Data centers have become a critical element for ensuring the continuity of business processes in the last 10 -15 years, especially for organizations with extensive IT infrastructure and broad number of heterogeneous structures. The constant growth of complex IT infrastructures dependence exposes companies to significant risk, however, difficult to manage without adequate tools and skills. Cisco recently launched Tetration Analytics platform, which is able to provide visibility into the entire infrastructure of a data center and provide actionable information to improve operational efficiency and security.
A specialized American institute (Ponemon) analyzed the performance of 63 data centers in terms of unplanned downtimes, whether partial or total and concluded that they generate more and more damages with greater impact on the entire business. According to the analysis, the average value of the damage caused by a unplanned downtime in a Data Center is approximately 740,000 dollars based on 2016ststistics, up with 38% than the estimated value in 2010, when the first Ponemon benchmark was conducted. The medium downtime interval is about 95 minutes – 64 minutes for partial downtimes and 130 minutes for the total ones.
To estimate the amount of damage resulting from a downtime, the quoted experts analyzed eight categories of costs associated to the measures adopted by companies:
- Detection Costs – generated by activities associated with discovering the downtime cause and their subsequent investigations;
- Containment / stop Costs, resulted from taking prevention measures against the expansion and worsening of the situation by disrupting a greater number of processes;
- Recovery costs deriving from restoring the infrastructure and principal systems that are still functioning;
- The business costs – indirect damages that cannot be directly quantified financially, but have the highest value, such as missed opportunities; low level of customer satisfaction; increasing their loss risk; image altering in front of partners etc .;
- Costs for equipment, resulting from the acquisition of new equipment and / or repair of damaged ones;
- Costs across IT department- downtime generates a decrease of productivity and additional expenses with the IT team;
- Costs associated with lost productivity of end-users;
- Related Costs – costs with contractors, consultants and specialists that are addressed to remedy the downtimes.
The most affected industries in terms of damage caused by downtime are: banking and financial services; Communications, health, commerce and research industry. (The last three positions are occupied by HoReCa, Media and Public Sector.)
Downtime loss can be limited by a proactive approach put into practice with the help of monitoring tools and the analysis of the data centers infrastructure. The effort for this action is consistent, and until this year it didn’t exist a unique system capable to collect information from the entire ecosystem of a Data Center and analyze large volumes of data in real time.
Organizations that have dropped the reactive strategy uses several disparate solutions (VMware virtual environment management, Docker management of the containers etc.) or trying to develop their own applications centered on a specific technological area. Such approaches have limited coverage but are not correlated and offers a low visibility on data center infrastructure, especially the behavior of applications and how they interact with each other. The end result – screening processes and elimination of downtime causes still have a low efficiency, being slow, complex and costly.
Cisco has recently came up with a new way of addressing these challenges, based on a coherent and unitary approach embodied in Tetration Analytics platform. Cisco platform is able to collect millions of information from the entire infrastructure across the data center and to analyze them, delivering the following immediate results:
- Provide IT managers’ with a extended visibility of the Data Center, allowing them to understand the interdependencies between applications;
- Streamlines operational processes to prevent and eliminate downtime, detecting quickly the causes and the side effects;
- Simplifies the replacement and migration of their applications in the Cloud;
- Facilitates the adoption and development of Software Defined Network (SDN) architectures;
- Contribute to increasing the levels of security and availability of the entire infrastructure, identifying deviations occurred in patterns of functioning and communication applications;
- Simplifies compliance procedures with operating legislative standards and requirements from various industries.
Using sensors software (Hosted on Linux and Windows servers – compatibility will be extended to next versions) and hardware (integrated in ASIC microchips from Cisco Nexus 9200, Nexus 9300-EX and Nexus 9500-EX switches), one single Tetration equipment is able to monitor up to one million unique streams of data per second.
The level of data collection, the first of the three main functional levels of the platform, integrates the sensors throughout three types of information are collected:
- Flow information (protocols, ports, starting attempt of a flow etc.);
- Variations recorded at the level of monitored amount of data ;
- Contextual information (details on the processes, what process has generated a particular process, process IDs, users associated with certain processes etc.).
According to experts, if installed in a data center that hasn’t Cisco infrastructure Tetration collects data only via sensors hosted on servers, providing avisibility of 85% in the respective Data Center. On the other hand, on Cisco infrastructure, the information collected by Tetration sensors can also be used in Application Centric Infrastructure (ACI) architectures, and the platform can be integrated with APIC (Cisco Application Infrastructure Policy Controller).
The data generated by Tetration can alos be transmitted to third-party solutions (load balancer, IP watch list, geo-localization systems etc.), on partners list being placed up to this moment ServiceNow, Infoblox, vArmour and Tufin.
Once installed, Tetration detects and learn throughout advanced learning mechanisms the IT policies applied to the entire infrastructure and identifies how each application works. The platform monitors the behavior patterns of servers and other hardware and signals any anomaly detected in the operation of applications and communication between them. The second primary functional level of the platform is represented by the analysis that integrates advanced processing algorithms, mechanisms of learning (machine learning) and behavioral analysis technology applications and equipment by which provide:
- Expanded visibility of the entire infrastructure,
- Detailed information on how the various components of the applications communicate;
- Automatic grouping of infrastructure components with similar functionality (Web servers, databases, etc.);
- Lists of recommendations for applications (Whitelist Policy);
- Rapid identification of deviations from normal behavior;
- Long-term data retention for detailed historical analysis.
Because Cisco Tetration can collect and store information on long term and because of the advanced features of data analysis, the platform allows the organizations to understand in depth the causes and effects of the events (Forensics Analysis), to analyze those present (Real-time Analysis) and to simulate future scenarios (Impact Analysis). With the help of Tetration can be performed “What if” analysis of any change that needs to be introduced to highlight its impact, which simplifies the validation policy in the entire Data Center.
The third level is represented by the viewing platform. Tetration facilitates consumption of supplied data throughout an intuituitive interface and through APIs Representation State Transfer (REST). The platform integrates a notification interface, through which users can receive reports and alerts.
Cisco Tetration Analytics is provided as a “turnkey”, with preconfigured hardware components (servers and networking equipment) and preinstalled software applications. This delivery model reduces the work of installation / implementation and commissioning time, allowing customers to quickly capitalize on the benefits of the solution. (Delivery “turnkey” is used by Cisco in case of Unified Computing System equipment, ACI and Vblock – conducted in partnership with VMware and EMC – VCE.)
With the launch of Tetration Analytisc, experts estimate that Cisco has made a first important step in materialization of the IT infrastructure transformation of Network Centric strategy into a sensor system capable of providing a real increase of operational efficiency, with direct impact on the reliability and security of data centers.