Shed Light on the Darkspace: Close the Gap to Achieve Total Network Data Visibility!
Shed Light on the Darkspace:
Close the Gap to Achieve Total Network Data Visibility with East-West Traffic Monitoring!
Are you only seeing 20% of the traffic data for your critical business applications with North-South monitoring?
In today’s hybrid networks, traditional packet capture monitoring is failing us. North-South monitoring, which is typically comprised of TAPs, packet brokers, and switch port mirroring of the physical network, gives us significantly less than half of the picture. When every server was physical, it was easy to mirror traffic to distributed analyzers.
But that was then and this is now.
The monitoring systems that once reigned are no longer sufficient in architectures that require deeper visibility, and it is simply not as straightforward as it once was with traditional IT infrastructure topologies. With the majority of today’s servers residing in primarily virtualized environments, estimates show that North-South monitoring only gives us around 20% of the critical application chain data used to determine the root cause of performance issues. That is just not enough to deliver the best possible customer experience! Customers deserve more and East-West traffic monitoring can give you more – more visibility up and down the entire application chain between virtual machines and across virtual switches in datacenters and across the end-to-end network.
But, be wary of conventional East-West traffic monitoring!
Sure, one potential solution is to mirror the V-Switch traffic out to the physical network. This typically involves retrofitting all hypervisors with a dedicated 10 Gbps network interface card (NIC) and copying all of V-Switch traffic out of the dedicated NIC and into a packet broker.
That’s a good solution if you need to monitor only a handful of your hypervisors. But, if you need to scale beyond that, flexibility quickly becomes an issue. There are major downsides to this conventional type of East-West monitoring. The biggest is cost. For many companies that have hundreds or thousands of servers this would require purchasing a dedicated 10 Gbps NIC and the switch ports on the packet brokers to accommodate all of the new monitoring points. That’s expensive and operationally inefficient. It’s also not a solution fit for any cloud-based networks like AWS, Microsoft Azure, or Google.
There is a better way! Here’s a hint: lightweight, agentless, software-based capture probes can be deployed directly on every hypervisor in your VM environment. The probes forward a very thin stream of metadata to a data store which can be located anywhere on the network. The forwarded metadata traffic only generates around 0.2% - 0.5% of the observed traffic. In a 10 Gbps traffic capture model, this means the capture probe only generates about 2 to 5 Mbps!
To find out more about this approach to East-West traffic monitoring, watch the upcoming Accedian webinar “Shed Light on the Darkspace: Close the Gap to Achieve Total Network Visibility with East-West Traffic Monitoring.”
In this webinar, you will find out how to monitor East-West traffic through the use of very lightweight, agentless, software-based capture probes that can be easily deployed in any environment including AWS and Azure. It is possible to do so cost-effectively with options that scale. We will also expand on:
Why seeing only 20% of traffic could lead you down false paths of troubleshooting
Advanced on-the-fly pattern recognition and deep packet analysis
How to get to the root cause of most performance issues in 3 minutes or less
Author: Mike Canney - Enterprise Business Development, North America, Accedian. For the past 28 years, Mike has helped 100's of companies identify and resolve their application and network performance issues. Mike has also developed coursework and taught engineers how to identify, remediate, and prevent network and application issues by analyzing traffic flows at the packet level. Mike has been a guest speaker at many industry shows such as Networld Interop, Wireshark "Sharkfest" and Cisco Network/Live throughout the United States on the topic of application performance analysis.