Digital transformation across enterprises is seeing a rapid increase in the adoption of digital native technologies and approaches. These are being embraced at every level of the organization with internal processes digitalized, customer contact points moved from brick-and-mortar counters to digital screens and enterprise information management transferred from on-premises hardcopy files and physical servers to the Cloud. This inevitably led to the rise of enterprise applications that link each of these business processes on specialized, consolidated, multi-access platforms, delivering unparalleled benefits in terms of efficiencies, scalability, quality of service and sustainability. It has enabled enterprises to scale new markets, expand their product lines and enhance the engagement with their stakeholders.
The rise of enterprise applications which can be accessed and managed by users from anywhere in the world in turn saw the Cloud becoming the preferred hosting option for application managers given the agility, scalability and efficiency that it delivers. Advancements in cloud-based deployments, including the adoption of distributed cloud architectures, software defined networking and network functions virtualization meant that new applications can be brought to live in days, can be scaled up and down in seconds and can be managed in real-time.
Why managing enterprise applications is not an easy task
However, at the crux of successful management of applications that continue to process terabytes of data everyday across hundreds of private and public connections, is the ability of enterprises to monitor the performance of their applications. An application is only as good as its ease of access and use. A bank employee checking on the records of a premium banking service customer for example must be able to extract not just the customer’s past transaction records in seconds, but must also have instant access to recommended services that he/she can upsell to the customer. Applications hosted on a poorly designed architecture that results in delays in retrieving the required information, or applications that return recurring errors can result in transactions not taking place at all. If these issues are faced by counter staff serving walk-in customers, it could result in long queues and many a disgruntled customer. This is especially so for bandwidth intensive applications such as Skype for Business.
For digital-only enterprises, issues with applications can lead to even more disastrous outcomes. Online shopping and payment processing applications for example, can cause a complete standstill in sales or new orders should these applications or part of their modules stop functioning. The issues can range from database errors to server bottlenecks that can result in delayed page loadings or in users having no access to the service for long periods of time. Businesses can be brought to a complete halt if these issues are not detected and remedied in real-time.
Security is another key issue for enterprise applications, especially for those hosted on the Cloud. These applications are susceptible to cyber threats in many forms. While common anti-virus software can address basic threats such as DDoS attacks, the more sophisticated threats remain hard to detect. These include zero-day attacks and obfuscation of traffic via insertion of dead-code or the use of crypters. Left undetected, these threats do not just impair the performance of these applications, they pose a greater threat to the organization in the form of leakage of critical business data and customer records that may result in law suits and hefty claims.
Why we need real-time, end-to-end visibility
Businesses have hence come to realize that to truly digitalize their businesses, it takes more than a series of application codes hosted over complex architectures in the Cloud. Enterprises must have the visibility into their end-to-end application delivery. Enterprises must have real-time, granular level insights into how each node that delivers an application is performing. These nodes can be the web server, the set of application servers and the database storage units. They can be any of the virtualized network functions (VNFs) and the NFV infrastructure (NFVi) they are embedded upon. They can be the dedicated private lines or virtualized private links or even links within a data center. They can be the many physical routers configured locally or the SDN Controller that manages the forwarding plane from a central location. They can also be the computers and laptops accessing these applications and it can be the LAN or WiFi or cellular connectivity in the last mile. Any time any of these nodes experience issues such as a traffic bottleneck, a malware attack or a physical issue such as a power outage, CPU overload or even a storage overflow, the performance of the application can become so severely impaired to the point of complete stalling.
Limitations of existing monitoring tools
This complex layers of delivery, therefore, make diagnosis of application performance and security issues virtually impossible for Enterprises as issues can reside anywhere along the long and complex delivery chain. To date, network management tools such as Application Performance Monitoring (APM) have been helping Enterprises detect and decipher the issues relating to application delivery. APM tools are able to read to a great extent the health of various network devices such as servers, routers and storage units via pre-installed probes. However, while this helps in the diagnosis of select performance issues especially within an IT stack, it does not provide a comprehensive, end-to-end visibility into the application delivery as it does not capture issues or inefficiencies in traffic routing and traffic flow management. This creates a critical shortfall in application performance monitoring especially for applications delivered on a distributed cloud architecture. A wide range of underlying causes for example, lack of traffic prioritization, unavailability of on-demand resources and absence of effective content compression and caching, do not show up on the APM radar. Bandwidth insufficiency, localized congestion and physical issues such as cable faults and other IP links-related factors are also not captured in the diagnostics.
How DPI lends intelligence for enhanced monitoring and management of applications
To circumvent this, APM tools are moving to incorporate an essential technology known as Deep Packet Inspection (DPI) which uses behavioural, heuristics and analytical methods to detect and classify IP traffic in real-time. Using dynamically updated libraries with latest traffic signatures, DPI extracts metadata on protocols, application and application attributes. For example, when a video is being transferred in a chat application, the network becomes aware of the video and of the chat app. This allows the network to apply different traffic management policies that are tailored to optimize network resources while maintaining the application performance. Without DPI, even if the network and all network devices are working at their best, applications may be routed inefficiently and unnecessary processed and filtered for threats, resulting in performance slowdown as well as wastage of network resources. This will be particularly critical with 5G mobile communications as there will be, for example, a rise in ultra-reliable low-latency communications (URLLC) type applications which have to be delivered at millisecond latencies.
DPI also enables the speeds and latencies at each network link to be identified, along with the throughput being handled. By identifying link speeds, last mile access issues such as LAN and mobile connectivity or issues with receiving devices (such as smartphone or a desktop computers) can be identified. Using IP address information and matching this with user session information, both access points and users experiencing application performance issues can be identified in real-time. Across the rest of the network, DPI provides detailed analytics on application bandwidth consumption and the speeds at each network link. Issues with link congestion, inadequate bandwidth provisioning and connection issues can therefore be diagnosed in minutes as analytics are readily available in the system.
On the security front, information extracted by DPI which is then aggregated and correlated enables the detection of cyber threats such as malware attacks and password attacks. This real-time detection of threats is enabled via an extensive DPI library where traffic signatures are updated at rapid frequencies by specialist laboratories to ensure that it contains fingerprints of the latest threats. This in turn allows isolation, additional filtering and blocking to be implemented quickly before more network nodes and more applications are impacted by such threats.
In addition to deciphering issues at the IP traffic layer, DPI also delivers deeper analytics to complement APM’s existing diagnoses. For example, when APM registers a high CPU load or lack of memory in application runtime and middleware, packet classification from DPI can identify the type of traffic that is creating this congestion or determine if there is an ongoing malware traffic flowing into the device.
Predictive analytics: from mitigation to prevention
The combination of APM’s diagnostic capabilities and the deep insights extracted by DPI are able to provide a converged, end-to-end view of an application’s performance. With DPI’s real-time detection capabilities, enterprises are able to anticipate performance issues even before they happen and this allows them to institute remedial actions in real-time. At the same time, analytics and insights by DPI, combined with APM’s own data provide the very inputs required by network managers as well as application performance managers to improvise both network and application architectures such that they are optimized to the traffic behaviour from each application. DPI hence, lends not only the intelligence for the App era, it also ensures that while enterprises continue to move to all things digital and all things Cloud, the control of their critical applications and hence their business, remains in their hands.
Interested to learn more about DPI and how it enhances application performance management? Here’s a brand new whitepaper that digs deeper into the topic with in-depth discussion of the analytics provided by DPI, complete with a detailed use case illustration. Download your free copy now here!
This is a sponsored article.
