That’s a good question, what do self-driving vehicles have to do with our infrastructure? Is it that it’s untested, untrusted and unproven and could result in death and fear mongering? That’s certainly a true enough statement, though what is the key difference in the distinction of ‘autonomous’ vs merely self-driving vehicles?

Screen Shot 2016-11-09 at 10.36.24 PM.png

Screen Shot 2016-11-09 at 10.33.07 PM.png

 

 

Telemetry is the watch word

 

Today’s networks and systems are a huge ball of data, big data, helpful, insightful, useless and befuddling endless piles of information.   Left up to their own devices that information lives in its respective bubble waiting for us to ‘discover’ a problem and then start peeling back the covers to figure out what is going on.   The Autonomous Self-Driving example vs simply ‘self-driving’ is that you’re using data from many continuous and constant streams, using that data to correlate events and understand conditions.   In its primitive state it can be fairly effective, in a networked sense; Imagine every vehicle on the road communicating with each other, constantly panning and analyzing everything in front of, behind you and here, there and everywhere.   Compound that data with collected information from external sources such as road sensors, lights and other conditions and you have the power of having traffic management be automated (Slap weather stations into each of these vehicles and we get closer to predicting even more accurate weather patterns)

 

But hey, whoa, What about my network? My systems?!

 

More and more we’re continuing to see solutions which are evolved far beyond simply a point solution. SIEMs don’t just collect security and event information in a bubble. Syslogs aren’t just an endless repository of arbitrary strings of ‘event’ information.  SNMP need not live caught in its own trap.

 

There are tools, solutions, frameworks, and suites of tools which aim to bring your NOC and SOC into the future, a future wholly unknown.   There is no true panacea to tie everything together and be the end-all-be-all solution, though as time goes on evolutions and consolidations of products have been starting to make that possible.   There was a time when I ran a massive enterprise we would have ‘point’ tools, which do an amazing job of keeping up on THEIR data and telemetry though they were independent and not even remotely interdependent. Monitoring VMware with vCOPS, Monitoring the network with Orion and NPM, collecting some event data with ArcSight, while separately collecting Syslog information with Kiwi Syslog server, and yet SNMP traps would flow into SNMPc, oh and lets not forget monitoring Microsoft… That’s where System Center came in. 

 

On the one hand that may seem like an excessive amount of overkill, yet each ‘product’ covered and fulfilled its purpose, doing 80% of what it did well, yet in the remaining 20% unable to cover the rest of the spread. (Slight disclaimer, there were some 50+ more tools, those were just the ‘big’ ones that we’ve all likely heard of J)

 

So each of these solutions as they evolve or other products in the industry continue to evolve they’re taking what has effectively been the ‘cruise control’ button in our cars or even slightly better than cruise control and building the ability to provide real data, real analytics, real telemetry so that the network and our systems can work for us and with us, vs being little unique snowflakes that we need to care and feed for and figure out when things go wrong.

 

So what have you been using or looking at to help drive the next generation of infrastructure systems telemetry?   Are you running any Network Packet Brokers, Sophisticated ‘more than SIEM’ like products, or Solarwinds suites to tie many things together, Or has anyone looked at Intel’s open sourced Open Telemetry Framework, SNAP?

 

Please share your experiences!