Page 7 - index
P. 7
Network Performance Monitoring and Diagnostics (NPMD):
Why DPI Is Essential
By Scott F. Robohn, Director Solutions Architecture and Engineering, Procera Networks
2014 marks the first year that Gartner has released a magic quadrant report for Network
1
Performance Monitoring and Diagnostics (NPMD) – a strong indicator of this market’s
increasing importance—valued at approximately $1 billion. The authors of this Gartner study
note that the number of technologies and services that must be supported is constantly
increasing. Multiple, new applications appear every day for mobile and desktop users and
devices, along with the control protocols that run behind the scenes to make those
applications work. New versions of these applications also roll out constantly which include
changes in their behavior making them difficult to identify. We also expect increased use of
automation as software-defined networking (SDN) and network functions virtualization (NFV)
increases to grow in prevalence, feeding into the volume and complexity of the growing pool
of available applications. [this sentence doesn’t make sense]
As a result of the steady increase in applications and protocols the NPMD landscape will
continue to become increasingly complex for the foreseeable future. Application identification
via Deep Packet Inspection (DPI) is needed to address this rise in complexity so that NMPD
tools can keep up with the ever-changing application landscape.
The NPMD market itself has evolved as a result of the increasing intricacy of today’s
networks. NPMD tools provide the ability to detect, identify, and prevent issues related to the
many applications traversing the Internet and the networking devices and appliances that
are the Internet’s physical infrastructure. These tools drill down using various analytic and
diagnostic applications to monitor the components in a network with the goal of reducing
outages, providing troubleshooting information when incidents occur, and optimizing
performance.
IT professionals have utilized a number of tools over the years to troubleshoot their
networks, but these primitive, reactive solutions have lost their efficacy due to the network’s
evolution. To be useful in the modern environments, NPMD tools must now have built-in
application intelligence to take a more proactive approach and to provide better identification
of new apps as they appear in the network.
So how are NPMD tools advancing to meet these new requirements?
NPMD tools leverage three key technology areas to accomplish their objectives: SNMP
polling, flow-based technologies, and packet-based technologies. SNMP polling was a useful
first-generation element management technology, but it has significant limitations in that it
requires explicit support of the SNMP protocol, SNMP polling itself can have an impact on
resource utilization on managed network elements, and it was never designed to provide a
detailed real-time view of application traffic. Flow-based technologies (NetFlow, Jflow, Sflow,
IPFIX, and others) can provide more timely information, but they were designed to provide
summary information, often taking a traffic sampling approach, and can also cause resource
7 Cyber Warnings E-Magazine – August 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
