Data-Driven DevOps: Bringing Visibility to Any Cloud, Any App, & Any Device Erik Giesa SVP of Marketing and Business Development, ExtraHop Networks
Your Monitoring Strategy Must Change How can you maintain visibility for this Any Cloud, Any App, & Any Device when your performance and security monitoring was built for this? Traditional IT Architecture
Everything transacts on the wire Brad Hedlund, Networking is a Service, and you are the Service Provider: http://bradhedlund.com/page/3/
Infrastructure Monitoring Application Performance Network Performance Business Process Monitoring...The complexity, modularity, and volatility of modern systems make it impossible to predict global states from local states. Will Cappelli and Vivek Bhalla, Gartner March 2016 Web Services Monitoring Cloud Monitoring Virtualization Monitoring Packet Capture Log Management Database Monitoring
APP IT VM DBA NETWORK STORAGE OPS
You Can t Orchestrate or Automate What You Can t See Software-defined datacenters Containerization Rapid deployments Orchestration & automation Zero-day events Security exposures/ data breaches Poor user experience Slow application roll-outs Application downtime War rooms
Data-Driven DevOps Taxonomy: See with Data it is wire data radically rethought and used in new ways that will prove to be the most critical source of data for availability and performance management over the next five years.... WIRE DATA REAL-TIME OBSERVED AND EMPIRICAL MACHINE DATA SYSTEM SELFREPORTED AGENT DATA PROBE DATA HOST INSTRUMENTED PERIODIC AND SCRITPED Will Cappelli and Vivek Bhalla, Gartner March 2016 Use Data and Analytics-Centric Processes with a Focus on Wire Data to Future Proof Availability and Performance Management GLOBAL STATE ALL L2-L7 COMMUNICATION AND ALL TRANSACTION L2-L7 COMMUNICATION AND DATA TRANSACTION DATA LOCAL STATE LOCAL STATE SAMPLED STATE LOGS, SNMP, WMI LOGS, SNMP, WMI NETFLOW, IPFIX, ETC. NETFLOW, IPFIX, ETC. HARDWARE, O/S, APPLICATION HARDWARE, O/S, APPLICATION CODE-LEVEL CODE-LEVEL EXTERNAL / INTERNAL EXTERNAL / INTERNAL SERVICE AVAILABILITY SERVICE AVAILABILITY
Real-Time Visibility for Any Cloud, Any App, & Any Device Automatic Discovery & Classification Unification Across Physical, Virtual, and Cloud Visibility & Event-Driven Orchestration Any device, app, or cloud Any network, VLAN, VXLAN or micro-segment Auto-map dependencies & relationships across full stack Automatically learn and build baselines for all devices and workloads Understand effects of cloud and SDN orchestration Measure and compare app performance before and after migration Track VMs as they move across the SDDC Fabric Cloud scale up to 40 Gbps throughput and 1.3 million HTTP TPS End-user experience monitoring End-to-end visibility for every transaction across the stack Validate security policies with continuous L2-L7 behavioral analysis Data-Driven DevOps Rapid customization: measure any information from the data stream in real-time.
To Structured Wire Data From Unstructured Packets Stream processing pre-processes All L2-L7 and communication analyzes all data-inflight the creating network on structured wire data Application Data Business Data Availability Data Security Data Performance Metrics Capacity Data POST Content AJAX Data Product ID Customer ID HTTP status codes Application errors Command and Control Shadow IT (SaaS, cloud) Caching Behavior Compression Behavior Throughput Transactions Section Sub-Section Page Title Session Cookie Shopping Cart ID Cart Items Cart Values Discounts Connection resets Heartbeats SSL certificate validity Synthetic pingers Network traversal Unauthorized outbound connections & protocols Storage/DB access Blacklisted traffic Base HTML Load Time Round Trip Time Client Request Time Server Reply Time Dropped packets Application stalls Application slowdowns Geolocation/ IP mapping Proxied IP Address Order ID SNMP traps Brute force attacks Server Send Time Storage Access (reads/writes) Error Message Abandoned? Authentication errors Surreptitious tunneling Total Time Taken SSL Offload
Simplified and Continuous Real-Time Visibility for the SDDC and DevOps REAL-TIME OPERATIONAL INTELLIGENCE NSX Manager vcenter Internet ER-SPAN Open Data Stream API ER-SPAN, SPAN, Network taps
VLANs Devices
Web LDAP Database DNS Storage Network
Orchestration & Migration Visibility for Any Workload VM APP cluster process time, network latency, and congestion analysis VM STORAGE cluster process time, network latency, and congestion analysis VM STORAGE cluster process time, network latency, and congestion analysis
Layer 2 Analysis Throughput, Frame Type, Frame Distribution etc. Layer 3 Analysis Packets/Bytes by Protocol, segments, Layer 4 Analysis Virtual Packet Loss, Top Talkers, Failures, TCP Analysis (RTO, Tinygrams, Zero Windows, Nagle Delays) Orchestration Policy Questions Can the existing network support a new workload? Should I create a new network? Should I vmotion a workload? Where should I vmotion?
Orchestration Policy ANSWERS Web performance & errors Did the migration work? Was there an impact on the end-user or workload? Is it performing better, worse or the same? Database performance and errors
Security Control Auditing for Any System, App, or Cloud EXPIRED certificates: where, when and how much SOON TO BE EXPIRED certificates: where, when and how much COMPLIANT and NON- COMPLIANT Ciphers, SSL, and TLS versions: where, who, how much, when
BEHAVIORAL Anomaly Detection Unusual data transfers? Anomalous methods used? Unauthorized protocols? Failed and successful login attempts: who, when, where, and what? Is all PII data encrypted while in flight? Any behavior can now be observed and analyzed.
Web Services SLA Governance
Real-Time Business Analytics for Any App or Business Real-time revenue analysis Correlate infrastructure and app performance with business processes Understand and correlate IT investment with business performance
ExtraHop Open Data Stream Wire Data VMware REAL-TIME stream processing, analysis, and visualization Visualization Tools Other ITOA Data Sources Non-Proprietary NoSQL DB Machine Agent Probe Human AND/OR
Delivering Performance, Security, and Business Analysis for Any Cloud, App, or Device REAL-TIME OPERATIONAL INTELLIGENCE FOR SDDC PROACTIVE MONITORING & REMEDIATION OPTIMIZATION & CONTINUOUS IMPROVEMENT PERVASIVE SECURITY MONITORING & COMPLIANCE BUSINESS & OPERATIONS ANALYTICS
NEXT STEPS Visit us in our booth to see an in-person demo OR Try our interactive online demo: www.extrahop.com/demo