Route-Flow Fusion : Integrated NetFlow and IP Route Analysis



Similar documents
Network-Wide Class of Service (CoS) Management with Route Analytics. Integrated Traffic and Routing Visibility for Effective CoS Delivery

Real-Time Traffic Engineering Management With Route Analytics

Network-Wide Change Management Visibility with Route Analytics

Best Practices for Eliminating Risk from Routing Changes

Network-Wide Capacity Planning with Route Analytics

Routing & Traffic Analysis for Converged Networks. Filling the Layer 3 Gap in VoIP Management

Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics

Introduction. The Inherent Unpredictability of IP Networks # $# #

Regaining MPLS VPN WAN Visibility with Route Analytics. Seeing through the MPLS VPN Cloud

MPLS WAN Explorer. Enterprise Network Management Visibility through the MPLS VPN Cloud

Enhancing Network Monitoring with Route Analytics

Riverbed SteelCentral. Product Family Brochure

Application Performance Management

Riverbed SteelCentral. Product Family Brochure

Packet Design Combines Traffic Flow with Route Analytics to Offer a Foundation for Next-Generation Traffic Management

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

Network Performance + Security Monitoring

How To Manage A Network With Ccomtechnique

TECHNOLOGY WHITE PAPER. Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform

Traffic & Peering Analysis

THE CONVERGENCE OF NETWORK PERFORMANCE MONITORING AND APPLICATION PERFORMANCE MANAGEMENT

Managing LTE IP Transport Networks with Route Analytics

Troubleshooting Common Issues in VoIP

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance

Best Practices from Deployments of Oracle Enterprise Operations Monitor

Session Border Controllers in Enterprise

The Next Generation of Wide Area Networking

Intelligent Routing Platform White Paper

Cisco Network Planning Solution 2.0 Cisco Network Planning Solution Service Provider 2.0

Fundamentals of VoIP Call Quality Monitoring & Troubleshooting. 2014, SolarWinds Worldwide, LLC. All rights reserved. Follow SolarWinds:

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS

Best Practices for NetFlow/IPFIX Analysis and Reporting

Monitoring Service Delivery in an MPLS Environment

SIP Trunking Guide: Get More For Your Money 07/17/2014 WHITE PAPER

7 Key Requirements for Distributed Network Monitoring

Multi Protocol Label Switching (MPLS) is a core networking technology that

Service assurance for communications service providers White paper. Improve service quality and enhance the customer experience.

WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO

Sprint Global MPLS VPN IP Whitepaper

How IT Can Help Companies Make Better, Faster Decisions

10 METRICS TO MONITOR IN THE LTE NETWORK. [ WhitePaper ]

Backbone Modeling for Carrying Local Content and Over-the-Top Traffic

Course Contents CCNP (CISco certified network professional)

Performance Analysis of Routing Protocols for Real Time Application

Analyze hop-by-hop path, devices, interfaces, and queues Locate and troubleshoot problems

Border Gateway Protocol Best Practices

The Financial Benefits of Using LiveAction Software for Network QoS

Gaining Operational Efficiencies with the Enterasys S-Series

Business case for VoIP Readiness Network Assessment

Performance Management for Enterprise Applications

An Application-Aware Network is Key to Maximizing Productivity. by Zeus Kerravala

A Link Load Balancing Solution for Multi-Homed Networks

MSP. HOW MSPs Can Use Performance Monitoring to Create New Revenue Streams. [ WhitePaper ] Introduction

Empirix OneSight for VoIP: Avaya Aura Communication Manager

Network Instruments white paper

Whitepaper. A Guide to Ensuring Perfect VoIP Calls. blog.sevone.com info@sevone.com

Whitepaper. 10 Metrics to Monitor in the LTE Network. blog.sevone.com

Cisco and Visual Network Systems: Implement an End-to-End Application Performance Management Solution for Managed Services

Cisco IOS Flexible NetFlow Technology

SolarWinds Network Performance Monitor powerful network fault & availabilty management

SOLARWINDS NETWORK PERFORMANCE MONITOR

PLA 7 WAYS TO USE LOG DATA FOR PROACTIVE PERFORMANCE MONITORING. [ WhitePaper ]

Contact Center Technology Monitoring

The Mandate to Implement Unified Performance Management

Service Assurance Tools

QRadar Security Intelligence Platform Appliances

IBM Tivoli Netcool network management solutions for enterprise

Demonstrating the high performance and feature richness of the compact MX Series

Cisco Network Planning Solution 2.1 and Cisco Network Planning Solution - Service Provider 2.1

Visualization, Management, and Control for Cisco IWAN

Flow Analysis Versus Packet Analysis. What Should You Choose?

Aternity Virtual Desktop Monitoring. Complete Visibility Ensures Successful VDI Outcomes

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Network Instruments white paper

FIREWALL CLEANUP WHITE PAPER

Extreme Networks CoreFlow2 Technology TECHNOLOGY STRATEGY BRIEF

Corporate Network Services of Tomorrow Business-Aware VPNs

White paper. Business Applications of Wide Area Ethernet

Holistic VoIP Lifecycle Management

RIVERBED STEELCENTRAL NETPLANNER

IBM Tivoli Netcool network management solutions for VoIP

Flexible SDN Transport Networks With Optical Circuit Switching

Comparing MPLS and Internet Links for Delivering VoIP Services

Applying Internal Traffic Models to Improve Identification of High Fidelity Cyber Security Events

Creating Business-Class VoIP: Ensuring End-to-End Service Quality and Performance in a Multi-Vendor Environment. A Stratecast Whitepaper

White Paper. The Ten Features Your Web Application Monitoring Software Must Have. Executive Summary

Measuring VoIP QoS. Going Beyond Can You Hear Me Now? Kaynam Hedayat. MPLScon May 2005

Report of Independent Auditors

Is Your Network Ready for VoIP? > White Paper

SolarWinds Network Performance Monitor

WHITE PAPER: Broadband Bonding for VoIP & UC Applications. In Brief. mushroomnetworks.com. Applications. Challenge. Solution. Benefits.

Using LiveAction Software for Successful VoIP Deployments How to quickly and accurately deploy QoS for VoIP networks

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.

Introduction to HA Technologies: SSO/NSF with GR and/or NSR. Ken Weissner / kweissne@cisco.com Systems and Technology Architecture, Cisco Systems

Delivering Dedicated Internet Access (DIA) and IP Services with Converged L2 and L3 Access Device

CA Spectrum r Overview. agility made possible

Application Visibility and Monitoring >

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

Assuring Global Reference Data Distribution on a Virtual Appliance

Transcription:

Route-Flow Fusion : Integrated NetFlow and IP Route Analysis WHITE PAPER

Table of Contents Introduction 3 Increasing Demands and Changing Dynamics in IP 3 Networks 3 The State of Network Management Practice and Solutions 4 Monitoring vs. Planning An Unhelpful Divide 5 Route-Flow Fusion: The Fusion of Routing and Traffic 5 Analysis and Planning 5 Route-Flow Fusion Benefits and Applications 6 Conclusion 8 Page 2 of 9

Introduction IT and network engineering departments are under increasing pressure to deliver more predictable and better performing IP networks. Meeting more stringent Service Level Agreement (SLA) requirements for converged data, voice and multi-media, and coping with the effects of web-enablement and Service Oriented Architecture (SOA) requires increased network management visibility and accuracy. While new end-to-end application performance management solutions have arisen to complement SNMP device management, the tools utilized by engineers to understand the inner workings of IP networks themselves are still rudimentary. This leaves network managers coping with an opaque network cloud of dynamic IP routing and traffic that is the root cause of a large percentage of application problems. The traditional separation between operational monitoring/analysis and engineering planning tools makes things worse, since engineers can t effectively use real-time monitoring data to plan and optimize the network. A new level of networking management best practices and solutions is needed to meet the challenge of evolving network requirements. Packet Design has pioneered a new technology called Route-Flow Fusion that combines deep visibility into IP routing and flow-based traffic with monitoring, analysis and modeling capabilities. Route-Flow Fusion provides unprecedented visibility into the network cloud and enables IT to more rapidly, confidently and accurately optimize IP networks for better application and service delivery. This white paper provides an overview of the increasing demands on today s IP networks, reviews the evolution and current state of network management, then introduces Route-Flow Fusion technology and explores how Route-Flow Fusion can be applied to enhance network management best practices and achieve a rapid return on investment for IT and network engineering departments. Increasing Demands and Changing Dynamics in IP Networks Today s IP networks are increasing in volume, complexity and sensitivity of the traffic they are carrying. Web-enabled applications are leading to significant increases in traffic due to the graphical nature of web transactions compared to earlier text-based transactions. In addition, while the vast majority of traffic originates from relatively few Internet peerings and major data centers, converged VoIP, emerging peer to peer applications, and the onset of SOA add a matrix of business-critical and geographically distributed traffic across all parts of the network. As a result, it is becoming more important than ever to understand the correlated state of routing and traffic flows across all links in the network not just a few WAN links. Routing issues in particular can cause unexpected congestion that disrupts sensitive applications. For example, studies show that changes and instabilities in Interior Gateway Protocols (IGPs) such as OSPF, EI- GRP and IS-IS can cause significant traffic changes in an IP network and disrupt the availability and quality of VoIP deployments, even in carrier-class networks with practically unlimited bandwidth and very low latency. 1,2 For IT and network engineering departments intent on delivering excellent network service, understanding the inner workings of IP routing and traffic is becoming more important than ever before. 1 C. Boutremans, G. Iannaccone, and C. Dict, Impact of link failures on VoIP performance, NOSSDAV, May 2002 2 R. Teixeira, N. Duffield, J. Rexford, M. Toughan, Traffic Matrix Reloaded: Impact of Routing Changes, Proceedings of the Passive and Active Measurement Workshop, Boston, MA, March 2005

The State of Network Management Practice and Solutions Traditional network management practices and solutions have largely overlooked the dynamic inner workings of IP networks. Traditional SNMP management solutions are limited to periodic checks on device and interface health and statistics, and don t give real-time intelligence and visibility into routing and traffic. Where traffic and routing issues are concerned, SNMP-based monitoring suffers from a relatively low signal to noise ratio, because one Layer 3 event can set off so many different individual device, interface (port, circuit) and performance metrics monitored by SNMP events, making it extremely difficult to arrive at an accurate picture of what is happening in the network. While some vendors have attempted to cope with this situation by utilizing sophisticated, pre-set codebook algorithms to interpret patterns of SNMP event data, they are still limited by the non real-time and periodic nature of SNMP polling, which misses a significant amount of highly dynamic and sometimes voluminous routing and traffic event occurrences. As a result, codebook approaches only approximately infer root causes from SNMP event streams, and don t provide fundamentally better visibility into the network. More recently, a number of emerging network management solutions have focused on measuring end to end application performance characteristics from client hosts to servers, while performing network measurements to help fill out the middle of the picture in a rough manner. Yet they can t provide visibility into real-time routing and traffic because like legacy network device management systems, they rely on SNMP polling snapshots that are far too infrequent and lack the detail to give an accurate picture of the network s routing and traffic. One exceptional development in the network management marketplace is the emergence of high-performance flow collection techniques, and traffic analysis solutions that leverage the data in collected flow records. The most widely used such flow collection techniques are NetFlow and IPFIX. Corresponding to the emergence of practical flow data collection, a new set of network management solutions Traffic Analysis solutions organize voluminous flow record data into helpful tabular reports that show the top traffic senders and receivers, and allow for detailed analysis of the flows that comprise the traffic running over particular links, allowing network managers to identify anomalies that may be contributing to congestion on a link. Despite the usefulness of this traffic flow analysis, current solutions suffer from a number of major limitations: Very limited scope of visibility: Flow records only provide link utilization and flow information on links that are directly attached to the router that is generating the flow records. While theoretically NetFlow or IPFIX can be turned on for every router and switch in an organization s network, it is highly impractical to do so due to the volume and complexity of managing so much data, so most organizations deploy flow collection on a relatively small percentage of their routers. While visibility to perhaps 90% of raw flows on the network is not hard to achieve, standard traffic analysis tools only provide visibility into a small percentage of the links on the network. The result is that network managers end up with islands of visibility in a sea of network management darkness. No understanding of IP networks routed topology: Standard traffic analysis tools do not understand network topology, and treat the network topology as a static entity, whereas in reality it is Page 4 of 9

very dynamic. In fact, traffic analysis solutions generally provide no representation of the network topology at all, but rather only provide aggregated and per-link tabular views of ranked traffic statistics (such as top sending and receiving hosts) and flow details. Since network changes, whether the addition or failure of links, changes in metrics, or other IGP-related events have such a large effect on traffic patterns, this is a major limitation. Poor visibility to emerging issues, limited root cause analysis capability: Given the above limitations, while standard traffic analysis tools are helpful to understand issues stemming from hosts, or those occurring on the small percentage of directly monitored links, they still offer very little direct intelligence on the network s behavior, and most of the time can t offer an answer to the question of why any particular traffic is flowing over any particular link. Monitoring vs. Planning An Unhelpful Divide Aside from a near total blindness to correlated routing and traffic in IP networks, another significant barrier to sound network management practices today is the unhelpful divide between monitoring and planning solutions. For example, traffic analysis solutions provide real-time monitoring insight into network traffic flows, yet provide absolutely no ability to model how planned or unplanned changes in the network would affect that traffic, making the monitoring data much less useful in practice. Network managers are left to exercise educated guesswork when implementing adds, moves and changes to routers, applications, servers, and users, or when trying to determine if there is sufficient redundancy in place for failure scenarios. On the other hand, today s network planning tools, while very powerful and able to model a seemingly infinite variety of network details, operate largely on offline, synthetic data rather than any real-time data from the network itself. In addition, the sheer complexity of these tools makes them useful primarily for long-range planning or greenfield network build-outs, but not very useful for routine operational or tactical planning purposes. The result of this divide between monitoring and planning is to fundamentally undermine the goal of network engineering and operations best practices, because planning, execution and validation operations lack sufficient data and modeling capabilities to ensure accuracy. As a result, misconfigurations still play an unfortunately regular part in network issues. For example, the previously referenced study on VoIP in a carrier-class network showed that router mis-configurations and resulting routing instabilities after simple link failures caused significant disruptions in VoIP quality and availability. Given the pressures on IT to deliver ever-more predictable network service, it is now unacceptable for organizations to settle for the lack of visibility into network routing and traffic, and for the lack of integrated monitoring and planning solutions. Route-Flow Fusion: The Fusion of Routing and Traffic Analysis and Planning Route-Flow Fusion is the first network management technology that delivers complete real-time visibility of correlated, network-wide IP routing and traffic flows, with the integrated monitoring, analysis and Page 5 of 9

planning capabilities that IT and network engineering departments need to optimize the network cloud. Route-Flow Fusion creates an integrated and fully analyzable, operationally accurate model of the real network s routing and traffic flow topology, by recording and processing routing protocol updates and traffic flow records. Route-Flow Fusion perfectly complements existing SNMP device management, end to end application performance and long-range planning solutions by giving unprecedented visibility into and modeling for critical IP routing and traffic. Route-Flow Fusion provides a number of unique capabilities: Real-Time, Network-Wide Traffic Visibility: Unlike standard traffic analysis tools, route-flow fusion provides visibility into traffic and flows on all links in the network. To do this, Route-flow fusion leverages Packet Design s route analytics technology to map recorded flows across their network paths. Replayable Routing and Traffic History: By continuously recording the state of routing and traffic over time, route-flow fusion can accurately portray an analyzable, network-wide map of all links and their traffic flows at any point in its recorded history. IGP and BGP Routing and Traffic Correlation: Route-flow fusion provides visibility into traffic phenomena from the point of view of both IGPs such as OSPF, IS-IS, and EIGRP, as well as from the point of view of key BGP routing attributes such as AS_Path, Neighbor_AS, Community and Exit Router. Integrated Monitoring and Planning: Through its highly accurate routing and traffic topology based on recorded routing updates and flow records, route-flow fusion goes beyond monitoring and analysis to provide what-if modeling and planning. Network managers for the first time can model a number of operationally relevant changes, and see the effect on the as-running network based on its real routing and traffic. Planning capabilities include adding, downing, moving or changing any combination of the following items in the network: Routers running any combination of major routing protocols IGP links or BGP peerings Prefixes Routing Metrics BGP community strings, Local Pref, MEDs Individual traffic flows Full or partial traffic matrices Once a set of changes has been made, route-flow fusion provides detailed before and after analyses to show exactly how routing and traffic has changed in the network. In addition, when in planning mode, the analysis capabilities of route-flow fusion, including reporting, historical analysis, routing and traffic correlation, and routing analysis, reflect any modeling changes made to the routing/traffic topology, providing a closed-loop, what-if analysis of any planned or unplanned change in the network. Page 6 of 9

Route-Flow Fusion Benefits and Applications Route-Flow Fusion unveils the inner workings of the network cloud and empowers IT and network engineering departments to be more responsive, accurate and confident in meeting customer needs and emerging service delivery challenges. By integrating routing and traffic, monitoring and planning, Route- Flow Fusion redefines and empowers best practices across a variety of network engineering and operations applications that optimize both the operational cost and the service delivery of IP networks, leading to a rapid Return on Investment for IT and network engineering departments. Following are a number of applications that leverage the unique power of Route-Flow Fusion s integrated traffic and routing analysis and planning capabilities: Peering and Transit Analysis and Planning: Route-Flow Fusion provides network planners with visibility to: Monitor exit link utilization to ensure customer service levels Monitor traffic by exit routers to ensure adequate load balancing and redundancy Ensure peering vs. transit traffic is within contracted ranges Identify and justify potential peering relationships Capacity Planning: Network managers can manipulate the full traffic matrix to model traffic growth or changes such as: Moving groups of users to a new location Moving servers to a new data center or co-location Point of Presence (PoP) New application deployments Departmental Chargeback: IT departments can group prefixes associated with a set of servers or users (sites, departments etc.) and record traffic utilization per group for departmental accounting and chargeback purposes Optimized Flow Collection: Network engineers can gain network-wide, per-link utilization and detailed flow analysis while optimizing the number of flow collection points in the network Routine routing maintenance operations planning and validation: Network engineers can accurately plan routine maintenance such as upgrading a router, adding a link, changing BGP policies. Route-Flow Fusion provides proactive analysis of the effect on network routing and traffic to ensure that there are no surprises. Real-time monitoring information ensures that no excessive network churn is occurring at the time of the maintenance, and validates that network routing and traffic behavior is as expected after the maintenance is completed Failure analysis and redundancy planning: Route-Flow Fusion allows for accurate what-if analysis of potential failures on routers and links, using the actual network s routing and traffic as the baseline. Failure response and network remediation modeling: Route-Flow Fusion s real-time monitoring and planning of routing and traffic allows network managers to respond rapidly to failures with what-if modeling and analyses to quickly decide the best network remediation strategy. Congestion analysis and remediation: Network managers can view histograms of historical link utilization, perform analysis of congestion patterns and drill down into the specifics of common flows that contribute to congestion on links. What-if planning allows engineers to determine the best remediation strategy. Broader congestion analyses can be performed by manipulating and Page 7 of 9

analyzing the full traffic matrix. Network planning for cost and service delivery optimization: Many organizations have a limited number of well-known, critical applications. Route-Flow Fusion provides the broad visibility, detailed analysis and what-if planning capabilities to understand network-wide traffic, see congestion hot spots, and optimize the routers, links and redundancy for optimal cost and service delivery. Tactical network planning: Complementing long-range planning tools, Route-Flow Fusion allows network managers to accurately plan tactical changes to the network such as adding a new set of routers and links, or enabling a new IGP. Conclusion Network managers face SLA pressures that require a truly network-aware complement to traditional SNMP device management, end-to-end application performance management and long-range planning tools. Route-flow fusion fills a critical hole in network management portfolios by providing real-time, network-wide visibility into the network cloud of correlated IP routing and traffic, with integrated monitoring, analysis and planning capabilities that speed IT and network engineering responsiveness, accuracy and confidence. Route-flow fusion delivers a powerful and rapid ROI by enabling best practices that lower the cost and optimize the service and application availability and performance of IP networks. Page 8 of 9

To learn more about Packet Design and Route Explorer, please: Email us at info@packetdesign.com Visit Packet Design s web site at www.packetdesign.com Call us at +1.408.490.1000 Corporate Headquarters Packet Design 7801 North Capital of Texas Hwy Austin, TX 78731 Phone: 408.490.1000 Fax: 408.562.0080 Page 9 of 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information