several types of problems that such instrumentation just can't see. It does not, and cannot, always deliver the complete visibility that users think they're getting. In addition, code instrumentation is not "free", even with the expensive tools commercially available, it takes considerable coding skills (not widely available) to achieve effective code instrumentation without degrading the performance of the production code execution.

Technical Challenges

Code instrumentation can report on the performance of your application software stack, but the service offered to customers depends on far more than just the software – it depends on all of the networks, load balancers, servers, databases, external services like Active Directory, DNS etc., service providers and third parties you use to provide the service. 

Traditional APM products do only BCI. They claim to be transaction management solutions, though there are limitations to what they can do in Java environments, and they have zero visibility of non-Java topologies.

A real transaction management product needs to follow the transaction between different types of application-related components such as proxies, Web servers, app servers (Java and non-Java), message brokers, queues, databases and so forth. In order to do that, visibility into different types of transaction-related data is required, some of which only exists at the actual payload of each request. Java is an interpreter and therefore hides parts of the actual code implementation from the Java layer. The Java Virtual Machine (JVM) itself is written in C, therefore there are operating system-specific pieces that are not accessible from Java and thus not accessible through BCI techniques.

If you want to use features of TCP/IP packets for tracing a transaction between two servers, the actual structure of packets is not accessible from the Java layer. There is information that is crucial to trace transactions across more than just Java hops. Such information is available only at a lower layer than the Java code, thus not accessible by BCI, which limits the ability to trace transactions in the real world.

Conclusion

For vendor provided software, BCI is an ineffective technique. For in-house built software, BCI allows programmers to enhance the code they are developing. It is a necessary tool for development teams but insufficient as it does not offer the visibility that IT Operations require in order to understand the application service delivery chain performance. If your business depends on mission-critical web or legacy applications, then monitoring how your end users interact with your applications is more important than how well the code is written. The responsiveness of the application determines the end user's experience. The true measurement of end-user experience is availability and response time of the application, end-to-end and hop-by-hop – covering the entire application service delivery chain.

Sri Chaganty is COO and CTO/Founder at AppEnsure.

Hot Topics

The Latest

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...

IT and line-of-business teams are increasingly aligned in their efforts to close the data gap and drive greater collaboration to alleviate IT bottlenecks and offload growing demands on IT teams, according to The 2025 Automation Benchmark Report: Insights from IT Leaders on Enterprise Automation & the Future of AI-Driven Businesses from Jitterbit ...

A large majority (86%) of data management and AI decision makers cite protecting data privacy as a top concern, with 76% of respondents citing ROI on data privacy and AI initiatives across their organization, according to a new Harris Poll from Collibra ...

According to Gartner, Inc. the following six trends will shape the future of cloud over the next four years, ultimately resulting in new ways of working that are digital in nature and transformative in impact ...

2020 was the equivalent of a wedding with a top-shelf open bar. As businesses scrambled to adjust to remote work, digital transformation accelerated at breakneck speed. New software categories emerged overnight. Tech stacks ballooned with all sorts of SaaS apps solving ALL the problems — often with little oversight or long-term integration planning, and yes frequently a lot of duplicated functionality ... But now the music's faded. The lights are on. Everyone from the CIO to the CFO is checking the bill. Welcome to the Great SaaS Hangover ...

Regardless of OpenShift being a scalable and flexible software, it can be a pain to monitor since complete visibility into the underlying operations is not guaranteed ... To effectively monitor an OpenShift environment, IT administrators should focus on these five key elements and their associated metrics ...

An overwhelming majority of IT leaders (95%) believe the upcoming wave of AI-powered digital transformation is set to be the most impactful and intensive seen thus far, according to The Science of Productivity: AI, Adoption, And Employee Experience, a new report from Nexthink ...

Overall outage frequency and the general level of reported severity continue to decline, according to the Outage Analysis 2025 from Uptime Institute. However, cyber security incidents are on the rise and often have severe, lasting impacts ...