Infrastructure Management Interviews network monitoring Network Troubleshooting Tech Windows Networking

Talking with SolarWinds’ Chris O’Brien

network Monitoring

Community monitoring and troubleshooting has advanced fairly a bit from the previous days once I used to scroll by way of countless occasions in log information or slap a Fluke on a cable. At this time’s enterprise networks typically take a hybrid strategy of mixing on-premises servers with on-line purposes and providers provisioned from the cloud. And with quickly altering enterprise necessities and the necessity for companies to turn into agile, software-defined networking (SDN) has been reworking enterprise networking even additional by separating the bodily community from its logical overlay. How can one greatest monitor at the moment’s enterprise networks so as to keep optimum efficiency and have the ability to resolve issues once they happen? And the place is networking monitoring headed sooner or later as IT infrastructure continues to evolve? I just lately talked about this stuff with Chris O’Brien the Product Supervisor for SolarWinds Community Efficiency Monitor (NPM). Chris spent most of his profession as a community engineer. He joined SolarWinds in 2014 to assist construct the way forward for community monitoring.

MITCH: Thanks Chris for agreeing to let me interview you about your community administration line of merchandise over there at SolarWinds.

CHRIS: Positive factor. I really like speaking about community monitoring!

MITCH: Let’s begin off with one thing basic. There are numerous corporations within the community monitoring area. Might you give us a quick introduction to SolarWinds and what makes your organization totally different from the others?


CHRIS: SolarWinds was based in 1999 by two community engineers who have been on the lookout for higher instruments to do their jobs, in order that they constructed them. They targeted on constructing easy, highly effective instruments that simply labored. Seems, that’s a great method. Numerous individuals needed the instruments, in order that they created SolarWinds.

The founders’ engineering spirit runs deeply by means of the corporate. SolarWinds is, in some ways, the antithesis to conventional enterprise software program. As an alternative of getting to speak with a salesman to get a glimpse at a software, you need to use the web demo or obtain a totally practical trial. As an alternative of getting to undergo a protracted budgeting, quoting, and pitching course of that always includes golf, airplanes, and the CTO, most of our instruments may be purchased instantly with finances the engineer has discretion over. As an alternative of paying for in depth skilled providers to get the software up and operating, the instruments are constructed so engineers can do it themselves. This mantra of straightforward to attempt, straightforward to purchase, and straightforward to make use of is on the coronary heart of SolarWinds.

MITCH: From my conversations with IT execs who work each in enterprise environments and for cloud providers suppliers, it seems like software-defined networking (SDN) is turning into increasingly well-liked today. What’s the easiest way to watch SDN environments?

CHRIS: SDN is certainly getting extra fashionable, which is tremendous thrilling. I get requested about SDN at nearly each occasion I’m going to, and particularly at Cisco Reside! In consequence, I get to speak to a variety of people about how their SDN implementation goes, what works and what doesn’t, how they’re monitoring at this time, and the way they’d like to watch tomorrow. You’ll be able to consider SDN monitoring in two layers. The primary layer is the bodily layer. That is issues like ports, CPUs, RAM, energy provides, and community cables. It’s not glamorous, however your frames and packets nonetheless movement on these items of hardware and that hardware nonetheless has to work. The second layer is the logical layer; the SDN overlay. SDN organizes connectivity into logical elements that outline what on this bodily community is logically related. In Cisco ACI parlance, these are issues like tenants, EPGs, materials, and contracts.

SDN is certainly getting extra in style, which is tremendous thrilling. I get requested about SDN at nearly each occasion I’m going to

Each of those layers are tremendous essential. If both one fails, connectivity fails. You need to ensure you’re monitoring every one. We’ve had NPM clients coated for the primary layer for fairly a while now. In our newest launch, NPM 12.four, we added help for the second layer with Cisco ACI. We’ll question the SDN controller, which Cisco calls the APIC, by way of API to find and monitor the logical layer. No matter what monitoring answer you’ve got, be sure each layers are coated!

MITCH: Using public cloud providers and implementing hybrid cloud infrastructures has introduced many modifications in the best way most companies and organizations “do IT.” How does utilizing the cloud change how community monitoring is completed?

network monitoring
CHRIS: Yeah, most IT outlets as we speak should cope with each on-prem and cloud infrastructure. By nature, you have got much less entry and management over cloud infrastructure. That is each good and dangerous. To the extent that the infrastructure runs nicely with out your fixed consideration, it’s nice. When it doesn’t, you’re a bit caught. The purchasers I speak to inform me they’re chargeable for their IT providers no matter the place they’re. This makes the shortage of management and even easy visibility fairly painful throughout an outage.

We’ve been considering rather a lot about this over the previous couple of years. Each Amazon and Azure have APIs to question monitoring details about that infrastructure. SolarWinds Server & Software Monitor (SAM) helps each. Brokers can nonetheless run on VM-based IaaS, which may be mixed with the API knowledge for a extra full image. This can be a massive change vs. predominately WMI-based monitoring of Home windows machines and SNMP for Linux/Unix.

The community aspect presents a unique problem. Cloud environments supply close to zero visibility into their community infrastructure. That is true for SaaS apps, IaaS, and the service suppliers which might be your transit to them. Traditionally, traceroute was the go-to software to research these types of issues, however it isn’t allowed by means of most firewalls and doesn’t work with multipath, which is a lot of the web at present. To attempt to clear up this drawback, we constructed our personal implementation that makes use of a packet driver to create packets and take heed to responses. That’s what powers NetPath, a function in NPM that discovers the community path out of your supply to any community vacation spot, native or distant, your gear or another person’s, together with hop-by-hop efficiency. We’ll should hold arising with new applied sciences like this because the infrastructure modifications.

MITCH: Are there some other tendencies do you see occurring in community monitoring?

CHRIS: Sure, two: consumer focus and API polling.

It’s turning into clear that our business has been too targeted on the infrastructure and never targeted sufficient on the consumer. It’s pure, since we’re all geeks. I like watching the lights on a 300-pound chassis change as a lot as anybody. If I’m trustworthy, a part of why I turned an engineer is that I might moderately work together with computer systems than with individuals. Nonetheless, the aim of the community is connecting customers to apps, and that has to turn into a much bigger a part of how we decide whether or not the community is offering good service or not. There’s numerous methods to do that. You don’t have to purchase a product to do it. It’s principally about mindset. What do your customers care about? What does good efficiency seem like for them? What does dangerous efficiency appear to be? How are you going to measure it? The S in SLA is service, not infrastructure. Take a look at NetPath for a great instance, however once more, this can be a mindset shift greater than a tooling change.

It’s turning into clear that our business has been too targeted on the infrastructure and never targeted sufficient on the consumer. It’s pure, since we’re all geeks. I like watching the lights on a 300-pound chassis change as a lot as anybody

SNMP has offered a ton of visibility into methods for a very long time however is getting lengthy within the tooth. SNMP just isn’t notably dependable, isn’t good at sending bulk quantities of knowledge and helps very restricted interplay. NETCONF is nice, however I’m simply not seeing the adoption amongst producers for it to be as helpful because it might be. API is beginning to take maintain. Within the final couple of years, we’ve spent extra time constructing API-based monitoring than SNMP. API is much less persistently carried out and tends to be complicated. In the long run, we get the info wherever we will, whereas considering via efficiency, scale, safety, and energy required from the consumer. It’s turning into extra typically the case that API is the best method to get the info.

MITCH: I’ve observed that SolarWinds talks so much about community perception. What’s that precisely?

CHRIS: The networks of 10 or 15 years in the past have been predominately switches and routers. In case your switches and routers have been operating properly, you have been doing all of your job as a community engineer. In the present day, that isn’t the case. Superior community home equipment like firewalls, load balancers, WAN optimizers, and net proxies are sometimes run by the community group and supply completely essential community providers. Sadly, most instruments, together with SolarWinds instruments some years in the past, solely know easy methods to do a very good job at monitoring routers, switches, and extra lately, wi-fi gear. The info that you must perceive the well being and efficiency of a router or a change is just not the identical knowledge it’s essential perceive the well being and efficiency of a firewall or a load balancer. Including one or two metrics gained’t repair that. It’s a must to take a look at the position the gadget performs within the community and ask how one can measure the units’ efficiency of that position. Community Perception strives to try this deep dive, from-the-ground-up monitoring for these underrepresented units. It’s time-consuming, however we’ve thus far launched Community Perception for F5 LTM and GTM, Community Perception for Cisco ASA, and Community Perception for Cisco Nexus. We now have much more work to do!

MITCH: Many community and system directors nonetheless wrestle lots with alert fatigue. What might be finished to assist alleviate this situation?

Network monitoring


CHRIS: The very first thing to do is step again and understand this can be a human drawback. It’s not simply your workforce’s drawback or simply an IT drawback. We see alert fatigue in hospitals, as an example. Even when human lives are in danger, noisy alerts may cause alert fatigue, which can trigger people to disregard alarms. If people can’t deliver themselves to all the time take note of noisy alerts when a human life is in danger, you’ll be able to guess they will’t do it for community infrastructure! You need to level-up the standard of your alerts. There was a number of nice materials written and introduced on this topic, so I’d recommend performing some on-line analysis. Nevertheless, I can present a framework that will help you break down the issue. Alert fatigue is brought on by too many alerts and alerts which might be exhausting to eat. Too many alerts could be fastened by solely sending actionable alerts (no informational alerts!), decreasing methods that produce a disproportionate variety of the alerts, and introducing redundancy that makes pressing alerts much less possible. Alerts which are arduous to eat may be fastened by including contextual info to the alert, automating remediation steps, and ensuring alerts present a transparent rationalization of the issue. There’s much more to be stated right here, however as you break the issue into smaller items, it turns into simpler to provide you with concepts on how one can enhance.

MITCH: Only one extra query for you. Should you might give one piece of recommendation to individuals on how they will enhance their community monitoring technique, what wouldn’t it be?

CHRIS: It took me years and years of being a community engineer to understand that there isn’t any good community structure. Each design has strengths and weaknesses. The identical holds true in monitoring. The most effective performing monitoring environments I see use a mixture of polling, artificial probing, actual consumer monitoring, and occasions. For instance, actual consumer monitoring will get you knowledge that’s extra reflective of the consumer expertise, nevertheless it doesn’t have the consistency of artificial probing. Artificial probing tells you when efficiency degradation happens, however not the place the basis trigger is. Occasions provide the most well timed info, however not a number of context. Use every of those applied sciences to realize what that know-how is greatest at.

MITCH: Chris, thanks very a lot for giving us a few of your helpful time!

CHRIS: Comfortable to! Thanks for having me.

Featured picture: Shutterstock

Submit Views:

report this advert

Learn Subsequent