How a Tap or SPAN Choice Impacts APM
May 22, 2019

Keith Bromley
Ixia

Share this

For application performance monitoring (APM), many in IT tend to focus a significant amount of their time on the tool that performs the analysis. Unfortunately for them, the battle is won or lost at the data access level. If you don’t have the right data, you can’t fix the problem correctly.

This viewpoint is backed up by an APMdigest post back in August where Jim Frey cited some critical survey research. The research showed that "26% reported that their biggest challenge with incident response is that data exists, but they can’t access or analyze it easily." Key point – you need access to the right data at the right time to solve your problems.

This begs the question — how do I get the right data access?

The best source of data is from a network tap. A tap makes a complete copy of ALL the data passing through it. It is a passive device, so it does not alter any of the data and has a negligible effect on transmission time.

Taps are great because they are "set and forget." You simply plug the device into the network with a one-time disruption and you are done. No programming is required. Best of all, you can place taps anywhere in the network that you need data from — ingress, egress, remote offices, etc.

The one drawback to using taps is that if you install lots of them (which you will want to do), the amount of data feeds can overload the input ports to your APM tools. However, this issue is easily resolved by installing a network packet broker (NPB) to aggregate the data from the taps, filter the data as necessary, and then send that data on to the APM tool. This eliminates the overcrowding of the data ports on your APM tool.

An alternative to a tap is to use a mirroring port (also referred to as a SPAN port) off of your network switches. However, this is not recommended. One reason is that these ports are active devices, i.e. they can materially change data packet characteristics as the packets flow through the device. This is especially important when using data from these ports to diagnose problems.

In addition, bad packets (i.e. malformed packets) are dropped by the SPAN port. This ends up giving you a "digital view" of the situation, i.e. everything is fine and then there is a problem. Missing packets that could show degradation prior to data loss (which could have been useful to create a quicker diagnosis) is missing, along with any context as to what was happening before the problem began.

In the end, optimum data capture can be achieved using a tap and NPB. This results in a faster mean time to repair (MTTR).

Keith Bromley is Senior Manager, Solutions Marketing at Ixia Solutions Group, a Keysight Technologies business
Share this

The Latest

January 28, 2020

With a projected 7 billion mobile users by 2021, mobile is becoming the most dominant digital touchpoint for customer engagement. Annual mobile app downloads are projected to reach 258 billion by 2022 — a 45% increase from 2017. But downloads alone do not indicate mobile success — retention and engagement are key. While there are many factors that influence these metrics, application performance may be one of the most critical ...

January 27, 2020

Cloud-based project management (PM) software has become increasingly popular in the last five years. In this blog, we'll dig into the data from our 2019 PM software user report and expand on the rise of cloud-based PM tools, highlighting who is using these tools and what they're using them for ...

January 23, 2020

EMA is about to embark on some new research entitled Data-Driven Automation: A Vision for the Modern CIO. We're trying to piece a puzzle together that so far we don't believe anyone to date has fully done — seek out where and how IT is moving toward integrated strategies for automation in context with real-world objectives and obstacles. We'll be looking at four use cases, each of will no doubt tell its own story ...

January 22, 2020

Many pitfalls await CIOs on the journey to the cloud. In fact, a majority of companies have been only partially successful, while some are outright failing. To learn more about this migration, Business Performance Innovation (BPI) Network surveyed IT and business executives and conducted in-depth interviews ...

January 21, 2020

The online retail industry has yet to have a Black Friday/Cyber Monday weekend unscathed by web performance (speed and availability) problems. Luckily, performance during 2019's hyper-critical online holiday shopping weekend was better than in years past, as we did not see any systemic, lengthy outages. While no website went completely down, several retailers did experience significant problems. Why have online retailers yet to figure out how to be crash-free during this all-important peak traffic period? We've identified several reasons for this ...

January 16, 2020

Gartner highlighted the trends that infrastructure and operations (I&O) leaders must start preparing for to support digital infrastructure in 2020 ...

January 15, 2020

Edge computing usage is starting to increase. The obvious follow-up question is, "So, what can I do with edge computing?" I'm glad you asked. There are lots of things you can do ...

January 14, 2020

Industry experts offer predictions on how Network Performance Management (NPM) and related technologies will evolve and impact business in 2020. Part 2 offers predictions about 5G and more ...

January 13, 2020

Industry experts offer predictions on how Network Performance Management (NPM) and related technologies will evolve and impact business in 2020 ...

January 09, 2020

With AI on the edge, companies will more easily monitor desktops, tablets and other end-user devices. AIOps will enable IT to guide employees on improving productivity from the applications installed on their devices while delivering greater visibility and control around the entire IT environment ...