In Part Two of APMdigest's exclusive interview, Shane Pearson, Vice President, Product Marketing for HP Software, shares guidance on APM challenges including mobile performance, security and event management.
APM: What are the main challenges to monitoring mobile performance?
SP: Not all mobile applications are the same. There are two basic types of mobile applications, native mobile applications and browser-based applications. Native applications reside on user devices and communication over HTTP(s). Browser-based applications use modified browsers to access applications online. When monitoring these applications you should consider how the user experiences the service from a native application and from the browser. If access from a browser, does the entire page render? How long does it take? Does it perform differently from one device to another? Customers may have a very different experience using a mobile browser than using the native application. When monitoring these new services it is important to be able to gauge how your customers experience the mobile application and how they experience it from various devices.
Feature-greedy users generate change and complexity. Let's face it -- everybody loves the latest gadgets with all the latest bells and whistles. This is great for the consumer markets but this can introduce complexity when trying to manage mobile applications. As in the example above, the user's experience may be different from device to device. So when looking at monitoring mobile applications, not only do you have to consider browser and native applications but also the various devices. Some management vendors offer a service where you can rent cradles of phones to test and to monitor mobile applications. This can be a costly option. Another way is to emulate the application for multiple devices. This is a more cost-effective way to understand how your applications will perform for the various mobile devices.
Visibility into chaos can help you troubleshoot issues. Not only do you need to understand how end users experience these new mobile applications, but when something does fail what was the cause of the failure? How do I know if it's an issue with the application, the device, and the carrier? Also, with many mobile applications built to leverage the already underlying business services, applications and supporting infrastructure, this can complicate and lengthen the time it takes to find the root cause of an issue. When monitoring the mobile application you should also be monitoring all dependencies and be able to visualize the entire end-to-end service. Having an end-to-end service view is key to understanding the complexity of IT environments.
APM: How do security issues impact application performance management?
SP: Security information is rarely integrated with IT operations or application data. Often, the Security Operations Center (SOC) and the Network Operations Center (NOC) are silo groups, working independently, without any integration or even communication. And without any type of integration between these two groups, you don’t have the complete visibility you need in order to troubleshoot and find the root cause of a problem.
Here’s a typical example. If operations is seeing a key application slowing down, where the end users are being impacted, they don’t know if it is related to some usage spike related to an unusual load, if it is a piece of failing hardware, or some sort of security attack. Customers don't have the insight or context they need to react quickly, and drill down to the root problem, so they can protect their business. In this type of scenario, the operator may just throw more resources at the host to meet the demand spike. But, if there is some type of security breach, that approach is just wasting money, and won't solve anything.
As you can see, a new approach is needed.
APM: What is the solution?
SP: The solution for this type of dilemma is by having better communication with, and tool sets for, the NOC and the SOC. HP’s integration of ArcSight and BSM is helping bridge these two groups to give better insight to the root cause of a problem.
With BSM 9.1, the operations team has the capability to now bring security events from ArcSight Enterprise Security Manager (ESM) and Logger products into one central Operations Bridge, which we call Operations Manager i (OMi).
The ArcSight integrations with BSM leverage HP's unique strengths in both IT Operations and Security and provide a great differentiator for HP.
The three main benefits of this integration include:
1. Logs for Ops: Archive historical data center behavior by collecting and storing raw logs and correlated event data from varied data sources (300+ sources) OOB
2. Event Search and Analytics: Search, analyze and report on IT events from a single console
3. NOC and SOC collaboration: visibility into the health of the entire IT infrastructure including security aspects
APM: Explain how HP event management integrates with third-party monitoring technologies?
SP: HP brought to market Operations Manager i (Omi) which has become the Managers of Managers within IT operations as it brings events from various different parts of the data center into one single console. This includes events from each of the BSM monitoring tools for systems, network, and applications, but also 3rd party vendors such as Nagios and SCOM.
Additionally, OMi now shows security events coming in from ArcSight. And because OMi is built upon the Run-Time Service Model, it not only pulls in all events across the data center, but it can grab topology and CI information as well. This is called Topology-based Event Correlation, which is built on patented technology from HP labs. Having topology information with the events gives you the ability to determine the root cause of the problem and prioritize the remediation of those events based upon the business impact of the issue. Our customers are now using Omi as their single pane of glass or presentation layer for events consolidation and correlation.
APM: How does Topology-based Event Correlation work?
SP: HP's Topology-based Event Correlation (TBEC) utilizes detailed, comprehensive, and automatically updated discovery and relationship information to analyze alerts and events, and ultimately determine the event that is most likely the cause of an incident.
Using TBEC, operators are presented with a clear representation of which event they need to investigate and what symptoms can be ignored, which then helps them determine the team best suited to resolve an incident. With TBEC, there is less need to guess at the cause of an incident or spend time chasing symptoms -- so operations staff can fix issues faster, handle more incidents, escalate fewer issues to expert staff, and collaborate more effectively to resolve problems -- all of which ultimately help make incident management more efficient.
Organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments, according to new global survey conducted by Propeller Insights for Volterra ...
Developers spend roughly 17.3 hours each week debugging, refactoring and modifying bad code — valuable time that could be spent writing more code, shipping better products and innovating. The bottom line? Nearly $300B (US) in lost developer productivity every year ...
While remote work policies have been gaining steam for the better part of the past decade across the enterprise space — driven in large part by more agile and scalable, cloud-delivered business solutions — recent events have pushed adoption into overdrive ...
Time-critical, unplanned work caused by IT disruptions continues to plague enterprises around the world, leading to lost revenue, significant employee morale problems and missed opportunities to innovate, according to the State of Unplanned Work Report 2020, conducted by Dimensional Research for PagerDuty ...
In today's iterative world, development teams care a lot more about how apps are running. There's a demand for fixing actionable items. Developers want to know exactly what's broken, what to fix right now, and what can wait. They want to know, "Do we build or fix?" This trade-off between building new features versus fixing bugs is one of the key factors behind the adoption of Application Stability management tools ...
With the rise of mobile apps and iterative development releases, Application Stability has answered the widespread need to monitor applications in a new way, shifting the focus from servers and networks to the customer experience. The emergence of Application Stability has caused some consternation for diehard APM fans. However, these two solutions embody very distinct monitoring focuses, which leads me to believe there's room for both tools, as well as different teams for both ...
The 2019 State of E-Commerce Infrastructure Report, from Webscale, analyzes findings from a comprehensive survey of more than 450 ecommerce professionals regarding how their online stores performed during the 2019 holiday season. Some key insights from the report include ...
Robinhood is a unicorn startup that has been disrupting the way by which many millennials have been investing and managing their money for the past few years. For Robinhood, the burden of proof was to show that they can provide an infrastructure that is as scalable, reliable and secure as that of major banks who have been developing their trading infrastructure for the last quarter-century. That promise fell flat last week, when the market volatility brought about a set of edge cases that brought Robinhood's trading app to its knees ...
Application backend monitoring is the key to acquiring visibility across the enterprise's application stack, from the application layer and underlying infrastructure to third-party API services, web servers and databases, be they on-premises, in a public or private cloud, or in a hybrid model. By tracking and reporting performance in real time, IT teams can ensure applications perform at peak efficiency — and guarantee a seamless customer experience. How can IT operations teams improve application backend monitoring? By embracing artificial intelligence for operations — AIOps ...
In 2020, DevOps teams will face heightened expectations for higher speed and frequency of code delivery, which means their IT environments will become even more modular, ephemeral and dynamic — and significantly more complicated to monitor. As a result, AIOps will further cement its position as the most effective technology that DevOps teams can use to see and control what's going on with their applications and their underlying infrastructure, so that they can prevent outages. Here I outline five key trends to watch related to how AIOps will impact DevOps in 2020 and beyond ...