Application Monitoring Beyond The Data Center

network and server monitoringThe closed environment of a traditional on-premises data center with hardware and software owned and controlled by the enterprise is now a thing of the past. Private, public and hybrid cloud deployments are empowering organizations to use the resources and capabilities of the cloud to drive business efficiency, self-service on demand, resource pooling, enhanced data storage, analytics, and other benefits.

 

But migrating resources to the cloud and/or surrendering control of management and provisioning tasks to third parties means that businesses can lose sight of how their networks are actually being used, and even of what’s being used. So it’s essential to regain the initiative in determining and governing how applications and infrastructure are utilized.

Cloud and Shadow

While infrastructure and application provision may be part of an officially sanctioned cloud deployment, even this may not be enough for some within an organization. A perceived lack of efficiency or responsiveness on the part of IT, or a failure to appreciate the intricacies of other people’s jobs still drives many to seek out online tools and applications beyond the enterprise firewalls.

 

“Shadow IT” remains an issue, with a Blue Coat Shadow Data Report of 2016 concluding that a typical organization may use up to 840 separate cloud applications – the vast majority of which are unsanctioned and often unsecured software used without the knowledge or oversight of internal IT divisions. That’s a lot of unmonitored applications.

Gaining Visibility

The challenge for administrators is to gain visibility into all aspects of the enterprise network – both within and outside the corporate data center and its formal security policies, protections, and controls – and to bring all applications and resources used by its members within a single administrative and security umbrella. This entails looking beyond SIEM and firewall logs to gain a fuller picture of application usage, cloud and network traffic and their implications.

 

Insight is required into all aspects of on-premises and cloud application usage, so input must be sought from stakeholders in all departments, and at all levels.

Automated Discovery

It can be a mammoth task, and one beyond the capabilities of even the most dedicated IT monitoring teams. So there needs to be some degree of automation – a cloud monitoring and security platform that automates the processes of analyzing log data from firewalls, network proxies, and SIEMs to detect the presence of all applications being used on the network, how they’re being used, and who is using them.

Cloud Policies

An enterprise-wide policy governing application and cloud usage needs to be put in place – a comprehensive regime that takes in security and guidelines for selecting applications, policies on data loss, incident response workflows, analytics, reporting metrics, and how these rhyme with an organization’s compliance status and overall business objectives.

Reducing Complexity And RedundancyMonitoring networks

Though redundancy is normally a good thing in networking terms, when it comes to the needless proliferation of unwanted software, duplication or even multiplications of functionality can quickly become a problem. So part of the network discovery and visibility process should involve locating instances where multiple applications or tools on the network are performing the same function – and which one(s) simultaneously perform their required function to within the parameters set by the enterprise and its mission, and conform to its policy-based security, compliance, and operational criteria.

 

This enables administrators to draw up a white-list of approved applications that may be deployed across the enterprise – and to exclude and/or penalize the use of superfluous others.

Widening The Risk Assessment

The porting of applications, user credentials, and potentially sensitive data beyond the network’s perimeter defenses opens these elements to the possibility of attack and infiltration. So a monitoring risk assessment for the enterprise needs to take in all aspects of cloud and mobile usage, account validation and activities, and the behavior of the users themselves.

 

Monitoring platforms incorporating machine learning algorithms and data analytics may be configured to spot anomalies in user activity that might indicate suspicious action or account compromise, and used to generate alert triggers or automatic suspensions of user accounts.

Analysis And Reporting

The evolution of the market has made available monitoring platforms that combine cloud application performance management (cloud APM or CAPM), behavioral and transactional analysis of user activity, network integrity, security monitoring and reporting functionality in a single portal. On the more sophisticated platforms, administrators can pull in feeds from cloud-based sources such as Microsoft Azure, IBM Bluemix and Amazon Web Services (AWS).

 

The caveat for network administrators is that these metrics should be compatible with those obtained from an organization’s physical network infrastructure, via standard protocols like IP SLA, or SNMP.

Some Things To Watch Formonitoring application performance lets you relax

Some Key Performance Indicators (KPIs) worth monitoring would include:

 

· Amounts of data sent or received across network interfaces

 

· Processor utilization within given time periods

 

· Credit usage, balances and charges accrued within specific billing periods

 

· System integrity checks concerning customer instances, system instances and system performance

 

· The length and number of Write operations for storage volumes

 

Administrators should be able to baseline and alert the metrics gleaned from all monitoring sources, and provide regular reports in formats compatible with the operational practices of the enterprise.

Des Nnochiri has a Master’s Degree (MEng) in Civil Engineering with Architecture, and spent several years at the Architectural Association, in London. He views technology with a designer’s eye, and is very keen on software and solutions which put a new wrinkle on established ideas and practices. He now writes for markITwrite across the full spectrum of corporate tech and design. In previous lives, he has served as a Web designer, and an IT consultant to The Learning Paper, a UK-based charity extending educational resources to underprivileged youngsters in West Africa. A film buff and crime fiction aficionado, Des moonlights as a novelist and screenwriter. His short thriller, “Trick” was filmed in 2011 by Shooting Incident Productions, who do location work on “Emmerdale”.


Posted

in

,

by

Tags: