Network Evolution

Building the infrastructure for the changing face of IT

alex_aldo - Fotolia

Manage Learn to apply best practices and optimize your operations.

Network analytics 2.0: Say hello to advanced operations analytics

Network analytics tools may improve visibility and performance, but advanced operations analytics can turn the network into something that brings value to the business.

It didn't take long for Todd Williams to see the benefits of using advanced operations analytics tools.

Williams is a service level engineer at MEDHOST Direct, a software as a service provider that caters to the healthcare industry. He deployed ExtraHop's EH1000 and EH1000v along with the ExtraHop Central Manager to gain greater visibility into his networking equipment and extensive repository of virtual servers. The company uses the ExtraHop appliances to manage applications for about 50 hospitals hosted in its data center across 800 virtual servers.

Within 15 minutes of connecting the ExtraHop device to the MEDHOST Direct infrastructure, Williams says the IT staff had insights into application delivery. The team was then able to do a deep-dive analysis of the network.

A few hours later, Williams says they were finding DNS errors they didn't know they had across the network. The system reported that roughly 18% of all DNS requests were failing.

It's this type of visibility that companies seek in deploying advanced operations analytics (AOA).

Enterprise Management Associates (EMA) defines advanced operations analytics as a discipline in which the IT department uses big data analytics for a variety of purposes. Those include optimizing service performance, minimizing security issues, managing change and optimizing capacity across internal IT and the extended enterprise. It also applies to governing IT more effectively in support of the business it serves.

Vendors like ExtraHop and Corvil integrate with big data sources such as ElasticSearch, Hadoop, MongoDB and Splunk so IT departments can offer up actionable reports. Instead of dumping entire network logs into these big data sources, tools like ExtraHop's and Corvil's can send customized streams of network data. This helps the big data tools deliver more targeted information.

When MEDHOST Direct got the initial reports from ExtraHop, Williams and his team weren't sure if all the DNS errors were having any impact on network performance, so they used ExtraHop to conduct a root cause analysis. They then found that nurses in the emergency rooms were experiencing slow response times on order-entry processes for clinical applications.

"We saw that we had errors, and once DNS was fixed, we reduced memory utilization on our application servers running Apache Tomcat and saw an overall improvement in response times across all our clinical apps," he says. "This allowed us to be more proactive in solving problems with degraded performance."

The next step

While organizations are looking for improved operations from advanced operations analytics, that's only one part of a much bigger picture, says Shamus McGillicuddy, a senior analyst at EMA.

"Sure, companies want the visibility into the network and virtual systems, but what they're really looking for is to use analytics to help the IT department bring more value to the business," McGillicuddy says.

In MEDHOST's case, Williams says the company now uses ExtraHop and big data analytics to watch medical issues such as hay fever propagate across the country or flu spread from region to region in the winter.

Williams says MEDHOST uses the HL7 module on the ExtraHop device to feed patient information into big data sources such as Sumo Logic, Elasticsearch and MongoDB. HL7 is the accepted protocol for the transmission of electronic medical data. This type of information, coupled with data analytics, can give hospitals a competitive edge on how to properly staff and manage their resources during peak seasons.

What started as a back-end IT tool is helping turn the IT department into a profit center for the company.
Todd Williamsservice level engineer, MEDHOST Direct

These analytics reports have become very valuable to hospitals because the federal Centers for Medicare and Medicaid require that hospitals document their activity levels to obtain acceptable use certifications. Compliance with these certifications lets hospitals become eligible to receive federal grants.

By using the ExtraHop tool, Williams says MEDHOST Direct can show health informatics professionals the information they need to efficiently configure clinical orders and workflows.

"What started as a back-end IT tool is helping turn the IT department into a profit center for the company," he explains.

Big Apple, big data

Sonny Baillargeon, chief technology officer at Pico Quantitative Trading LLC in New York City, deployed seven of Corvil's 6450 appliances with the Corvil Latency Management Center at six of the company's major data centers. He had a similar experience with AOA in terms of how quickly it generated strategic business value.

"At first, we were looking at network and systems visibility, but IT teams can opt for a less expensive network management tool if that's all they want," he says. "After we developed enough of a database, we then got into analytics that our salespeople can use as sales tools."

Pico, an infrastructure as a service provider, specializes in delivering back-end IT services to many large Wall Street brokerage firms and other financial institutions. Pico provides a range of cloud services to its clients, from the ability to provision a couple of virtual servers to packages that offer a full complement of servers, storage and analytics databases running over Hadoop.

Baillargeon says the Corvil tools enable Pico to offer expertise in three defined areas: data quality, order flow metrics and execution analytics.

In terms of data quality, he says Corvil captures data far more efficiently than most other network analytics products. Corvil provides high-rate capture to disk with accurate hardware timestamping.

"The quality of data capture makes all the difference in the fast-paced trading environment," Baillargeon explains, adding that poor data capture can affect historical back-testing or trade correlation by potentially skewing results that could amount to millions of dollars.

On order flow metrics, Baillargeon says Corvil verifies the speed and reliability of the brokerage's order-processing system. Pico delivers reports that let brokerages determine if the speed at which an order was processed could have led to more effective trading decisions.

For execution analytics, Corvil also delivers what's known in financial services as inter-party latency. This is the ability for financial market participants such as traders and service providers to see microsecond-based performance data on all trades, regardless which network it runs over.

More visibility than ever

Advanced operations analytics can offer powerful business-wide benefits, but Todd Williams, a service level engineer at MEDHOST Direct, points out that the superior degree of network visibility that these analytics tools deliver is also invaluable.

For example, Williams says his company works with a hospital that paid a contractor to migrate servers from the hospital to its new data center.

Upon doing an analysis with ExtraHop, Williams says MEDHOST Direct found that there were still seven servers running in the old data center that the hospital was paying maintenance and licensing costs on.

"The hospital had just assumed that the contractor took care of the servers, but our report found that the seven servers were never decommissioned," he says. "We wound up saving the hospital several thousand dollars."

"It's been assumed that if a brokerage sends an order to 10 brokers that it should yield similar results, but we've found that it doesn't," he says.

With inter-party latency, all sides can see what may have caused an issue, eliminating costly investigations. For example, if an order was slowed down, a broker would be able to see instances where the performance degradation was caused by the exchange and not the service provider.

"We like to call Corvil business intelligence out of the box," Baillargeon says. "It allow us to offer targeted financial services industry intelligence to our customers, differentiating us from an Amazon Web Services or Microsoft Azure."

Implementing an advanced data analytics program can take 18 to 24 months. It simply takes time to build up databases so AOA tools can integrate well with big data analytics. And whether it's for visibility into the network or more extensive data analysis, advanced operations analytics has the potential to transform the IT department from a cost center into a profit center.

Chart: Providing insight across the business
Article 3 of 5
This was last published in June 2015

Dig Deeper on Network management software and network analytics

Get More Network Evolution

Access to all of our back issues View All