DATA IN FLIGHT
analytics are also uniquely suited to the demands of
emerging IT architectures.
Stream for scale
In the 35 years since Ethernet was created, it has increased
its speed by no less than four orders of magnitude. That is
a staggering acceleration of scale and it’s speeding up. Ten
years ago 10 GbE was just starting to gain a meaningful
foothold. Now, we’re looking at 40 GbE and 100 GbE
speeds.
The traditional way of monitoring network traffic has
not kept up. While reading packet captures was feasible
when using 1 Gbe, it’s insurmountable on 40 GbE. A 40
Gbps network produces over 400 terabytes of data-inmotion per day. Beyond the incredible cost of capturing
and storing that volume of data, sorting through it
retroactively is incredibly inefficient. If you’re looking for a
particular piece of data, you might as well be looking for a
specific snowflake in an avalanche.
Stream analytics provides real-time analysis of all
of that data at scale, while it’s in motion. Rather than
storing terabytes of data every day, the key information
can be surfaced as it happens, dramatically improving
response times and enabling proactive measures to arrest
performance issues before they can impact end users.
Stream for complexity and dynamism
Speeds and feeds are not the only forces at work. Server
and application virtualisation, software-defined networking
and cloud computing are also catalysts for IT change,
reshaping how infrastructures are architected and
resources are delivered.
These distributed architectures are making it
increasingly difficult for IT teams to keep their arms
around what’s happening in their environment, how
applications and systems are performing and its
impact on end-users. The common denominator across
SDN, virtualised, cloud, and traditional on-premises
environments is data-in-motion. Applications and systems
running in these environments are all communicating with
each other and understanding the interrelationships and
interdependencies is a matter of analysing that data.
Stream analytics can provide critical, cross-tier insight:
consider software-defined environments. While SDN can
dramatically simplify the provisioning of network services, it
also divorces applications from dedicated infrastructure and
it can leave IT operations teams blind to what’s happening
in terms of performance, availability and security.
By analysing the data-in-motion, IT teams have
uninterrupted visibility into application, network, and
infrastructure performance. This allows them to make
better decisions when migrating workloads across hosts,
to measure baseline performance before and after
application migrations, and it can help to solve problems
early and before they can impact end-users.
Stream for security
According to a report from Kaspersky Labs, in 2015
ransomware attacks doubled and ransomware programs
were detected on over 750,000 computers of unique users.
In the same time period nearly 200,000 computers were
targeted by encryption ransomware. And ransomware is
just the latest hot topic in security. Over the past few years,
vulnerabilities like Heartbleed and Shellshock along with
high-profile data breaches of major companies across all
verticals and geographies has put information security into
the spotlight.
It’s becoming increasingly clear to all involved that
securing the perimeter is an exercise in futility. You have
to assume that malicious actors are already inside your
network and then act accordingly.
Analysing data-in-motion offers a promising new
approach to mitigating or preventing attacks. Stream
analytics can help IT and security teams to baseline
normal behaviour across the entire environment, enabling
them to spot anomalous and potentially malicious
behaviour early on in its cycle.
The real-time approach of stream analytics also allows
information security teams to track bad actors as they
move through the environment. In the case of ransomware,
IT teams can track irregular NAS activity from the client
machine or a user through the entire application delivery
chain. Armed with that insight, IT and security teams
can spot potential breaches early and proactively isolate
sensitive assets before they are attacked.
Actionable insight
Stream analytics is on the cutting edge of transforming
data-in-motion into actionable insight for both IT and
business. While many of these technologies are currently
immature, growing demand for effective real-time
analytics of massive data sets, such as that which is
traversing the IT infrastructure is going to accelerate the
state of the art. As stream analytics matures, it will be
exciting to watch the emergence of use cases around datain-motion. n
www.networkseuropemagazine.com
19