White Paper: Reduce the Headaches of Infrastructure Change in 5 Easy Steps

No matter how well prepared you are, managing change in the network infrastructure can be a bumpy process. There are many infrastructure changes that can cause significant problems for an organization if they are not appropriately planned, implemented, and supported with the right practices and technology. But “infrastructure change” is a very broad term that encompasses a wide range of activities and challenges.

Following are just a few examples of projects that require infrastructure change with some common challenges highlighted:

Virtualization – It is difficult to have a clear understanding of who is accessing computing resources such as disk arrays or virtual machines in a virtualized environment.

How do you:

Ensure that network and application traffic is sufficiently distributed so that no single section of the infrastructure is overloaded, especially at certain times such as end of quarter or overlapping time zones?

Protect these systems against internal security breaches?

Optimally schedule change windows? ?

Voice/data convergence – Adding a response-time-sensitive and business-critical technology such as VoIP to the network infrastructure requires an understanding of critical information about the network that can be very difficult to get.

How do you:

• Ensure that all VoIP traffic is running across the dedicated VLAN?

• Know whether other applications running with the VoIP are creating congestion that affect VoIP call quality?

• Know whether performance of other applications has suffered since the VoIP was deployed?

Data center migration – Most organizations will need at some point to relocate, consolidate, expand, or segment their data centers due to growth, mergers and acquisitions, or other organizational change. This can be extremely challenging.

How do you: :

• Know what applications will be affected?

• Know which users will be affected?

• Identify all the services that are in use within the current infrastructure?

• Identify how applications are used to ensure that prioritization maps to actual business usage?

Disaster recovery planning – In order to develop an appropriate disaster recovery plan that will allow for a business to continue operation in the event of a serious
disruption.

How do you:

• Know which applications are the most important to the business and must be able to transition to the backup sites?

• Understand which services (DNS servers, DHCP, etc.) those applications require to function properly at the backup site?

• Know which applications are used but will not be supported during the disaster recovery process?

• Understand the bandwidth usage for each application – especially in cases where hot sites are distributed – as opposed to aggregate bandwidth data?

• Monitor post-transition any resources, users, and dependencies that did not make the transition or are not behaving as expected?

New application rollouts – Rolling out large applications – such as CRM, ERP, SFA, HER, etc. – is challenging to ensure that the application functionality is made available
to the users who need it without creating adverse affects on the network infrastructure.

How do you:

• Understand pre-deployment who uses which services and components of existing applications?

• Quickly identify post-deployment performance or availability issues?

• Understand who consumes the application's resources and when they are consumed for tracking and future planning?

No matter how your infrastructure is changing, your goal is to optimize the planning and minimize the disruption for the change. All of the challenges outlined above can
be addressed, but to do so you need to know what is happening on your network both now and historically, what is typical, and who or what could be affected by the
change. This kind of holistic visibility is critical in order for you to make the best business
decisions possible.

There’s a Gap in Technologies
One area where many organizations struggle is finding the right tools and processes to gain a holistic view of activity across the entire network. While there are many
tools and approaches on the market today, most suffer limitations. Many tools provide visibility in areas where they are physically connected and for specified conditions.
Link-based solutions provide only a piece of the picture. Fault-driven technologies are “noisy” and focus on alerts and snapshots. In addition, deployment of many of these
solutions requires a costly array of agents, probes, or inline devices that ultimately increase the complexity of your infrastructure. Other technologies work very well for
specific tasks but can't effectively be “stretched” to watch the wire, not just the end points. Similarly, troubleshooting tools (e.g. protocol analyzers or IDS/IPS) are effective when you know what you are looking for and where it is likely to be found; they won’t, however, show you what happened before an event occurred that precipitated
the problem.

To fill the gaps, you need a technology that lets you understand the activity of users, applications, hosts, and devices across the entire network and answer any question
about who, what, where, when, what’s typical, and what’s changed.

Network Behavior Analysis Fills that Gap
The Yankee Group defines Network Behavior Analysis (NBA) as systems that “take information from existing network devices about how endpoints are using the network
(where they go, what they use, typical traffic, etc.).” NBA systems analyze network traffic data – such as NetFlow, cFlow and sFlow – from routers and switches
throughout the network. The system builds a profile of the behavior of systems, users, and applications inside the network and continuously monitors their activity,
alerting operations teams of security events, performance issues, and policy violations.

The Mazu NBA system provides continuous global visibility into how users, applications, hosts, and devices are behaving on your network, and tells you how their current
activity differs from their typical behavior. You’ll optimize network operations, secure your internal network, and maximize application availability because you’ll
always know what’s happening on your network: who’s talking to whom, what applications and services are running, where the traffic is flowing, and if there are any
meaningful changes that indicate a network issue, security threat, or application problem.

Mazu collects this information across any, or all, of your network using a passive, agent-less deployment model that delivers immediate value. The data is stored in Mazu’s Network Intelligence Database,including both real-time and historical details. With this always-on, global view you'll understand usage patterns, consumption rates, and dependencies between users, applications, and network infrastructure.

This dramatically reduces the time to troubleshoot network and security issues and provides critical information for accurate planning and impact analysis.

Before you make any changes, it is important to understand the current environment. This is usually a piecemeal process with data gathered from inventories, old project plans, and interviews. Even if you can construct a complete picture, it will reflect what you think the current environment looks like, not what is actually happening.

Mazu can easily and quickly provide you with a complete inventory of all applications running and with current and historical profiles that include bandwidth, use, and dependency information. This inventory helps you:

• Identify undocumented applications – Unauthorized applications can be eliminated from the infrastructure. Authorized but undocumented applications can be incorporated into the planning process to reduce surprises during deployment.

• Understand activity on the network – Identify the route path of network activity. Understand the dependencies on the network. Understand bandwidth consumption. Identify which application resources are being used and by whom. See which ports and protocols your applications use and how different applications, ports, and protocols interact with each other in real time. Identify servers, hosts, and clients who are generating abnormal levels of traffic and identify whether that traffic is related to a security breach. Compare your current application architecture library to how the applications are behaving.

• Uncover trends – Understanding bandwidth usage over time, who consumes applications, and consumption fluctuations over time gives planners more complete
  information to incorporate into the process to build in appropriate thresholds.

2. Pre-Change Planning: Real-Time and Historical Information for Better Change Planning
Once you understand the current environment, you want to ensure that you have a complete plan to get you where you need to go and that you understand what it will look like when you get there. Mazu provides you with the information you need to:

• Perform a gap analysis – A gap analysis helps you evaluate what needs to be done and can uncover important requirements. Mazu shows you what you have, who uses it, where it is used, and how it is used, and the dependencies.
  You can then compare this information to the plan and identify the gaps that need to be filled.

• Perform impact analysis – Once you've identified your plan, Mazu can show you what the impact of implementing that plan will be on the network. This
  helps minimize unintended consequences during deployment.

• Uncover trends – Understanding bandwidth usage over time, who consumes applications, and consumption fluctuations over time gives planners more complete
  information to incorporate into the process to build in appropriate thresholds.

3. Change Deployment: Minimize Deployment Disruption
Even the most carefully planned changes can cause unexpected problems such as network slowdowns and interruptions in service or application availability. Mazu
enables you to minimize these problems by comparing current behavior to historical norms. As the deployment is underway, Mazu can evaluate how users, applications,
servers, etc. are currently operating and compare that to historical norms to flag problems. This enables the deployment team to proactively identify a problem
rather than having to rely on users’ complaints. In the event that a problem is identified, Mazu helps isolate the problem and identify solution areas by providing
information about what led up to the disruption, who is affected, and what applications/systems/hosts are involved. Mazu delivers time savings throughout the
deployment process; being able to quickly identify behavior changes, understand why the behavior changed, and verifying that a problem has been resolved helps
reduce the time needed to resolve issues.

4. Post-Change Monitoring and Support: Accelerate Problem Identification and Resolution
Ensuring performance and availability beyond the deployment is necessary for ongoing support. To do this, you need to be able to quickly detect problems, identify
root cause, formulate and implement a fix, and verify successful resolution. This acceleration allows IT staff reduce the time needed to resolve critical business problems related to infrastructure change planning and deployment.

• Identify meaningful changes – Mazu continuously monitors the current network activity against typical and expected behavior. Mazu identifies meaningful changes enabling you to act quickly to resolve any issues before they have a serious operational or security impact on the environment.

• Identify root cause – Because Mazu shows you not just what happened at the time of the problem, but what activity and behavior led up to it, you have important information to help you determine the root cause of the problem.

• Formulate and implement a fix – Once the root cause has been identified, you can formulate an appropriate response. Mazu’s impact analysis capabilities
  enable you to identify who is affected to ensure that your response doesn’t create unintended consequences. This also enables you to be proactive and helps prioritize resolution actions during a large or complex event.

• Verify success of fix – After the resolution has been implemented, you can ensure that network activity is back to normal.

5. Post-Change Monitoring and Support: Improve Support Capabilities and Reporting Metrics
Ongoing support and appropriate reporting metrics are necessary to ensure that the IT environment keeps pace with the requirements of the business and to improve
planning for the next iteration of the infrastructure change.

• Create and enforce policy – With the continuous global visibility Mazu provides into the behavior of users, applications, hosts, and devices on the network,
  you can develop appropriate access and usage policies. Furthermore, Mazu can alert you when violations occur, enabling you to not just develop policies but to enforce them.

• Reporting – Because Mazu collects and saves information about all the activity across the entire network, virtually any type of report can be generated for a variety of needs including measuring QoS metrics, capacity and usage analysis, planning, audits, just to name a few.

Mazu in Action
The network engineering team at a financial
firm is routinely notified of new applications
to be deployed. Unfortunately they often
receive these notifications just prior to the
deployment instead of during the planning
process. Since experience has shown that
new applications usually cause problems in
the operating environment, they try to delay
the deployment until they can model the
application. The modeling tools they used,
however, did not monitor availability or
behavior of an application after it has been
deployed. The IT department now uses
Mazu to “fingerprint” the relationship of the
distributed components of the applications
using rule-based events. If applications violate
the rules, the network team is notified.
This enables the group to more successfully
support the organization as it rolls out new
applications and services to users.

Print Friendly Mail a Friend Post Comment