Improving Application Experience with Deep Network Visibility

In the not-so-distant past, everything in the stack of applications and networks was under the control of IT. Workloads lived securely in the local data center – people sat in their offices on campus connected to the secure wireless network, and the MPLS service with SLA connected branches to the data center and to each other.

Today, workforce productivity depends on cloud and SaaS applications, which often rely on public cloud infrastructure, which in turn depends on the Internet as part or all of WAN connectivity. Internet paths depend on multiple ISPs, CDNs, and advanced network services. Hybrid and natural cloud applications are mostly containerized, so performance can be affected by communication paths between microservices, both in the data center and in the cloud. The overall application experience, as perceived by the workforce, depends on the performance of all application components and network connections working together. If one element fluctuates, the whole experience can be affected.

NetOps and DevOps need to understand the interdependence between component applications and set up the corporate network and Internet paths accordingly. A unified view can only be provided by the network fabric, which monitors and analyzes the full package of intertwined components: from the core network data layer to the software-defined WAN to the cloud application containers. Because the workforce has access to applications virtually anywhere, all the time, IT requires comprehensive real-time monitoring of network, Internet, and applications with automatic recovery capabilities. This is Deep Network Visibility, managed by software-defined controllers and network analytics that enable action, policy and automation.

Visibility begins with a comprehensive historical view

To improve the application experience, IT needs tools to record, analyze, and report network and application performance on a large scale to build an in-depth set of historical data against which to apply artificial intelligence and machine reasoning tools. Hybrid and cloud applications consist of multiple microcomponents related to east-west traffic in the data center or cloud service. Continuous monitoring and analysis are needed to optimize the application experience, as many communication problems between applications are transient and difficult to reproduce. The effectiveness of the application should be recorded for machine analysis to identify recurring problems and root causes. Deep visibility of the network from the point of view of the application requires:

  • The app experience as measured by ThousandEyes, NetFlow and AppDynamics.

  • Graph of dependence on the main composite application services and infrastructures.

  • Comprehensive information on the availability and performance of each of the supporting components, such as composite application services, public cloud services, ISPs, network devices, computing and storage infrastructure.

The irony is that mountains of telemetry and activity logs are waiting for analysis by congested IT teams, that there is too much noise in too much data for people to handle in a timely manner. When the amount of data is outside the human scale and below human sensitivity, machine reasoning (MR) can automate the analysis of trillions of bytes of switch and router telemetry, wireless radio fingerprints, and network access point interference to detect patterns in chaos and turn findings into applicable insights and automated mitigation actions.

Automated visibility with AI Network Analytics

To take full advantage of deep historical and real-time data, IT can take advantage of an analytical software package that can:

  • Use custom applications to increase human engineers in NetSecOps with Insights in network performance and security vulnerabilities.

  • Take advantage of machine speed and knowledge base resonance (MRE) machine analysis to free NetSecOps from everyday monitoring tasks to focus on proactive digital transformation projects with DevOps.

  • Achieve massive collection, storage and analysis of different data ponds – collections of anonymized network and application telemetry based on volume, speed and variety of data to compare performance and security metrics.

For several decades, Cisco has been building a pool of global anonymous customer telemetry data alongside a knowledge base of troubleshooting expertise, both of which are available for machine reasoning algorithms under the command and control of the Cisco DNA Center. With Cisco AI Network Analytics, NetOps can, for example, be alerted to increased Wi-Fi interference, network bottlenecks, uneven device uptime, and office traffic congestion in more traditional data center and campus network environments.

However, visibility for cloud-based applications needs a different approach, as much of the application infrastructure is not under the direct control of IT. Direct cloud Internet connections can be unreliable – especially for slow-sensitive applications – unless they are monitored and set up automatically using cloud ramps.

Gaining deep visibility with Cisco Cloud OnRamps for each of the major cloud services – Microsoft Azure, Amazon AWS and Google Cloud, as well as colocation and SaaS platforms – provides the ability to monitor and adjust performance parameters that are automatically applied to maintain appropriate quality of service based on application type and cloud provider. Paths are calculated using tracking characteristics, including packet loss, latency, and oscillation in the data plane tunnels between cloud workloads and endpoints. Cisco AppDynamics and ThousandEyes provide application layer visibility for cloud-to-cloud dynamics, allowing NetOps and DevOps to monitor and identify factors affecting the application experience.

Network analysis + Software controlled controllers = Deep network visibility

Cisco AI Network Analytics works in conjunction with Software controlled controllers also allows deep visibility of the network. The operational intentions and security policies defined in the software-controlled controllers are compared to the telemetry and operational anomalies detected by the MRE to automatically correct operations or isolate counterfeit devices. Always running AI Analytics monitors the distributed manpower and workloads at machine speed by making automatic corrections or sending alerts with suggested corrections to appropriate levels of IT staff or to ITSM applications to log and run problem alerts. Over time, NetOps and DevOps can refine application performance by using a consistent stream of insights from analytics to adapt to changes in workload, workforce, and workplace.

AI and MRE also provide customized recommendations for updates and fixes for controllers. Upgrading controllers carries some risk given the complexity and many differences between existing network configurations. Knowing in advance what impact an update can have – and even if it applies to the existing configuration – can bring peace of mind to the process. Does a particular configuration guarantee a fix if this problem is not relevant? If not, then there is no reason to impose an update that is not required. Do the controllers work with a version of the OS with active PSIRT vulnerabilities? NetOps has been warned to give higher priority to upgrading these specific controllers. Automation and visibility go hand in hand to make operational teams more efficient so they can spend time on more valuable tasks.

Deep visibility provides operational simplicity and serviceability

Deep network visibility is the basis of an operational network and security model that ensures the application experience and trust. The end result of achieving deep network visibility is to make all operational teams – NetOps, SecOps, DevOps and CloudOps – able to work together to increase service levels in the application infrastructure. Automations that maintain deep network visibility simplify operations by eliminating many of the time-consuming and tedious tasks of network monitoring and troubleshooting. I will look at how the Cisco DNA Center provides specific capabilities for the four networkers in a future blog post.

At Cisco, we believe: “The more you can see, the more you can decide. The more you can decide, the more you can automate. And the more you can automate, the more sustainable and flexible your whole business becomes.” Deep network visibility automation is key to ensuring that the application experience provided to the workforce and customers meets or exceeds expectations.

To learn more about Cisco DNA Center and network visibility, see:

Cisco DNA Center

Creating more flexible and upgradeable networks with a controller-based architecture

Take a look at ours Cisco Networking video channel

Subscribe to the network blog