New Era of Network Performance Management

Today’s networks are highly complex, dynamic environments that demandcomprehensive performance management. Fortunately, technologies areadvancing to simplify management on some levels and address new chal-lenges on others. This e-book explains why management is more importantnow than ever and how it can help deliver business-critical applications

better and faster, and it describes new functionality emergingin this important area. BY JIM METZLER

Performance

TheNew Era of Network

Performance Management

1 INSIDE:

1 Emphasis on application performance means greater need for network management

2 The role of performance management in applicationdelivery

3 Advanced performance management capabilities

THE FOCUS IN network performancehas been shifting from the network tothe application. The network manage-ment function is in the process ofadopting strategies that focus on thequality of experience (QoE) that auser has with the company’s key busi-ness applications. Effective applica-

tion delivery depends on the combi-nation of a robust, secure and highlyavailable infrastructure, applicationacceleration and optimization overthe WAN, and application perform-ance solutions that can minimize userproblems relative to accessing criticalapplications.

THE NEW ERA OF NETWORK PERFORMANCE MANAGEMENT

aHOME

aCHAPTER 1:

EMPHASIS ON APPLICATION

PERFORMANCEMEANS GREATER

NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:

THE ROLE OF PERFORMANCEMANAGEMENT IN APPLICATION

DELIVERY

aCHAPTER 3:ADVANCED

PERFORMANCEMANAGEMENT CAPABILITIES

2

Emphasis onapps boosts need for networkmanagement The network is the provider of applications to endusers, but as more applications are added, ensuringthat they all work well is challenging. This chapterdiscusses the drivers behind the need for manage-ment and the trends contributing to the complexi-ty of today's network and applications environ-ments.

1

The sharpened focus on applicationdelivery has been driving the highgrowth rate of WAN optimization andis ushering in a new era for perform-ance management solutions thattranscend traditional link utilizationmonitoring and capacity planning toprovide:

� Real-time or near-real-timeinsight into how specific applicationsand user sessions are performing.

� Performance indicator metricsand granular data that can be used to detect and eliminate impendingproblems.

� Improved diagnostics and remedi-al workflow patterns to quickly deter-mine the root cause of performanceproblems that do occur.

This e-book examines the trendsbehind the changes in working withperformance management so that ITleaders can better understand theirnetwork and application dynamicsand adapt to them. We’ll describe aframework for managing applicationdelivery, illustrating the ways that aperformance management solutioncan help in the implementation andmanagement of an application deliv-ery program. We’ll also discuss someof the advanced management capa-bilities that are available. These capa-bilities enable performance manage-ment to enter a new era driven by theneed to ensure the application user’s

QoE in the face of a constantly grow-ing set of impediments to acceptableapplication performance.

FACTORS DRIVING INCREASEDEMPHASIS ON APPLICATION PERFORMANCE Several factors are driving the evolu-tion of IT environments and forcing IT organizations to dedicate more oftheir resources to optimizing applica-tion reliability and performance.These factors include:

� Application proliferationEnterprise IP networks must accom-modate an ever-increasing variety ofnetwork services and applications. Inaddition to the traditional data appli-cations, converged enterprise net-works can support a variety of real-time IP communications applications,including voice over IP, video confer-encing, telepresence, streamingvideo, instant messaging and collabo-rative sessions. Many enterprisesconsider these real-time services andapplications to be as business criticalas traditional enterprise applications,such as ERP or CRM. Each distinct type of business-criti-

cal application can have somewhatdifferent requirements in terms ofnetwork performance. For enterprisedata applications, the QoE metricsare typically availability and responsetime. The levels of packet loss, laten-cy and jitter heavily influence the QoEof real-time applications. Configuring


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


3

QoS functionality for switches androuters and allocating or limitingbandwidth for different applicationclasses are basic requirements forreal-time applications. These tech-niques, while necessary, do not pro-tect an application from QoE short-falls, however, especially in cases ofanomalous network behavior or faultsthat degrade network performance.

� Increased business reliance on network applicationsBusiness globalization and employeedecentralization, together with theproliferation of business-criticalapplications, has made the IP networkan indispensable component of nor-mal business operations. Any short-fall in network availability or perform-ance can therefore be translated into

business costs in terms of lost workerproductivity, reduced efficiency ofbusiness processes, or lost businessopportunities. According to a YankeeGroup survey, application perform-ance issues result in an average pro-ductivity loss of 14%.

� New application architecturesNew styles of distributed applicationsbased on Web 2.0 technology andservice-oriented architectures(SOAs) are having a significantimpact on the complexity of manag-ing application performance. Withboth of these application architec-tures, different components of theapplication may be distributed acrossservers that reside in geographicallydispersed data centers. This meansthat these newer forms of distributed


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


4

A networking profes-sional monitors networkand applications per-

formance in the networkoperations center at theInterop conference in

Las Vegas.

PHOTO COURTESY OF THE PHOTO GROUP, 2008

applications create additional flowsthat traverse the enterprise WAN.The additional data flows increase thesources of delay, packet loss and jitterwhile complicating the performancemonitoring process and demandingincreased levels of reliability.

� Resource consolidation/centralizationMany large enterprises have ongoingprograms to consolidate IT resourcesby centralizing server, application anddata resources in a small number ofdata centers. With centralization, thebranch office user accesses enter-prise applications over the WANrather than on a local server. Central-ization can result in dramatic reduc-tion of the costs related to server andapplication deployment, as well asgreatly enhancing the enterprise’ssecurity posture. However, centraliza-tion increases the volume of busi-ness-critical traffic that traverses theenterprise WAN and subjects remoteend users to the travails of longerresponse times that result from theWAN’s limited bandwidth and higherlatency. The impact of higher WANlatency is particularly pronounced inthose instances in which a chatty pro-tocol (which can take hundreds ofroundtrips to complete a single trans-action) traverses the WAN.In order to mitigate problems such

as those that arise from running achatty protocol over a WAN, ITdepartments have deployed WANoptimization controllers (WOCs).

WOCs use a variety of techniques toreduce bandwidth consumption andoffset the effects of high WAN laten-cies. The combination of the central-ization of IT resources and thedeployment of WOCs has increasedthe demand for performance man-agement solutions that can help mon-itor and manage the acceptable per-formance of critical applications overthe WAN and verify the benefits ofWOC deployment.

� VirtualizationThe virtualization of servers and stor-age is now a well-established aspectof IT programs for consolidation andcentralization of resources. In addi-tion, application virtualization anddesktop virtualization are two emerg-ing technologies that are particularlyeffective in simplifying the manage-ment of end-user systems becausethey streamline the IT tasks related todesktop and application support.With application and desktop virtual-ization, end-user QoE for almost allapplications, including personal pro-ductivity applications, becomes high-ly dependent on network perform-ance.With server virtualization, all the

management capabilities employedfor physical servers must be extendedto cover the virtualized environmentas well. For example, managementsystems that rely on automatic dis-covery of the network topology mustbe able to develop an integrated viewof the physical and virtual environ-


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


5

ments. This integrated view of theinfrastructure must be able to accom-modate the dynamic nature of the vir-tual environment where virtualmachines can be automatically ormanually moved from one physicalserver to another.Server virtualization presents a

number of challenges for perform-ance management. For example, theVMs that reside on a given physicalserver communicate with each otherusing a virtual switch function withinthe server’s hypervisor software.Unfortunately, unlike the typicalphysical switch, a vSwitch typicallyprovides limited traffic visibility for

the traffic that is internal to the physi-cal server. In addition, prior to virtual-ization, most server platforms werededicated to a single application.With server virtualization, virtualmachines share the server’s CPU andI/O resources. Oversubscription ofvirtual machines on a physical servercan result in application performanceproblems because of factors such aslimited CPU cycles or I/O bottle-necks. While these problems canoccur in a traditional physical server,they are more likely to occur in a vir-tualized server because of consolida-tion of multiple applications onto asingle shared physical server. �


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


6

Top reasons for purchasing network management products

In a survey of the SearchNetworking.com audience, readers predicted that disaster recovery requirements, increased applications traffic in general, and managing virtual environments would be their top-three reasons

for purchasing network management products in 2010.

SOURCE: SEARCHNETWORKING.COM PURCHASING INTENTIONS SURVEY, AUGUST 2009

Increased video/multimedia traffic

Increased need for security management

Increases remote/branch offices

Managing virtual environments

Increased applications traffic

Disaster recovery requirements

0 50 100 150 200 250

Blue Coat gives you unmatched visibility into the security and performance of mission critical applications so you can respond quickly to changing business requirements, enhance productivity and contain costs.

Learn more at bluecoat.com/controlisyours

Control is yourstM

VISIBILITYblue coat gives you

©2009 Blue Coat Systems, Inc. All rights reserved.

http://www.bluecoat.com/controlisyours/

The role of performancemanagement in applicationdeliveryThe idea of network performance now encom-passes application performance. This chapter out-lines how to use network management tools toapply an application delivery framework to the ITenvironment.

IN THE PAST, most IT organizationsconcentrated their managementattention on individual technologydomains (e.g., the LAN, WAN,servers, databases, mainframes, etc.)with the assumption that if each ofthese technology domains is perform-ing well, the applications that utilize

these domains are performing well. Unfortunately, this bottom-upapproach has not proven to be veryeffective. To be more successful withthe management component of appli-cation delivery, IT organizations needto implement a top-down, applica-tion-focused strategy comprising


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


8

2

several functions.

� Discover the applications In order to manage application deliv-ery, IT organizations need to knowwhat applications are running overthe network. The typical enterprisehas hundreds of applications, howev-er. It is impossible to accurately dis-cover hundreds of applications manu-ally. Hence, IT organizations need toimplement tools that will enable themto automatically discover all theapplications that are consuming net-work bandwidth.

� Identify business-critical applications As noted, the typical enterprise hashundreds of applications. However,not all of these applications areequally important. An IT organizationwill not be successful with applicationdelivery if it attempts to focus itsmanagement attention equally oneach application. Instead, an ITorganization must use a combinationof technology and an understandingof its company’s business processesto identify and focus on a small set ofapplications that are critical to thesuccessful execution of the compa-ny’s key business processes. IT organ-izations also must identify other keyclasses of traffic. Obviously, theyshould identify malware and elimi-nate it, and they should identify recre-ational applications and eliminate orcontrol the use of these applicationsbased on company policy.

� Develop service-level agreements Once the IT organization has identi-fied the company’s business-criticalapplications, the next step is to beginto craft a service-level agreement(SLA) for those applications. The SLAshould contain a brief description ofeach application, some importantfeatures of each application, and a setof QoE metrics or performance indi-cators that correlate well to QoE.

� Identify key components of ITAfter the IT organization has identi-fied a core set of critical businessapplications, it must identify the keycomponents of the IT infrastructurethat supports them. These compo-nents deserve a higher level of man-agement attention because if one ofthem is unavailable or is not perform-ing well, one or more of the compa-


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


9

Steps to applicationdelivery and performance

� Discover all applications

� Define what’s business critical

� Write SLAs

� Identify key IT components

� Establish performance goals

� Baseline apps and IT components

� Implement problem resolution

ny’s critical business applications islikely to suffer.

� Establish and monitor performance targetsThe IT organization must quantifyhow the performance of its key ITinfrastructure components affectsperformance of the company’s criticalbusiness applications. For example, ITmust understand how WAN delayaffects the response time of a criticalapplication such as CRM. The resultsof this exercise can help in refiningthe set of performance indicatorsused in defining SLAs and can also beused to set thresholds in performancemanagement tools. These thresholdscan be used to trigger diagnostic orremedial actions.

� Baseline critical applications and key IT resources The performance of both an applica-tion and the subtending IT infrastruc-ture varies by time of day, day of theweek, week of the quarter, and quar-ter of the fiscal year. Having a base-line to define normal application andinfrastructure behavior enables IT toidentify anomalous behavior. In somecases, this anomalous behaviorreflects an underlying problem requir-ing investigation; in others, it canreflect a potential security incident ordegradation in performance causedby a transient event, such as a userdownloading a large file. Having abaseline also enables an IT organiza-tion to measure the impact of deploy-

ing a new application or making achange to the IT infrastructure.

� Implement rapid problem identification and resolutionDespite efforts to become moreproactive, there will always be unpre-dictable incidents. IT organizationsmust implement the tools andprocesses necessary to quicklyrespond to a situation once it hasaffected the end user. Part of this ini-tiative is prioritizing troubles basedon their potential business impact. Inorder to detect problems before usersare affected, established baselinesand performance thresholds can beused to generate alerts automaticallyand to trigger automated remedialaction or diagnostics to help deter-mine the root cause of the problem orpotential problem.

As IT organizations go through theplanning and implementation phasesof application delivery following aframework similar to the one outlinedabove, it becomes apparent that opti-mizing applications delivery dependsin large degree on the functionality ofthe application management solu-tions that are deployed. Therefore,planning an application delivery strat-egy is tightly interwoven with thetasks of selecting application man-agement and WAN optimizationsolutions. These solutions must com-plement one another and provide theright combined functionality to meetthe needs of a particular enterprise. �


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


10

http://www.netqos.com/

Advanced networkperformancemanagementcapabilitiesToday's network performance products do muchmore than simply monitor packets. This chaptercovers advanced capabilities from several vendorsthat IT professionals can leverage to save time andeffort and simplify administration.

IT ORGANIZATIONS CAN leverage manyrecent advances in performance man-agement to improve the effectivenessof application delivery. In this chapter,we’ll describe some of theseadvanced capabilities. Particular per-formance management products maybe cited as part of these descriptions

in order to provide examples of eachcapability. These instances are pro-vided for illustration purposes and arenot intended to be a complete listingof every product that supports a givencapability. As an additional caveat, itshould be noted that no attempt hasbeen made to judge, nor are we rec-


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


12

3

ommending, any cited product asbeing best in class.

APPLICATION RECOGNITIONAutomated discovery of networkedapplications is a fundamental require-ment and the first step of managingapplication delivery. In addition, per-formance management systems mustbe able to identify underlying networktraffic on both a flow-by-flow basisand a packet-by-packet basis. This isrequired in order to accurately track

bandwidth utilization and applicationresponse-time metrics. Traditional techniques that switch-

es and routers use to identify applica-tions (such as Cisco’s NBAR—net-work-based application recognition—functionality) rely on parsing the IPpacket headers for 5-tuple informa-tion. The information is composed of source/destination IP addresses,TCP/ UDP protocol types, andsource/destination port numbers.This approach is adequate to mapflows and packets to most enterprise


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


13

Sample traffic flowThe table shows sample output from a toll such as Cisco NBAR, which identifiesapplication traffic based on IP packet headers. Note the large volumes of trafficattributed to HTTP-URL and unclassified.

APPLICATION/PROTOCOL PACKETS PER FLOW % OF TOTAL TRAFFIC

RTP 217 9%

Telnet 158 7%

HTTP - URL 473 20%

FTP 216 9%

SMTP 96 4%

Citrix ICA 360 15%

SAP 216 9%

WinMX 118 5%

eDonkey 220 9%

Unclassifiable traffic 300 13%

Total 2,374 100%

SOURCE: CISCO, “NETWORK BASED APPLICATION RECOGNITION PERFORMANCE ANALYSIS”

applications where the IP addressesof the application servers can betracked with relative ease. Severalapplication performance vendors nowalso use 5-tuple application identifi-cation.This type of Layer 4 application

identification falls short when identi-fying applications such as Skype orNapster that use dynamically select-ed port numbers, or in differentiatingamong different tasks that may beperformed via a single TCP/IP portnumber by a single application server.Enhanced application awareness canbe achieved with special appliancesor probes that can perform deeppacket inspection (DPI) to find appli-cation identifiers and application taskidentifiers deeper within the packetpayload. In order to perform DPI atthe LAN wire speeds required in thedata center, these appliances typicallyneed some form of hardware-assistedpacket processing. The Exinda Networks Unified Per-

formance Management solution,which integrates some applicationperformance management functionsand WAN optimization in a singleappliance, uses DPI to recognizeapplication layer signatures for bothenterprise applications and recre-ational applications, such as peer-to-peer and file sharing. Fluke NetworksVisual Performance Monitor AnalysisService Element (ASE) probes alsocan perform DPI-based applicationrecognition. ASEs are generallydeployed at remote sites to monitor

how applications are consumingWAN bandwidth.

MULTI-LEVEL VISIBILITYVisibility is something of an overusedterm that refers to the ability of the ITorganization to access data related tonetwork or application performanceat different levels of granularity. Thehierarchy of data granularity has anumber of levels, including:

� SNMP MIBs: Simple Network Man-agement Protocol Management Infor-mation Bases (SNMP MIBs) on net-work devices, such as switches androuters, provide data-link layer visibil-ity across the enterprise network andcapture parameters such as the num-ber of packets sent and received overan interface and the number of pack-ets that are discarded, as well as theoverall link utilization. However, thislevel of data aggregates traffic fromall applications and cannot be used toidentify which network users or appli-cations are consuming the band-width.

� Network flows: A network flow isdefined as a unidirectional sequenceof packets between a given sourceand destination. Flow data from net-work elements can be collected andanalyzed to quantify overall link uti-lization as well as exploit 5-tupleinformation to identify which networkusers or applications are consumingbandwidth. The most popular source


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


14

of flow information is Cisco NetFlow,which is a feature of Cisco IOS soft-ware. Most performance manage-ment systems can leverage flow-leveldata from NetFlow and similar datasources. A number of vendors gatherand analyze network flow data frominfrastructure agents, including Net-QoS, Cisco, NetScout, CA eHealthand Lancope. Another set of vendors,including NetQoS, NetScout, River-bed/Mazu Networks, InfoVista andLancope, perform collection of thissort of flow data via probes on net-work taps or mirrored switch ports.

� Network path data: The next level of data granularity focuses ongathering performance data relativeto end-to-end paths through the net-work. At this level, a performancemanagement system can monitor anentire end-to-end path in order todetermine which elements on thepath are responsible for excessivedelay or packet loss. Another aspectof path visibility is the ability to tracknetwork performance within a VPNcloud or over the Internet. AppCriti-cal, from Apparent Networks, is anexample of a performance manage-ment application that provides analy-sis of end-to-end network paths inreal time by using non-application-specific synthetic traffic. AppCriticalcan continuously monitor the capaci-ty and quality of thousands of net-work paths in real time. This approachcan be effective in diagnosing prob-lems or alerting IT staff to possible

impending performance shortfalls.

� Packet-level data: In order torespond to the challenges of diagnos-ing problems rapidly and taking pre-emptive action to prevent potentialproblems from affecting end users, ITorganizations often need the packet-level detail that is supplied by deploy-ing deep packet capture appliances. A typical approach, partly driven byeconomics, is to rely on managementdata from SNMP MIBs and NetFlowin small sites and augment this withpacket-level detail gathered fromdedicated appliances in larger, morestrategic sites. The introduction intothe market of lower-cost packet cap-ture appliances would allow broaderdeployment of these devices. NetScout nGenius InfiniStream is

an example of a deep packet captureappliance that can be used in con-junction with nGenius K2 softwarerunning on an nGenius PerformanceManager server to perform statisticalbehavior modeling and anomaly de-tection to the packet-level flow data.OPNET ACE Live and ACE Analystare other solutions capable of packetcapture and analysis. Both of thesesystems can help to determine theroot causes of application degradation.

REAL-TIME MONITORING/ANALYSISOF PERFORMANCE METRICSBy monitoring metrics such as appli-cation response time, availability,latency, jitter, and packet loss and


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


15

comparing real-time measurementswith established baselines andthresholds, the performance manage-ment system can issue alerts on per-formance trends and performancedegradation to allow problems to bedetected and addressed before theyaffect end users. For example, gather-ing application response time datatypically requires the deployment ofan application-aware appliance in thedata center, which may also be ableto drill down to measure the responsetime experienced by an individual user. The Fluke Networks Application

Performance Appliance is an exampleof a data center device that providesvisibility of end-user response timesfor multi-tiered business applications,with visibility down to the level of in-dividual users and transactions. Net-QoS SuperAgent, the application per-formance management module with-in NetQoS Performance Center, canmonitor every TCP application packetto measure application response timeand to identify the network, serverand application components of end-to-end latency. (Note that at publica-tion time, NetQoS had entered into anagreement to be acquired by CA.)In addition to response time, per-

formance management systems canprovide real-time monitoring of met-rics such as packet loss, latency andjitter that may be gathered either asan aggregate figure for an end-to-endpath or at a level of detail that focuseson specific applications or individualuser flows. The NetScout nGenius K2

application monitors and analyzes arange of key performance indicators,including response time, packet loss,latency and jitter.Performance monitoring functional-

ity can also be linked with automateddiagnostic capabilities that can lever-age visibility into multiple levels ofthe data hierarchy described above toidentify the cause of performancedegradation. For example, automatedanalysis of performance anomalies ordegradation trends can result in theresolution of potential problemsbefore they affect users. Examples ofperformance analysis tools with pre-dictive capabilities include NetQoS’sPerformance Center Predictive Prob-lem Resolution and NetScout’s nGe-nius K2.

INTEGRATION WITH FAULT MANAGEMENTIT organizations focusing on applica-tion delivery need to improve theirtroubleshooting capabilities in orderto better isolate end users from appli-cation shortfalls and to improve meantime to resolution (MTTR) of per-formance problems and faults. Thisimprovement can be achieved viatight integration of application per-formance management functionalitywith fault management. An integrat-ed performance/fault managementsystem is capable of leveraging topol-ogy information to automatically per-form detailed root-cause analysis todetermine a small set of probable


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


16

causes of the performance degrada-tion or fault. With root-cause analysis, the IT

organization can investigate each ofthe probable causes in parallel, great-ly reducing MTTR. For example, HPPerformance Insight Software can beintegrated with Network Node Man-ager fault management via automat-ed network lifecycle management.CA is another example of a vendorthat provides integrated fault and per-formance management solutions witheHealth Performance Manager andSpectrum Infrastructure Managerintegrated via CA Spectrum Automa-tion Manager.

VIRTUALIZATIONAs noted earlier, fault and perform-ance management of physical serversalso needs to be extended into thevirtualized environment, ideally with acommon set of tools. This allows traf-fic visibility and analysis, topologydiscovery, event correlation, and root-cause analysis to be just as effectivein the physical/virtual environment asthey are in a purely physical serverenvironment. Virtual switches such as the

VMware vSwitch can now exportNetFlow data to Netflow collectors,providing visibility of network flowsamong virtual servers in the samephysical machine. Performance man-agement products are now beginningto leverage this capability by collect-ing and analyzing NetFlow data

among virtual machines on the samephysical platform. NetQoS and Lan-cope are two vendors with perform-ance management products that pro-vide this sort of functionality. Another approach to virtualizing

performance management is to runtraffic monitoring software on a virtu-al machine or virtual appliance withinthe virtualized server. This allowsmonitoring performance for trafficflows of multi-tiered applicationsthroughout the virtual environment.The NetQoS Response Time VirtualCollector is an example of virtualmachine software that measuresapplication response time for enter-prise applications running in virtualmachines. The Lancope StealthWatchFlowSensor VE is a virtual appliancefor VMware ESX servers that cap-tures traffic statistics at the flow andpacket levels to monitor performanceand discover the virtual topology evenas virtual machines are moved viaVMware VMotion. FlowSensor alsoenhances security by performingbehavior-based anomaly detection oftraffic flowing through the vSwitch.While changes in the virtual topolo-

gy can be gleaned from flow analysis,a more direct approach is to accessdata in the virtual server environ-ment’s management system. Gather-ing data from this source also pro-vides access to performanceinformation, such as CPU utilizationand memory utilization, for specificVMs. For example, the NetQoS Per-formance Center leverages the


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


17

VMware vCenter API to extract thissort of information from vCenter.Integrated with CA eHealth Perform-ance Manager and CA SpectrumInfrastructure Manager, CA VirtualPerformance Management pollsVMware vCenter servers for informa-tion that can be used in diagnosingperformance problems, fault isola-tion, and root-cause analysis.

INTEGRATING MANAGEMENT TOOLSA number of emerging performancemanagement solutions haveadvanced functionality to help ITorganizations cope with some of thechallenges they face in implementinga comprehensive strategy aimed atmeeting QoE levels for a broad rangeof business-critical applications.The product selection process gen-

erally involves additional considera-tions beyond functionality, however.These other considerations includefactors such as ease of integrationwith the existing toolset and overlapwith the capabilities of existing tools.Ideally, IT can settle on a relativelysmall set of well-integrated tools that

not only meets the needs of assuredapplication delivery but also can beadopted by all the enterprise’s man-agement domains (network, server,application, and networked storage)and hence function as commonground for cooperation and commu-nication.Another emerging aspect of

management tool integration is theintegration between WOC manage-ment systems and performance man-agement systems. Integration of thissort can potentially benefit bothenterprise IT organizations andproviders of managed WAN opti-mization services. For example, Ciscohas addressed this area for WAAS(Wide Area Application Services)products through a partnership withvendors such as NetQoS and FlukeNetworks, while Riverbed acquiredthe Cascade network behavior per-formance management system viathe buyout of Mazu Networks. In athird approach to this sort of integra-tion, Exinda Networks has incorporat-ed application performance manage-ment as one of the basic features ofits WAN optimization solutions. �


aHOME

aCHAPTER 1:



NEED FOR NETWORK

MANAGEMENT

aCHAPTER 2:


DELIVERY

aCHAPTER 3:ADVANCED


18

ABOUT THE AUTHORJim Metzler is widely recognized as an authority on both network technology and its businessapplications. In more than 30 years of professional experience, Jim has worked in almostevery aspect of the networking industry. This includes creating software tools to design cus-tomer networks for a major IXC; being an engineering manager for high-speed data servicesfor a major telecom carrier; being a product manager for network hardware; managing net-

works at two Fortune 500 companies; directing and performing market research at a major industry analystfirm; and running a consulting organization.

www.doradosoftware.com

mailto: [email protected]

www.doradosoftware.com

qApplication Visibility and Monitoring: An Integrated Approachto Application Delivery

q 5 Reasons Why You Need Better Visibility of Your Network

q Visibility and Optimization for Networked Applications

q Performance First™: A Performance Mindset for Network ManagementKeeps Organizations Functioning at Optimum Levels

qAdapt or Die: The Network Performance Imperative

q The Forrester Consulting: The Total Economic Impact™ Of NetQoSPerformance Center Single Company Analysis

q Improving Service Delivery Performance

q Instrumentation Best Practices for Optimal Service Delivery Management

q Response Time Analysis for Networked Applications

q Enterprise Solutions

q Service Provider Solutions

qWhite Papers, Webcasts and Free Trial Software

RESOURCES FROM OUR SPONSORS

19

http://www.doradosoftware.com/

www.netscout.com

www.netqos.com

http://www.bluecoat.com

http://www.doradosoftware.com/downloads/

http://www.doradosoftware.com/solutions/service-provider.html

http://www.doradosoftware.com/solutions/enterprise-it.html

http://www.netscout.com/library/whitepapers/application_response_time.asp?cpid=SPC-TT-ebook

http://www.netscout.com/library/whitepapers/instrumentation_best_practices.asp?cpid=SPC-TT-ebook

http://www.netscout.com/library/whitepapers/improving_service_delivery_performance.asp?cpid=SPC-TT-ebook

http://www.netqos.com/resourceroom/analyst_reports/index.html

http://www.netqos.com/resourceroom/analyst_reports/index.html

http://www.netqos.com/resourceroom/webcasts/index.html

http://www.netqos.com/resourceroom/whitepapers/index.html

http://www.netqos.com/resourceroom/whitepapers/index.html

http://www.bitpipe.com/detail/RES/1239992990_89.html




New Era of Network Performance Management

Technology

application dynamics

application userscy

enterprises network

provider of applications

specific applications

somewhat management

networka chapter

application ment function