recommended reading

Fed Tech

Brought to you by: CDW-G

Sponsor Content What's this?

Why Agencies Rely on Network Monitoring Tools More Than Ever

Every agency’s IT staff needs a high-performing network to support its overall mission, and at the Defense Information Systems Agency, the stakes are often a matter of life and death. “War fighters would be negatively impacted if something goes wrong with our network,” says James Travis, division chief of DISA’s CyberNetOps Solutions Division.

This helps explain why DISA — like many government agencies — relies on sophisticated monitoring tools to optimize network performance. As the CyberNetOps division’s name implies, the responsibilities of Travis’s team merge network reliability with enhancing cybersecurity and developing real-time understanding of the overall IT environment.

“We need to immediately understand why a system starts to experience a spike in traffic that’s orders of magnitude higher than normal,” Travis says. “Otherwise, end users could see latency issues or a widespread network outage that would be catastrophic in a wartime context.”

Thanks to its extensive toolset, the division keeps its networks running reliably. “Our uptime has gone up dramatically,” Travis says.

Demand Increasing for Network Performance Monitoring 

The growing importance of networks in modern enterprises is spurring a nearly 21 percent annual growth rate for network performance monitoring and diagnostic tools, according to Gartner’s 2017 Magic Quadrant for Network Performance Monitoring and Diagnostics.

When choosing tools, IT managers have options from Riverbed, Cisco Systems, Hewlett Packard Enterprise, CounterACT, Red Hat and other vendors. These companies are rapidly evolving the applications into comprehensive suites that cover more than just performance monitoring.

“We’re increasingly seeing security as an important use case,” says Shamus McGillicuddy, senior analyst at Enterprise Management Associates. “Some performance monitoring tools apply analytics to identify behavioral patterns indicative of security threats.”

For example, if an agency website suddenly sees a traffic spike from overseas servers, network administrators can alert the security team to a potential denial of service attack, he explains.

For his part, Travis declines to identify the commercial monitoring products used to manage, sustain and operate the Defense Information Systems Network, a sprawling communications infrastructure that connects DOD sites worldwide with nearly 25,000 miles of fiber cabling. But he notes that hundreds of thousands of software agents run status checks on the network’s individual servers and routers, as well as on virtual circuits associated with videoconferencing and classified Voice over IP calls. The agents are part of a system that helps administrators forecast impending network failures, according to Travis.

“We see when performance is starting to degrade so we can fix problems before they affect customers,” he says. The monitoring tools also watch traffic flowing through internet access points for a private DOD network segment and the public internet. “Our tools let us segregate war fighting and non-war fighting capabilities and then deliberately slow the throughput of packets for non-mission-critical applications, if necessary,” Travis says.

The Transportation Department also uses a host of performance monitors to help the IT and cybersecurity teams boost network performance, resiliency and security. “As DOT began to move more of its applications to the cloud, we wanted to see the impact on end-user experience at our field sites and data centers,” says Kristen Baldwin, the department’s deputy CIO.

Keepign Network Configurations Up to Date 

Monitoring tools also provide IT leaders an accurate inventory of all devices attached to the network. For example, Richard McKinney, the Transportation Department’s previous CIO, reports that Riverbed’s SteelCentral suite of products revealed software on the network that had outdated patches and other security issues. The tools also discovered roughly 1,000 devices — about 200 more than administrators expected — communicating with the agency’s networks, he said.

Going forward, the tools will continue to keep DOT abreast of any devices with obsolete configuration files and operating systems. “We are able to identify gaps in inventories, identifying unknowns, and audit configuration files against the department’s security policies and industry best practices,” Baldwin says.

An in-depth view into DOT networks is helping the agency plan for future changes, including data center consolidation and optimization, a transition from IPv4 to IPv6, more cloud services and heightened cybersecurity.

“The department realizes the criticality of accurately understanding the architecture of our current environment in order to optimally plan for the future target architecture,” Baldwin says.

A Cure for Data Overload

The Department of Veterans Affairs ensures security compliance and required IT service levels using a variety of monitoring tools from Riverbed, NetScoutSolarWindsSplunk and others.

“In the past at VA, there were many logs and fault and performance metrics being collected that ultimately overwhelmed IT staff,” says Tatjana Christian, a department spokeswoman. “The lack of clearly-defined requirements on how the data would be utilized was the primary culprit for data overload.”

With this approach, if performance degrades, network monitoring tools are helping the agency comb through massive volumes of data to quickly determine if a network or server delay is contributing to the problem.

Some of the tools also help the agency apply standard metrics for reporting on asset management and security compliance. This is improving decisions about traffic prioritization and capacity planning, and aiding problem resolutions, Christian says.

“The tools allow IT professionals to perform trend analyses on key performance metrics, such as bandwidth utilization, which ultimately assists in defining the future design of the network,” she adds. “Understanding today’s network will help the VA ultimately answer questions like when migration to the cloud will be most appropriate.”

HOW TO GET MORE FROM NETWORK MONITORING

Here’s a checklist to ensure you’re getting the most out of your network performance monitoring tools.

  • Look for consolidation opportunities. An integrated suite of monitoring capabilities can replace multiple, single-purpose tools and their data aggregation issues.
  • Stay alert to underlying challenges. For example, workload encryption and acceleration technologies add complexities that make it difficult to isolate network performance issues.
  • Technology alone won’t ensure success. Develop teams that blend technical and business expertise to tie monitoring to mission goals, develop key performance indicators, and update requirements.
  • Choose solutions that can tame data overload. Look for applications that summarize real-time performance in clear dashboards, and archive data so leaders can chart ongoing performance trends.

This content is made possible by FedTech. The editorial staff of Nextgov was not involved in its preparation.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.