Enterprise network architecture has certainly evolved, from flat networks where everything was interconnected, to hierarchical models with enhanced security now to a borderless world. Cloud, BYOD, telecommuting and the Internet of things have made the network perimeter effectively disappear. The one metric that has remained a priority in the network in spite of the changes is bandwidth and by extension the individual traffic flows that comprise it. Many enterprises have treated bandwidth like the elephant in the room, knowing they don’t have enough awareness of its details but not always having tools or time to analyze it. Here are a few reasons on why it is important to keep an eye on network traffic details.
Customer satisfaction is what every organization strives for. With more and more commerce shifting online, website or e-store outages or failed transactions will encourage your customers to look elsewhere. Equally important is your employee - remember how frustrating it was to browse during the dial-up era? Your work force, be it the engineering, sales or marketing, demands frictionless access to do their jobs. Poor connectivity when trying to access resources from the data center or during telecommuting can affect employee satisfaction and productivity.
Application and Data Delivery:
Whether you choose on-premises, hosted or cloud for your applications, bandwidth plays a critical role in service delivery. There is no point in investing on high end servers or expensive cloud solutions if the applications cannot be accessed due to pegged bandwidth, often hogged by non-business applications. Looking at usage patterns can tell you who and what is using your bandwidth and also if your business applications have the right priority they need to traverse the network.
Beyond ensuing available bandwidth, analyzing usage patterns improve network security by helping spot possible security issues. Be it zero-day malware that breached your IDS/IPS, infected bots sending spam from your network, or even complex DDoS attacks, each leaves a very visible footprint on your network traffic. Keeping an eye on usage and traffic patterns can help detect network behavior anomalies that possibly can be security issues.
Branch Office Connectivity:
For many organizations remote offices are key to business in the regions where they operate. Then there are the DR sites, server farms, data centers, etc., all connected by limited WAN links. It is important to ensure that transactions such as accessing and sharing of resources and information, voice and video communications, and data backup is completed successfully when your organization has a geographically distributed architecture. Here again, traffic analysis and bandwidth monitoring plays a key role in ensuring connectivity between branches and other sites, ensuring access and business continuity.
What can you do?
When it comes to effective bandwidth monitoring and traffic analytics, the options available are device interface statistics via SNMP, packet analysis and flow analysis (NetFlow, J-Flow and sFlow). SNMP tells you fine details such as how much of your link is utilized and the speed of total traffic but gives no information on who or what was responsible for it. Packet analysis gives you the finest details possible at the packet level, but also requires expensive tools, span ports and huge storage resources. When you need to see the finer details of bandwidth but with none of the implications associated with packet analysis, technologies like NetFlow is your best bet.
NetFlow technology can report on who is using the bandwidth, the end-points, applications, ports and protocols involved, DSCP priority of conversations and time details of when something happened. Using NetFlow you can ensure appropriate bandwidth for critical business apps, discover users hogging the pipe, whether important applications have the right priority, and detect network behavior anomalies. Best of all, NetFlow is not resource intensive - you can store NetFlow data for extensive reporting windows without the need of large data storage solutions.
The only limitation to getting started with NetFlow data analysis is that you’ll need a tool to receive and digest the exported flow data from your existing routers. Server based tools like SolarWinds Bandwidth Analyzer pack and others like standalone apps for your laptop, or even portable hand held network analyzers make this easy. Before you know it you’ll sort out the flow data, get reports on your bandwidth usage and if you export traffic details from multiple locations on your network you can even get a holistic view of your entire network.