Fine-tuned control

During the long wait for IPv6, network monitors help keep systems'and applications'in line

Network managers have become experts at squeezing blood from a stone. That stone is TCP/IP, or Internet Protocol Version 4.

Some federal networks have begun to move toward IPv4's successor, IP Version 6, but public networks are still tied to the IPv4 stone and all the limitations that come with it'security risks, absence of quality-of-service guarantees and a shrinking pool of addresses, to name a few.

Adding to the pain are a host of new applications now commonplace on local, wide area and shared networks'such as the Internet'that have vastly different requirements for bandwidth, latency and data integrity. They include voice over IP, streaming and live video, Web services and service-oriented application architectures.

'There's much more of an application focus' in network monitoring, said Tim Lee-Thorp, vice president of marketing for RouteScience Technologies Inc.

And as networks become increasingly complex, the task of monitoring and managing network performance has done the same. 'What's traditionally been a network management and security infrastructure, without a lot of business context to it, has got to change,' said Mike Dunbar, director of federal operations for Securify Inc.

At the most basic level, network monitoring tools are pretty much the same. Most of them passively monitor the traffic on a network, logging every packet that passes by. Some supplement this approach with agents that send back performance data from remote systems.

What differentiates these tools is what they do with the data once they have it.

Network monitoring software is evolving and merging with other management tools, such as network and application performance management tools and network hardware management software.

At a minimum, the latest generation of tools has added a layer of intelligence on top of the packet-sniffing approach, giving IT decision-makers the information in real time they need to get to the heart of application problems.

In some cases, the tools go further, providing the work-flow mechanism to get changes going or even make adjustments to the configuration of the network itself.

The evolutionary goal of these advances: 'self-healing' networks that shape network traffic to guarantee that applications don't fail, and that badly-behaving or malicious applications don't bring critical systems down or expose sensitive data.

Network sniffing

ClearSight's tools are an example of network sniffing technology taken to its logical conclusion. They passively collect packets crossing a network and reassemble them, letting a systems manager recreate application sessions.

Bill Berkman, vice president of marketing for ClearSight Networks, said ClearSight's software can tap into VOIP sessions to help users troubleshoot problems with live calls. For Oracle or Microsoft SQL Server applications, 'you can actually see the table query event ... and the resulting table.'

Securify's SecurVantage products'used by the Navy to help manage the transition to the Navy-Marine Corps Intranet and by U.S. Central Command to manage battlefield networks in Iraq'provide a look deep into network packets and reconstruct data for analysis.

Dunbar said Securify's software 'automates the reassembly of information, and analyzes it against business requirements. You can measure in real time network health and compliance to standards, and go from being reactive to being very proactive.'

Securify's software uses a distributed set of network sensors, which Dunbar describes as 'sniffers on steroids.' The software checks collected data against models of the expected behavior of the network, derived from policies set by IT managers.

RouteScience Adaptive Networking Software combines monitoring with rules-based configuration to keep networked applications up and running.

'We are watching latency, packet loss and jitter on networks, the three basic parameters that determine a network's health,' Lee-Thorp said. 'But if you ask how much jitter is allowed on a network, the answer is different for every application.'

While ANS's core software can automatically reconfigure the network to correct or prevent WAN problems, it also has a set of monitoring tools for each type of application. Managers can get a quick scorecard on the quality of the delivery of those applications.

'We've delved into the kind of network services different applications require,' Lee-Thorp said. The results have been packaged as five optional application modules: enterprise server applications, Web applications, VOIP, real-time media such as video conferencing, and streaming media.

To some degree, these emerging software products are merely stopgap measures while the world waits for IPv6. The lucky few who are already running on IPv6 networks don't need to worry about things like quality of service, traffic prioritization and authentication.

'We have those sorts of capabilities built into our backbone,' said Lloyd Kiltz, director of technical sales for network provider Verio Inc., which offers the only currently available commercial IPv6 backbone.

'The future is firmly in the hands of IPv6,' Kiltz said. Until then, tools such as the ones in this guide are necessary to keep your network on track.

S. Michael Gallagher, a Maryland network manager, writes about computer technology.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above