
If you are like most IT professionals, which I am sure you are, you are dealing with a lot issues.
Typical issues include:
■ Constantly changing security threats to your network
■ An internal and external emphasis on your customer quality of experience
■ A greater need to troubleshoot problems faster
These three requirements are forcing IT to acquire an even better insight and understanding of their network to maximize its performance. One thing you can do to accomplish these goals is to begin using application intelligence to deliver the kind of insight you need. Application intelligence is simply detailed application level information about your network.
Acquiring this type of information can be difficult, unless you have implemented a visibility architecture with a network packet broker (NPB). A good NPB can filter network data based upon Layer 7 (application level) information which makes the process easy. Really good NPBs will provide additional meta data information like NetFlow data, geolocation information, device type, browser type, etc. With all of this information, you can really start to see what is happening on your network and where it's happening.
For instance, here are just a few cool things application intelligence can help you with:
■ Generate an application level dashboard to observe applications in use and bandwidth consumption on a per app basis
■ Troubleshoot localized and global network issues faster
■ Filter data to security and monitoring tools based upon application signatures to improve tool efficiency and speed of analysis
■ Identify bandwidth hogs and bandwidth explosions on the network, e.g., Smartphone apps
■ Use geolocation to show overloaded / underperforming network segments
■ Spot indicators of compromise on your network
■ Improve your adherence to regulatory compliance mandates
Application intelligence gives you summary information about how your network is performing. This includes a dashboard that shows you visually a list of applications in use, the percentage of network bandwidth allocation per application, a listing and breakdown of usage of device types and browser types, and the loading across your network.
The dashboard should also let you filter on one or more applications so that you can narrow the dashboard view to see only what you want and need to see. This dashboard will be a key factor in converting data into usable information because lets you intuitively visualize the information.
As an example, a visibility architecture that uses application intelligence information can be used to capture critical information needed for the whole troubleshooting process. Filtering can be created to isolate specific applications that are being reported to have problems.
Geolocation capability can also be used to help quickly locate geographic outages and potentially narrow troubleshooting efforts to specific vendors that may be causing network disruptions. This reduces troubleshooting costs and improves customer Quality of Experience.
Eliminating inspection of ... low-risk data can make your IDS solution up to 35% more efficient
Another powerful use case for application intelligence is to use application filtering to improve security and monitoring tool efficiencies. Delivering the right information is critical because garbage in results in garbage out. For instance, by using application intelligence to screen traffic before it is sent to an intrusion detection system (IDS), information that may not require screening (e.g. voice and video) can be routed downstream and bypass IDS inspection. Eliminating inspection of this low-risk data can make your IDS solution up to 35% more efficient.
Application intelligence can be used to identify slow or underperforming applications or network segments. For instance, application information, flow data, and geographic information can be combined to show what applications are running on your network, how much bandwidth each application is using, and what the geographic usage is for the application(s). This allows you to isolate and filter traffic matching specific applications, geographies, keywords, and handset types to start root analysis work flows.
Another use case allows you to access empirical data to identify bandwidth usage, trending, and growth needs. This empirical data can then be used to proactively manage network resources and new equipment installations, accurately forecast expansions, and perform better budgeting for expansions. The data can then be exported to other applications, like a Splunk application or something, for long-term data collection and performance trending.
One example is a wireless carrier with smartphone users. A new app, like a multi-user scavenger hunt app, could be relatively small one minute and then could literally exploded 1,000, 10,000 or even 100,000 times in the amount of bandwidth consumption in just a few weeks time. Unplanned bandwidth explosions like this can severely impact the quality of service and quality of experience on the network.
The bandwidth explosion issue isn't just one for service providers either. Bring Your Own Device (BYOD) and the plethora of apps on today's smartphones can easily affect network bandwidth for small to medium businesses as well as enterprises. Bandwidth explosions can happen on the wired and wireless networks in a short amount of time. This makes it critical to be able to observe the network in real-time to understand what is happening.