The Role of Network Performance Enforcement in Scaling SDN and NFV

By NFVZone Special Guest
Bill Beckett, founder and chief strategy officer at Saisei
November 05, 2014

Network analytics has become a mainstream requirement for companies of any size.  We simply can't afford any longer to not understand the usage patterns, applications, users, locations and hosts appearing on our networks and the quality of experience they provide on our networks, especially as we deploy SDN and NFV.  

As we move to Big Data and Internet of Things (IoT) on legacy and SDN/NFV networks, it’s all about analytics – visibility and understanding what’s happening with literally billions of devices and applications…whether it’s a wearable device to report activity and health; sensors on beer kegs to indicate to distributors when they are in need of replacement; or sensors on store shelves, vending machines and anywhere useful to show inventory; etc.  Although some IoT devices like home surveillance cameras may add big bandwidth requirements, most IoT devices send very short messages. For example, just reporting a temperature can even be done in incredibly tiny IP flows…albeit billions of tiny IP flows.  

It's ironic that as network analytics is becoming ever so important and mainstream, Big Data and the Internet of Things, which is mostly driven by sensors for analytics, is having a huge amplification impact on our ability to do network analytics because it's greatly amplifying the total number of flows on networks. The most useful data point for network analytics is derived from IP flow data, and the number of flows on networks is drastically increasing.  This explosive trend will continue to increase for the next decade and more, until most people and things on our planet that should – or could – be connected to the Internet are connected.

The traditional approach to doing flow-based network analytics today is using data collected in distributed network appliances, but only sampled flow data is sent to central flow-data collectors for crunching and deriving meaningful information.  A typical network-enabled device may randomly select 1 in 5000 packets to choose a flow to sample, for example.  It's simply not enough, and with the IoT driving the number of flows on typical network devices drastically higher, a new approach is required.    

A new category of solution and best practice, which industry analysts are calling Network Performance Enforcement (NPE), has gotten the attention of enterprises and service providers because it is flow-aware and scales to derive meaningful data from the millions of flows processed across a network.   NPE solutions analyze these flows across a large number of key metrics per flow—through direct inspection of the flow, from measurements of the flow, and from correlations with data external to the flow (It has to be to be useful.) And this is done in true real-time.  Network operators are able to drill down to see every individual flow’s application information, the user whom it belongs to, the geographic location it's coming from, the quality of experience it sees across the end-to-end network and many other attributes.  And, more importantly, the system is able to perform massive-scale analytics on all flows so that the information can be displayed using simple presentations—such as the top users on a network at any point in time; the most-used applications on a network; the hottest geographical locations on a network; or which applications, users and locations are experiencing network-related problems in real-time.

Going a step further, NPE not only provides meaningful real-time data about the network, but is able to record this information so that the system literally becomes a window into a point of time on the network.  This allows operators to look at all network analytics information from any point in time—from a minute ago to a year ago.

With all this rich information about both real-time and historical network analytics, it then becomes possible to allow other devices to query the network and ask meaningful questions.  For example: "Show me all traffic data for Bill", “Show me applications not behaving well”,  "Show me the hottest geo location" and even more powerful, questions like "Show me the quality of from last Monday to last Friday."   

The Time Between Measurement and Action is Now Zero

The sheer amount of intelligence and analytics information fully contained in NPE is simply unprecedented to date and has captured the interest of enterprises and service providers looking to move to SDN and NFV.  But what truly sets NPE’s analytics ability apart is that it can instantly act on the intelligence it gathers using its integrated policy enforcement flow engines that also reside in-line on the network.   Network flows can be classified by most of the analytics points tracked and, in less than one second, bandwidth, security, and business policies can be enforced on each and every one of these millions of flows at an extraordinarily granular level, for example, by user, location, appliance, and even network health observed.     

It has long been the goal of the entire network management industry to reduce the time between measurement and action to zero, and that is a goal realized by NPE.  What’s more, NPE comes to market with the speed and power needed to analyze and enforce policy at the scale needed for SDN and NFV to succeed in the new world of IoT and Big Data.

About the Author: Bill Beckett is the founder and chief strategy officer at Saisei, a company reinventing network visibility, control and analytics to meet the unique challenges arising from Mobility, Cloud, SDN and Internet of Things deployments. He started his career as a network operator and has spent the past 25+ years helping to design and build some of the most successful enterprise and service provider networks globally.  

Edited by Maurice Nagle

Related Articles

New Partnership Helps Service Providers with SDN

By: Frank Griffin    3/30/2017

A new partnership between Packet Design and NEC/Netcracker is going to give service providers new tools to implement software-defined networking (SDN)…

Read More

Brain4Net's New SDN Services Mean More Value

By: Steve Anderson    3/23/2017

Brain4Net brings out a line of carrier Ethernet services built around SDN, which join with virtual network services to create greater value.

Read More

TMC Announces 2016 SDN Product of the Year Award Winners

By: TMC    1/18/2017

TMC, a global, integrated media company helping clients build communities in person, in print and online, announced today the winners of the 2016 SDN …

Read More

Juniper to Buy AppFormix

By: Paula Bernier    12/5/2016

Juniper Networks recently announced plans to buy cloud optimization platform provider AppFormix. The deal is expected to close this quarter.

Read More

Vidder Expands on PrecisionAccess with Automation, Channel Efforts, Etc.

By: Paula Bernier    11/28/2016

Security company Vidder, which sells the PrecisionAccess software-defined perimeter service, continues to build on its momentum with new customers, ne…

Read More