On Monitoring Uncontrollable Networks

Austin Woods -

Due to the reliance of the modern economy on Internet traffic and its proper facilitation, it’s only logical to think about networks that you do not or cannot control.

This lack of control would naturally be a “weak point” in such a company’s flow of business and, in one example, could lead to efforts in measuring the outbound traffic being delivered from data centers via various Internet Service Providers (ISPs) - the companies we, as customers, give payment to in exchange for access to the internet.

But what about attempting to fully understand the impact of external networks and services from the direct point of view of your customers? Your users rely on a domino chain of providers including DNS, CDN, DDoS mitigation, and Internet Service Providers (ISP’s) to get to your site.

So how exactly can you determine the performance of these providers? Since all of the above providers are multi-tenant and always on, what happens to your site’s performance if some other customer of your DDoS mitigation provider is getting battered by an attack - will your users suffer too? What if DNS response time goes from 20 ms to 250 ms? Who do you go to when the problem is happening somewhere “out there”? You need to know the answer to these questions, from the perspective of all of your customers, no matter where they are.

You can’t use passive network monitoring data to answer these questions, simply because you can’t collect flow, pcap (Packet Capture), or SNMP (Simple Network Management Protocol) data from networks that you don’t control. Even APM (Application Performance Management), as wonderful as it is, has a limited ability to give you true insight into the root causes of network issues.

This is a hard lesson for any corporation. For instance, think about the havoc this lack of ability to determine root causation in network issues could cause a major bank. Imagine for just a moment what it would be like if users couldn’t access their online banking site after multiple attempts. Most online banks utilize APM tools, but these are hard-pressed to glean any true insight from because the problem - in most cases - isn’t the website code or internal infrastructure.

In these cases, when you can’t effectively collect passive data, just call Path Network!

In our experience, we’ve found that there a few key requirements for effective network monitoring:

  • You need the perspective of every user. A user could be someone in an office or at a remote location. A user could also be a microservice sitting in a datacenter, AWS (Amazon Web Services), Azure, or GCP (Google Cloud Platform).

  • Applications and networks are equally important. When you’re dealing with networks and services that you don’t own or control, you need both sets of data, and the ability to visually correlate the two. Singular performance indicators analyzed separately are not particularly insightful and certainly not too helpful in the real world.

  • You need all of the application and network measurements continuously analyzed together. In addition, you don’t want your Tech team doing that in their heads, Excel, or on paper. Correlative analysis needs to be adaptive, visual, and shareable in order to be helpful. It is imperative to utilize this sort of visual data to get both internal and external teams to act together to solve problems and optimize service delivery.

You may not own many of the networks, applications, or services that your business depends on, but that doesn’t mean that you escape responsibility for the delivery of services. In-depth network analysis will help you mitigate the large “weak point” that network issues can rise to become.