Tuesday, July 24, 2012

Gold medal service level monitoring

Uplogix Local Managers (LMs) monitor, measure and manage the performance of critical network services and applications from the end-user’s perspective. This is done in two ways.

First, the LMs can use Layer 2 visibility to collect 36 values from managed network devices such as Rx, Tx, CRC, Load, Line Protocol Status and more.

Second, by actively monitoring traffic at Layer 4 with synthetically generated Internet, Network and VoIP transactions. These can designated to be performed over any network segment connecting two Uplogix Local Managers so infrastructure problems can be precisely isolated. These tests measure 47 different values including jitter, latency, MOS, R value and more.

Administrators can quickly and easily establish acceptable thresholds for all monitored services and receive alerts via email when service-level events violate these thresholds. Service-level data is also stored to facilitate trend analysis, and can be easily exported for custom reporting or integration into other management systems.

In the video below, see James Dollar, Uplogix founder and CTO, show how SLV is used to validate network automation. (run length is about 2 minutes).

The available types include Voice, Web Transaction and TCP:
    • Voice | executes a synthetic call using similar codecs of humans speaking phonetically balanced “Harvard” sentences – provides 47 RTCP elements.
    • Web Transaction | executes a HTTP(S) transaction including DNS lookup, SYN/ACK round trip time, time to first/last byte, HTTP result codes, and includes the ability to parse the first 1000 bytes for a keyword or phrase
    • TCP Port | Executes a SYN/ACK round trip to measure network latency and availability for any TCP-based application 

To sum up, service level monitoring from Uplogix can:
  • Represent interfaces on multiple networks, QOS tagged, performed just as end user devices 
  • Regularly monitor network based services to validate availability 
  • Execute tests ad-hoc for troubleshooting
Do you really know how well your service levels are being met? For more information, see the Uplogix website, Performance & Availability Management.

Wednesday, July 11, 2012

The costs of going from 99 to 99.99

How hard/expensive can 0.99% be?
A recent two-part article in Network World gave a clear analysis of the basic networking and economic drivers of WAN service history over the last 30 years up to the present day where many enterprises continue to pay much more for MPLS connections than cheaper broadband options.

It's about reliability, but more so what's behind the guarantee of reliability when it comes to site-to-site intranet WAN.

"The primary reason that enterprises have not switched to primary use of the Internet for their site-to-site intranet WAN is that unaided it is simply not reliable enough. The popular perception that the Internet: "works pretty well most of the time" is reasonably accurate. The problem with this is that "works pretty well" is not good enough for most enterprise WAN managers, and "most of the time" is not good enough for almost any."

The article states that generally Internet connections are about "two nines" or 99% reliable, which includes both availability and also whether packets sent are delivered successfully without being lost or excessively delayed. Over the span of a year, that 99% equals 3.6 days a year where that connectivity is poor or nonexistent. Moving from two to four nines lowers outage time to 45 minutes a year on average.

The Internet is, by design, a network of networks. As such, no one guarantees end-to-end connectivity across the internet. But problems with packet delivery across the internet are almost never at the Internet core. "The core, in fact, is four nines reliable, and given the increasing importance of Internet commerce, as well as the significant number of Internet providers and competitors, there is little reason to think that this will change. Internet quality problems, then, usually result from either last-mile link connectivity or else at the peering points, which are the places where Internet Service Providers (ISPs) connect with each other."

It's the peering points connecting different ISPs' networks together that are a significant source of packet loss and delay. Providers engineer their internal networks for high nines -- their "on-net" performance. But the handing off of packets between two or more ISPs before reaching their destination, or "off-net" performance, isn't part of any incentive for providing four nines performance. They just can't guarantee what happens after the hand off. And the cost of providing four nines versus two nines at all peering points is an order of magnitude higher. These are the economics that are helping ensure high MPLS bandwidth costs.

What's the tie-in to Uplogix?
Well, we can't do much for the ensuring that your provider hits all the nines you expect when it comes to your outside connections (unless, that is, they too are using Uplogix to manage their infrastructure!), but we can definitely help you manage your WAN across multiple sites.

Say a connection goes down at a branch office. With Uplogix managing gear locally, we'll be able to report on device status in your network infrastructure. Is it your problem, or your service provider's? And if it's your problem, odds are, we'll be able to fix it automatically.

With Uplogix deployed in your network, we can do point-to-point service level verification testing. An Uplogix Local Manager sits on your network, just like a user's phone or desktop. We can make synthetic calls and transactions that will be graded and scored to help you get the same performance picture as your users.

Read more about performance and availability management on the Uplogix website.

Cyber command head calls for legislative action now

Army General Keith Alexander, commander of the Cyber Command and head of the National Security Agency called for legislation to enable and encourage infrastructure organizations like electrical grids and banks to quickly tell the government when they are under cyber attack.

“One of the things that we have to have (with legislation), is if the critical-infrastructure community is being attacked by something we need them to tell us at network speed,” Alexander said during a talk this week in Washington DC.

Watch a video of the talk.

The need to knowHe stressed that it doesn't require the government to read personal email, but for the internet service provider or company to share the type of event in real time.

Gen. Keith Alexander
“It’s like a missile coming in to the United States,” he said, adding that someone would not notify the government about an incoming missile via “snail mail.” He said the notification about cyber attacks could be in “real time,” but under a construct where citizens know “that we’re not looking at (taking actions that would raise concerns about) civil liberties and privacy.”

The government needs to warn the private sector and critical-infrastructure defenders about cyber threats, Alexander said, and also learn when attacks hit. The distinctions regarding what information needs to be shared need to be better understood by the public. He said his concern is that misunderstandings will delay legislation and solutions "until something bad happens."

Uplogix can help
The Uplogix security story is pretty impressive. In addition to extending multifactor authentication through integration with TACACS and RADIUS to all devices managed through an Uplogix Local Manager, we're able to maintain and enforce AAA (Authentication, Authorization and Accounting) regardless of the state of the network. Uplogix logs all changes made to managed devices and the results of those changes for improved audit and compliance reporting.

Find out more about security and compliance management on the Uplogix website.