Effective management of WAN performance and security starts with gaining full visibility into how network capacity is being used by both the applications and the users on the network. Organizations not only need to understand what type of traffic is flowing through the network, they should also be able to measure bandwidth usage per application, location and user (or group of users). The ability to identify types of traffic that are running on the network helps organizations to be more effective when defining network usage policies.
Not being able to view network traffic can reduce the effectiveness of WAN optimization initiatives, especially if optimization solutions accelerate malicious traffic along with data that is business critical. Not seeing network traffic can also increase the potential for security threats and undermine an organization's ability to better leverage its existing network capacity.
How network visibility affects WAN performance
Low WAN traffic visibility challenges network performance management.
WAN application performance visibility means better WAN management.
Catch performance loss with network visibility before end users complain.
New WAN optimization solutions need application visibility and control.
Just having some type of tool for monitoring the network and applications does not ensure successful improvements in managing WAN performance and security. Recent research has revealed that even though 85% of organizations improved their ability to collect network and application performance data over the last two years, only 54% of these organizations improved their ability to resolve issues with network and application performance in a timely manner over the same period.
There is a wide range of monitoring solutions with network visibility available in the market today. In order to achieve full WAN performance visibility, it is important to choose solutions that can collect not only generic performance data but also data that is truly actionable and can be turned into information needed to prevent performance problems.
The goal is to be more proactive when managing WAN performance and security. To do this, you need tools in place that will alert the IT staff to potential problems before end users are affected. Tools for network anomaly detection, for example, can analyze historic performance data to define dynamic thresholds for acceptable levels of performance and issue alerts every time the performance falls below these thresholds. Also, the majority of these tools can define baselines based on capabilities for ongoing learning, which enables organizations to adjust to changes in network traffic, which in turn automates the process for proactive WAN management.
Automating processes for identifying performance anomalies improves the success rate in preventing problems while enabling organizations to manage more with less. The effectiveness of these capabilities also improves if they are coupled with tools for ensuring that the policies are enforced. This gives organizations the ability to have full control over their WAN traffic, and it also allows them to measure the effectiveness of their initiatives.
Matching security techniques to application needs
Less than three years ago, the top performance metric that end-user organizations were using to evaluate performance of their networks was the amount of unplanned network downtime. Since then, organizations have started to understand that managing only network performance does not ensure an optimal level of security and experience for each user. Companies have become more concerned about security and performance of applications that are running on the network, as opposed to the network itself. As a result, there is more of an emphasis on such metrics as application availability and response times when evaluating the management initiatives.
In order to effectively execute on these initiatives, organizations started looking beyond basic connectivity levels and started deploying network visibility solutions that would help them understand not only which Internet Protocol (IP) addresses and ports are being affected but, more importantly, which applications and/or users are suffering from performance issues.
Organizations need to be aware that there are different types of security risks associated with the different applications deployed and then take specific actions to address each of these threats. As organizations roll out more applications, the complexity of managing the security and performance of each of these applications is increasing, and so are the business risks that can come from an inability to effectively execute on key management strategies.
Applications such as instant messaging (IM) or peer-to-peer (P2P) sharing pose new security and performance management challenges, calling for a new set of capabilities to control this type of traffic. Organizations need to have capabilities in place that will allow them to identify this type of traffic and to take actions to filter these applications and ensure that they don't have a negative impact on their networks. Underlying technologies for these applications are significantly different from those of traditional enterprise applications, so organizations need to adjust their security techniques to the specific functionalities of each of these applications.
In order to achieve this goal, organizations must not only deploy new technologies with adequate network visibility but develop new strategies that will allow them to take a more coordinated approach when managing security and performance of data delivered over the network. This means, of course, that organizations should be focusing on the overall application delivery infrastructure (storage, networks, end-user devices, etc.) as opposed to just monitoring the network.