4 dimensions of network monitoring that matter most for data security

Register now

Digital transformation and cloud migration are among the hottest buzzwords in the enterprise space right now. While formal definitions vary, each of these concepts is built around the modernization of enterprise networks, including the retirement of legacy equipment and solutions for more agile, cloud-delivered solutions.

While replacing old-school, often proprietary apps for SaaS products and retiring data center stacks promises to streamline operations and deliver better end-user experience, the success of these initiatives rests squarely on the shoulders of IT. The challenge here is that even though IT teams are in charge of keeping apps and networks performing, these teams actually have less control and ownership over the network and their apps in the cloud era than ever before.

All of this is compounded by the fact that enterprises are leveraging greater connectivity to decentralize. At the same time, due to restrictions in budget or talent, enterprise IT teams are smaller and more centralized than ever before.

This means that centralized IT is in charge of managing an array of remote offices and workers, making network performance a lynchpin for business success. But without a local IT presence at each location (which would ultimately eat into the cost savings teams look to gain through Digital Transformation), IT could be blind to issues that are impacting end users most.

So how do teams regain visibility into the network -- and more specifically, end-user experience -- that gets lost when they move to the cloud? This requires a combination of active and passive monitoring methods that can deliver a local perspective into how users are experiencing the network, regardless of where they’re located or the apps they’re using.

IT can attain this by visualizing the network through four dimensions, taking into account the network paths users travers, the raw packets on the wire, Web/SaaS apps critical to business and conversation-level flow data. With this information in hand, not only can IT see the entire app delivery path and all traffic routes end-to-end, but they can also get granular, helping them quickly get to the bottom of issues before they even impact the end user.

Network Paths

By actively collecting data related to the network delivery paths that apps travel, IT can measure the health and availability of the end-to-end network, using metrics to pinpoint bottlenecks or leading performance indicators that might hinder performance. If there are localized issues at remote sites, for instance, such as laggy DNS or regional routing issues, with automated analysis observable systems, IT can start on the path to speedy issue resolution.

Comprehensive insight from the network path is required in a world where a single network path can be as long as a 30-hop, satellite-delivered WAN connection that peers with numerous ISPs, or as short as a laptop connected to a local file server over the office ethernet. This detail is crucial when IT has to answer for poor performance even if the end users never report it.


Network packets are the “raw” data that helps IT get the granular insight sometimes required when diagnosing the root cause of a network issue. Needless to say, this is essential for advanced troubleshooting and performance analysis, as it helps empower IT with a full understanding of the apps leveraging network capacity.

With technical enterprise IT staff centrally located, it’s incredibly difficult for teams to leverage “remote hands” to retrieve packet capture from branch offices (as well as time-of-day data). That’s why it’s critical for IT to have the ability to schedule packet captures at the right points in the network to gain visibility in an efficient manner that doesn’t stretch IT manpower thin.

This passive approach to monitoring, married with active network path insights, is essential to speeding up MTTR, even giving IT the data they’ll need to address issues proactively.

Web applications

Another core dimension for monitoring modern networks is focused on the business-critical apps that traverse enterprise networks. A best-practice monitoring solution would be proactive and help create a baseline of app performance from the end-user perspective through synthetic transaction scripting.

Scripts emulate the paths and actions that real end users would experience when accessing an application and runs this test periodically to monitor trends in multiple key metrics to alert IT when performance degrades. By running scripts from behind the firewall–and optionally from points of presence near users–IT can enable the “local perspective” into end-user experience that teams would otherwise be blind to.

Flow data

By collecting detailed flow data, a monitoring solution can deliver a high-level, passive view of all network traffic, inclusive of all the users, applications and remote offices the infrastructure is designed to support. While traditional solutions collect this data at centralized exchanges it is growing increasingly important to ensure that flows are captured at the edge.

By analyzing flows–sequences of packets from a source to a destination–IT can isolate specific traffic patterns for analysis. And when teams are able to combine their flow data with packet-level insights, they can pinpoint network usage to specific hosts and users on the network, giving greater context into what's a network or tech issue and what's not.

By taking this four-dimensional approach to network monitoring, IT leaves no stone unturned. They can more easily track the progress of their digital transformation or cloud migration, while always being at the ready with answers when end users come calling with performance issues.

For reprint and licensing requests for this article, click here.