Datacenters have become a critical element for ensuring the continuity of business processes in the last 10 -15 years, especially for organizations with extensive IT infrastructure and a broad number of heterogeneous structures. The constant growth of complex IT infrastructures dependence exposes companies to significant risk, however, difficult to manage without adequate tools and skills. Cisco recently launched a Tetration Analytics platform, which is able to provide visibility into the entire infrastructure of a datacenter and provide actionable information to improve operational efficiency and security.
A specialized American institute (Ponemon) analyzed the performance of 63 data centers in terms of unplanned downtimes, whether partial or total and concluded that they generate more and more damages with a greater impact on the entire business. According to the analysis, the average value of the damage caused by an unplanned downtime in a datacenter is approximately 740,000 dollars based on 2016ststistics, up with 38% than the estimated value in 2010, when the first Ponemon benchmark was conducted. The medium downtime interval is about 95 minutes – 64 minutes for partial downtimes and 130 minutes for the total ones.
To estimate the amount of damage resulting from datacenter downtime, the quoted experts analyzed eight categories of costs associated with the measures adopted by companies:
- Detection Costs – generated by activities associated with discovering the downtime cause and their subsequent investigations;
- Containment/stop Costs resulted from taking preventive measures against the expansion and worsening of the situation by disrupting a greater number of processes;
- Recovery costs deriving from restoring the infrastructure and principal systems that are still functioning;
- The business costs – indirect damages that cannot be directly quantified financially, but have the highest value, such as missed opportunities; low level of customer satisfaction; increasing their loss risk; image altering in front of partners, etc .;
- Costs for equipment, resulting from the acquisition of new equipment and/or repair of damaged ones;
- Costs across the IT department- downtime generates a decrease in productivity and additional expenses with the IT team;
- Costs associated with lost productivity of end-users;
- Related Costs – costs with contractors, consultants, and specialists that are addressed to remedy the downtimes.
The most affected industries in terms of damage caused by downtime are: banking and financial services; Communications, health, commerce, and the research industry. (The last three positions are occupied by HoReCa, Media, and Public Sector.)
Downtime loss can be limited by a proactive approach put into practice with the help of monitoring tools and the analysis of the data centers infrastructure. The effort for this action is consistent, and until this year it didn’t exist a unique system capable to collect information from the entire ecosystem of a Data Center and analyze large volumes of data in real-time.
Organizations that have dropped the reactive strategy use several disparate solutions (VMware virtual environment management, Docker management of the containers, etc.) or trying to develop their own applications centered on a specific technological area. Such approaches have limited coverage but are not correlated and offer low visibility on datacenter infrastructure, especially the behavior of applications and how they interact with each other. The end result – screening processes and elimination of downtime causes still have low efficiency, being slow, complex, and costly.
Cisco has recently come up with a new way of addressing these challenges, based on a coherent and unitary approach embodied in the Tetration Analytics platform. Cisco platform is able to collect millions of information from the entire infrastructure across the data center and to analyze them, delivering the following immediate results:
- Provide IT managers’ with extended visibility of the Data Center, allowing them to understand the interdependencies between applications;
- Streamlines operational processes to prevent and eliminate downtime, detecting quickly the causes and the side effects;
- Simplifies the replacement and migration of their applications in the Cloud;
- Facilitates the adoption and development of Software Defined Network (SDN) architectures;
- Contribute to increasing the levels of security and availability of the entire infrastructure, identifying deviations occurred in patterns of functioning and communication applications;
- Simplifies compliance procedures with operating legislative standards and requirements from various industries.
Using sensors software (Hosted on Linux and Windows servers – compatibility will be extended to next versions) and hardware (integrated into ASIC microchips from Cisco Nexus 9200, Nexus 9300-EX and Nexus 9500-EX switches), one single Tetration equipment is able to monitor up to one million unique streams of data per second.
The level of data collection, the first of the three main functional levels of the platform, integrates the sensors throughout three types of information are collected:
- Flow information (protocols, ports, starting attempt of flow, etc.);
- Variations recorded at the level of monitored amount of data ;
- Contextual information (details on the processes, what process has generated a particular process, process IDs, users associated with certain processes, etc.).
According to experts, if installed in a datacenter that hasn’t Cisco infrastructure Tetration collects data only via sensors hosted on servers, providing 85% visibility in the respective datacenter. On the other hand, on the Cisco infrastructure, the information collected by Tetration sensors can also be used in Application Centric Infrastructure (ACI) architectures, and the platform can be integrated with APIC (Cisco Application Infrastructure Policy Controller).
The data generated by Tetration can also be transmitted to third-party solutions (load balancer, IP watch list, geo-localization systems, etc.), on partners list being placed up to this moment ServiceNow, Infoblox, vArmour and Tufin.
Once installed, Tetration detects and learns throughout advanced learning mechanisms the IT policies applied to the entire infrastructure and identifies how each application works. The platform monitors the behavior patterns of servers and other hardware and signals any anomaly detected in the operation of applications and communication between them. The second primary functional level of the platform is represented by the analysis that integrates advanced processing algorithms, mechanisms of learning (machine learning) and behavioral analysis technology applications and equipment by which provide:
- Expanded visibility of the entire infrastructure,
- Detailed information on how the various components of the applications communicate;
- Automatic grouping of infrastructure components with similar functionality (Web servers, databases, etc.);
- Lists of recommendations for applications (Whitelist Policy);
- Rapid identification of deviations from normal behavior;
- Long-term data retention for detailed historical analysis.
Because Cisco Tetration can collect and store information on the long term and because of the advanced features of data analysis, the platform allows the organizations to understand in depth the causes and effects of the events (Forensics Analysis), to analyze those present (Real-time Analysis) and to simulate future scenarios (Impact Analysis). With the help of Tetration can be performed “What if” analysis of any change that needs to be introduced to highlight its impact, which simplifies the validation policy in the entire datacenter.
The third level is represented by the viewing platform. Tetration facilitates the consumption of supplied data throughout an intuitive interface and through APIs Representation State Transfer (REST). The platform integrates a notification interface, through which users can receive reports and alerts.
Cisco Tetration Analytics is provided as a “turnkey”, with preconfigured hardware components (servers and networking equipment) and preinstalled software applications. This delivery model reduces the work of installation/implementation and commissioning time, allowing customers to quickly capitalize on the benefits of the solution. (Delivery “turnkey” is used by Cisco in case of Unified Computing System equipment, ACI and Vblock – conducted in partnership with VMware and EMC – VCE.)
With the launch of Tetration Analytics, experts estimate that Cisco has made the first important step in the materialization of the IT infrastructure transformation of Network Centric strategy into a sensor system capable of providing a real increase of operational efficiency, with a direct impact on datacenter reliability and security.