Jeff Harris
Chief Marketing Officer

The Denver Broncos Know How to Address IT's Biggest Challenge

February 10, 2016 by Jeff Harris

It's a college football legend, Paul (Bear) Bryant, who is credited with the adage so many sports fans, players, coaches and owners hold to be true: "Offense sells tickets. Defense wins championships.”

And this weekend in Super Bowl 50, the Denver Broncos did their very best to prove the old adage true. If you watched the game you saw players Von Miller and Demarcus Ware and Defensive Coordinator Wade Phillips help bring the NFL’s best offense to a screeching halt.

But how does this timeless adage apply to those of us that spend our days in the IT world – under fluorescent lights instead of stadium lights?

Well, Zeus Kerravala of ZK Research says “Problem identification is IT’s biggest challenge.” In fact, he goes on to say that 85% of mean time to repair (MTTR) is the time taken to identify the issue. Further, the Merriam-Webster dictionary defines Defense as “the act of defending someone or something from attack” or “something that is used to protect yourself, your country, etc.”

So, in IT we can conclude that:

Defense is the act of defending your infrastructure, applications and users from problems.

Thus, a good defense helps IT address its biggest challenge.

One of the best ways to play defense in IT is to ensure you eliminate visibility and security blind spots. It’s much easier to play defense when with a clear view of the entire field, or in this case the underlying IT infrastructure and applications. A purpose built, well planned visibility architecture is the best way to achieve this clear view of the network, applications and security.

This IT defense or visibility architecture should address 3 key areas as discussed below.

1. Continuous SLA and customer experience monitoring

If 85% of MTTR today is simply the time taken to identify that there is an issue in our infrastructure, anything that reduces that time has a huge impact on our MTTR. Therefore it is critical that companies have a way of proactively monitoring their infrastructure. It’s not enough to simply monitor the environment when there’s traffic. Continuous, 24x7, proactive monitoring is required.

Proactive monitoring refers to the ability to artificially generate real application traffic on the network continuously for SLA and experience monitoring purposes. This allows IT to monitor 100’s of application types including voice, video, web services and the like, and immediately identify when issues occur or when thresholds such as latency, jitter or MOS scores are being reached.


With this approach, IT can proactively identify SLA or customer impacting issues instead of waiting for users to report the problem.


2. End-to-end network, application and security monitoring

Increasing user expectations have been driving IT providers to focus more on customer service, as network and application management become mere table stakes. But IT already has more monitoring and security tools than ever before. The problem is these tools don’t get access to the data that’s needed across the physical and virtual networks.


What’s needed is end-to-end physical and virtual network visibility and security. This is typically best achieved by starting with network taps to mirror traffic to monitoring tools instead of using SPAN ports. That traffic is then aggregated in a network packet broker that can filter the aggregated traffic to provide each monitoring tool with exactly the traffic that it needs to accomplish its objective.


This greatly improves the efficiency and effectiveness of expensive monitoring and analytics tools and provides IT with the widest possible view of the playing field.


3. Fail-safe deployments of inline security tools

Deploying inline security tools in the network today is a necessity. Unfortunately it is a dangerous practice because of all the points of failure each new tool represents in the network. In addition, there seems to be no end to the new inline security tools that are required.

An alternative approach is to use a simple bypass switch to eliminate downtime due to security tool failures or congestion issues. This approach also has the benefit of providing simple separation of duties for the networking and security teams. With a bypass switch in place, the security team can make upgrades, configuration changes or wholesale replacement of tools without any downtime or maintenance window required.

In the IT world, playing good DEFENSE means protecting our infrastructure, applications and users from problems. This is best achieved with a well-planned visibility architecture.

Do you agree? If so, do you currently have capabilities deployed that allow your team to play outstanding defense?

To learn more about Ixia’s Visibility Architecture click here.