Post on 20-Aug-2015
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Application Performance in a
Cloud & Virtualized Environment
March 2012
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a Virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Corporate profile
Leading European vendor on:Application Performance Management (APM)Network Behavior Analysis (NBA)
Strong footprint in Western Europe
500 customers30 certified resellers
Based in Paris
Innovative, fast growingListed in Deloitte’s Fast50
Red Herring Global Award winner
March 2012 © 2012 SecurActive. Proprietary and Confidential
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Concept
Show the Performance of applications and infrastructure as
Users Experience it!
Troubleshooting Monitoring
IT Intelligenc
e
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
• Usage trends• Who does what• Bandwidth• Traffic mapping• Top reports
• Network Quality Indicators• Congestion & degradations• ICMP / TCP / non IP
anomalies• Packet capture
• Quality of Service (MOS)• Volume reporting• Diagnostic at call level
• QoE Reporting• Troubleshooting workflow• DNS performance & errors
Usage Network
SIPApplication
Core Functions
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Top Down = Successful & Faster
Resolution
• Fast resolution• Retrospective
analysis• Answers to « where
is the pain coming from? »
• Usable by whole IT team (Collaborative vs. Expert)
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Fast & non-intrusive Implementation
All-in-one Appliance
Capture traffic through SPAN or TAP (3-16 listening port per apliance)
100% non intrusive: • No traffic
overhead• No network
change• No downtime• AgentlessDistributed capture support
March 2012
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Before the Cloud…
March 2012
Fog!
Survey 2011: the issue with application performance…
• 96% of the respondents have experienced « slowdowns »
• For 49%, they are permanent or frequent…
• 78% of the incidents have a significant impact on the end user productivity.
• Despite traditional monitoring tools, 94% of the network administrators do NOT have a satifsactory visibility on network activities.– (71% have a SNMP monitoring console, 60% a packet analyzer, 64% a
WAN optimizer)
March 2012 © 2012 SecurActive. Proprietary and Confidential
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
What are the Challenges around APM?
Performance is
subjective.
Degradations are intermittent (= hard to
diagnose)
Root cause can
be anywhere
in the
application
chain
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
You don’t Know Where it Comes From
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
You have a performance problem, You do not know where it comes from… You can…
FIND OUT IN 4 CLICKS!
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Be Informed!
Some users suffered from a performance degradationOn the application Labo RD1 at 10:44 am this morning.
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
The blue peak indicates there was a server response time issue
Only one server and one user groupwere involved.
Yellow: Network RTBlue: Server RTRed: Data transfer time
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
We can see that only one userwas impacted.
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and ConfidentialMarch 2012
For that specific conversationwe can see the degraded server response time.By clicking on « PCAP »…
You can view the exact query that caused the slowdown.
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Now… You can fix your problem!
March 2012
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
© 2012 SecurActive. Proprietary and Confidential
Performance Vision APM: Three Different Approaches
1. End User Experience Monitoring2. Network based APM3. Agent based APM
2. Network Based
3. Agent Based1. EUE Montiroing
March 2012
Network
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
APM Working Methods
End User Experience
•A robot replays predefined scenarios to evaluate the overall end user transaction time.
Agent based APM
•Agents on all servers in the application chain monitor the execution of the application at code and system resource level.
Network based APM
•A set of probes captures the application traffic over the network (between clients and front server and eventually within the application chain).
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Benefits & Drawbacks
APM Type End User Experience Agent-based Network-based
Questions answered
What is the evolution of Quality of experience for the standard operations of my key application?
What part of the application chain is causing the slowdown?
What transaction is slow? What part of the code is
executed slowly?
Is there a slowdown? Which applications and users
are impacted? What is causing the slowdown
(network ,server, data transfer) For which transactions?
Limits Not in line with real use Not explanatory (does not tell
you why or what is failing)
No vision of application delivery on the network
No vision of application environment (network, other applications…)
No vision of the root cause when server led degradation (code, server resources…)
Constraints Agent deployed on each client
or robot Configuration of each scenario
Agent deployed on each server
Impact on server performance Pricing per server or
application chain
Traffic capture by SPAN or TAP
Scope One or few critical applications One or few critical applications All applications distributed
over the network
Main Users Helpdesk, reporting for
management Development teams, Q/A. Infrastructure team, helpdesk
March 2012
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Virtualisation Challenges
Dynamic Resource Allocation
• What’s where and when?
• A data center is not a physical place anymore…
Virtual Network
s• Loss of visibility: how to capture virtual traffic?
• Specific network performance issues
Security Issues
• Which Virtual machine can talk to which other?
• How can I make sure the policy is applied?
March 2012 © 2012 SecurActive. Proprietary and Confidential
Cloud Challenges
The Impact of WAN
Transmission
• Quality of transmission• Name resolution (DNS)
performance
No Control on
Servers
• No Check/Performance measurement is possible on the servers.
Lack of Visibility
• Variability: where are my servers now?
• No vision of application chain
March 2012 © 2012 SecurActive. Proprietary and Confidential
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
Server Switches
What’s the Issue with APM Virtualization?
SRV
SRV
SRV
March 2012
Network
Core Switches
SRV
SRV
SRV
SRV
SRV
SRV
ESX Servers
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
Server Switches
SRV
SRV
SRV
Network
Core Switches
SRV
SRV
SRV
SRV
SRV
SRV
ESX Servers
Key Success Factors
March 2012
Make sure you capture traffic whichever network path is used: distributed capture. Easy to deploy Low impact on network Affordable
Make sure you capture traffic within the virtualization chassis. With no architecture
change Limited impact on
infrastructure load
Network
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
SRV
Server Switches
SRV
SRV
SRV
Network
Core Switches
SRV
SRV
SRV
SRV
SRV
SRV
ESX Servers
How does Performance Vision Respond?
0,2-05% reporting flow
March 2012
Distributed solution: All APS-1000+ appliance
support external pollers. Only 0,2-0,5% reporting
flow A new poller is installed in
< 1 hour. You go distributed from
24k€; pollers from <6k€.
Several options to monitor virtual traffic with Performance Vision: Virtual pollers Virtual TAPs support
Network
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
SRV
SRV
3 ways to monitor virtual traffic
SRV
SRV
SRV
SRV
SRV
PV Virtual Express
SRV
PV Virtual Express: Promiscuous mode or
SPAN on Virtual switch HTTP access to the
Virtual Express for queries
PV Virtual Poller
SRV
HTTPSPV (Virtual) APS
SSH (0,2-0,5%)
PV Virtual Poller: Promiscuous mode or
SPAN on Virtual switch SSH export to an APS
appliance (0,2-0,5%)
PV (Virtual) APS
GRE (100%)
Virtual TAP: No promiscuous mode,
neither SPAN prerequesites
GRE export to an APS appliance (100%)
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Synopsis - Intra-ESX Capture
Native VswitchPromiscuous
Mode
Alternative Switch
Openvswitch
Alternative Switch Nexus /
ConnectVirtual TAP
Configuration Change
Description
Native vswitch does not offer any port mirroring feature.
VSwitch allows activation of « promiscuous » mode. It enables forwarding all packets to all the VM within a portgroup (including your analysis device).
Openswicth is an open-soucre alternative to vswitch. It is used by Xen of Citrix. It offers local and remote port mirroring features (SPAN & RSPAN).
These Cisco & HP products are alternatives to Vswitch. They offer extended features of port mirroring (SPAN, RSPAN, ERSPAN).
A Virtual TAP enables filtered traffic capture (for specific VMs and ports for example) and to send a copy of the traffic through a GRE Tunnel to the analysis device.
You can change the VLAN configuration (to force the traffic between VMs to be routed through the physical switches) or the affinity rules with the same objective.
Benefits None
Enables the traffic analysis through a virtual poller / appliance without any architecture change. No license cost.
Enables fine tuned traffic capture. No license cost.
Enables fine tuned traffic capture.
Enables fine tuned traffic capture. Filtering on traffic capture.
Enables the analysis of inter-VM traffic on the physical network. No License cost.
Prerequisites
Native
Creation of portgroupsActivation of the promiscuous mode
Architecture change in the ESX.
Licence Enterprise Plus is necessary. Architecture change in the ESX.
License cost. Support of ESX4 (and not version 5)
Configuration change.
Limits -
The analysis device has to be inside the ESX. Security consideration around the promiscuous mode (even if limited to a portgroup).
The analysis device has to be in the ESX.
The analysis device has to be in the ESX.
If the analysis device is outside of the ESX, beware of the traffic load on the interfaces.
Load on the network interfaces of the ESX.
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
What’s the issue with AppPerf in the Cloud?
DNS
Questions raised: • Bandwidth & internet transmission quality are key.• DNS response times have a stronger impact. • Cannot recognize a Cloud App per IP addressing URL based recognition. • Change in the Cloud architecture impacts distance latency EU Experience. • No vision of Application chains. Agent based is not an option.
March 2012
Cloud Provider DC1
SRV
SRV
SRV
Cloud Provider DC2
SRV
SRV
SRVLAN
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
DNS
Performance Vision: Network based Reports quality of network link to the Internet Reports DNS performance Recognizes applications based URL Regex
March 2012
Cloud Provider DC2
SRV
SRV
SRV
Cloud Provider DC1
SRV
SRV
SRV
LAN
Agenda
• Corporate presentation • What’s the use of an APM?• The different APM approaches• Challenges raised by
virtualization and cloud• Two responses from Performance
Vision• Why a Virtual Appliance?• Questions / Answers
March 2012 © 2012 SecurActive. Proprietary and Confidential
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Why a Virtual Appliance offering?
Virtual Appliance ≠ Virtual traffic capture
3 benefits in Virtual appliances:
1. TCO2. Deployment3. Virtual Traffic
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
What’s a Virtual Appliance?
• Product• Features
Exact copy of the physical appliance
In a software appliance
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
3 main use cases
• No logistics• Anyone will be able to download from the web
Easier test drives
• Low TCO probe• Low cost• No logistics
• Fast & remote deployment
Entry level product
Virtual network capture
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
How does it work?
• Physical interfaces in promiscuous mode• Virtual machines in promiscous mode• Receive traffic through a GRE tunnel (Virtual TAP)
Capture modes
• VMWare ESX, ESXi (VMPlayer with restrictions)• Supported configurations:
• RAM: 500Mb, 4Gb, 6Gb, 8Gb, 12Gb or 16Gb;• CPU: 1, 4 or 8
Supported platforms
• Stand alone appliance• Poller for an external collector (physical or virtual)• Collector for other poller appliances (physical or virtual)
Deployment methods
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Benefits and limits
Benefits• Reduced
acquisition cost• No logistics for
remote installation
• Virtual traffic capture
• Backup facility
Limits• VMWare
configuration prerequesites
• Performance for high volume collectors due to I/O performance
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Product set
Trial Virtual Express
Virtual Appliance
Poller
Virtual Appliance
Supported modules
APS NPS | APS APP NPS | APS
Interfaces 3 3 3 - 10 3 – 10
Retention time 15 days 15 days N/A 360 days
Reporting No No No Yes | Yes
Collector for distributed poller
No No No No | Yes
Telephone support included in maintenance
No Option| Option Yes Yes | Yes
Listprice Free for 15 days 3 900€ | 6 900€ 5 900€ 9 900€ | 17 900€
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Possible implementations
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Performance Vision
Local
Central Site
Single NodePerformance Vision
Appliance
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Single NodePerformance Vision
Appliance
Performance Vision
Applications, Databases, Intranet, Files, Mails... Users Users
Internet
Firewall
Core Switches Monitoring Port(s)
Admin Port
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Single NodeVirtual Performance
Vision
Monitoring Port(s)
Admin Port
Applications, Databases, Intranet, Files, Mails... Users Users
Internet
Firewall
Core Switches
VMWare ESX
VirtualPerformance
Vision
Virt
ual S
witc
h
Virtual NIC
Physical NIC
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Virtual Poller
Network
Appliance Collector
Local
Remote Site
Central Site
Appliance PollerVirtual Poller
Remote Site Remote Site
Appliance Poller
March 2012
Performance Vision
© 2012 SecurActive. Proprietary and Confidential
Distributed EnvironmentPerformance Vision Mix
Appliance Collector
Applications, Databases, Intranet, Files, Mails... Users Users
Internet
Firewall
Core Switches Monitoring Port(s)
Admin Port
Switches
SPV Virtual Pollers or Appliances
WAN
Remote Site
March 2012