EMA Blog Community Business Intelligence IT Management Security Network Management

As many readers know, my colleague Jim Frey, who leads EMA’s Network Management practice, released groundbreaking research on Application Aware Networking (ANPM) in Q3 of 2010 entitled, “Application Awareness in Network Performance Management”. A free summary is available at: http://www.enterprisemanagement.com/research/asset.php?id=1801.

While Jim was working on his report, Dennis Drogseth and I were doing parallel research on Application Discovery and Dependency Mapping (ADDM). Again, a free summary is available at: http://www.enterprisemanagement.com/research/asset.php?id=1897.

In my opinion, the two pieces tie together into a perfect “yin and yang”, as do the two technologies they cover. These are complementary technologies, and both are foundational for building the highly automated (and autonomic) management systems of the future.

This is such an important topic that I will discuss it in additional pieces and at greater length throughout 2011. This piece sets the stage with a discussion on what ANPM is, how information is gathered, and why it’s important.

In a nutshell, ANPM is the observer that uncovers the truth about transaction flows and application execution in production IT environments. As application management solutions evolve, it becomes the “glue” that stitches information about discrete technologies and server-bound execution into a “whole cloth” view of the IT ecosystem and the business services it supports.

According to Jim’s paper, there are four key types of technologies delivering application awareness:

1. Packet inspection delivers application visibility by analyzing information in network packet headers and packet contents (payload). Virtually any information passed between nodes, users, or applications can be analyzed, and the data can be used to recognize and monitor application and service use by user, allow detailed application transaction analysis, support detailed and definitive troubleshooting, and enable reconstructive/ forensic study.

2. Flow records are transaction records issued by network infrastructure elements that provide information regarding who is using the network, what applications and services are being used, and how well those applications or services have been delivered.

3. Passive and Synthetic agents are software elements installed on client systems or servers which observe and report traffic statistics including response times. Some generate test traffic in a variety of patterns to assess both availability and performance of specific applications or services.

4. Log file information is stored in syslog and application log files. They capture activities and events from various viewpoints within the network-connected infrastructure and are not typically considered to be primary sources of ANPM metrics, however they do provide data points which are complementary to the other three types of ANPM information.

The information gathered from ANPM solutions, when combined with increasingly sophisticated algorithms and analysis, will likely be a key enabler for the increasingly automated application management systems of the future. We are starting to see some of these capabilities now, and subsequent posts to this blog will talk about where ANPM fits in today’s application management landscape.