Meeting the demands of business-critical applications with next-generation networks
Peter Hall November 2006
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
1
Meeting the demands of business-critical applications with next-generation networks
The demands of business software applications continue to grow and this places ever-greater demands on enterprise networks. In addition we are now increasingly seeing voice and multimedia supported on the same networks as business critical software applications. In recent years new network technologies such as MPLS VPN have evolved in response to these demands but performance and SLAs are still expressed in network- centric terms and not the language of applications. Software tools and managed services are now available which bridge the gap between the capabilities of networks and the demands of business critical applications. These will be increasingly important to ensure that enterprises maintain high and consistent applications performance and minimise the high cost to the business of poor-performing applications.
The critical role of networking in businesses
Business applications are the lifeblood of most modern enterprises
Business applications are the lifeblood of most modern enterprises. Of course this is not new and has evolved over more than three decades so that we are now at a position where most enterprises simply could not continue to do business without very high availability of their business applications and communications networks. The increasing dependence on networked applications has been driven by many factors: • driving down costs and improving competitive position – automating processes and making employees more productive through applications such as ERP, supply-chain management and access to company information through intranet portals improving customer service – the use of CRM in sales and service functions throughout the enterprise enabling new business models – online trading and customer support through the Internet.
• •
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
2
There is no end destination in any of these developments and businesses will become ever more dependent on both their applications and networking environments.
Increasing dependence of applications on networking
Although the dependence of businesses on applications and networking has evolved over a long time, in recent years we have seen a significant increase in the demands of applications on networking. Some of this has been through a rapid proliferation in the number of business applications that need to be supported. It is now not uncommon to find at least 50 business-critical applications in a large enterprise, and we are aware of one major enterprise that has no less than 2,500 applications in total! In addition we are seeing a large increase in the degree to which applications are networked. Whereas many business-critical applications were once the province of head office and regional office sites, it is now much more common to see business critical applications extended out to branch offices throughout the organisation. With the increasing globalisation of businesses, this often means branch offices spanning several countries and, for Multi National Corporations (MNCs), it can mean hundreds or even thousands of sites across the globe. The trend towards the consolidation of data centres has also increased the requirements for networking of applications. This means that more business sites are served from each data centre and the smaller number of data centres means a greater need for resilience through additional networking.
The impact of convergence
To add to the already significant demands of networks to support data applications, the growth of convergent networks means even greater challenges. Applications such as realtime voice and multimedia are sensitive to network parameters such as delay, jitter and packet loss which are characteristics of all IP networks. In order to support applications such as voice and multimedia, alongside mission-critical data applications, particular care has to be taken to ensure that applications performance doesn’t become unacceptable as applications compete for bandwidth.
The CIO challenge
Increasing demands on CIOs
The growth of business-critical applications places considerable demands on CIOs (chief information officers) and IT managers:
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
3
•
more business applications, more business sites, more users but no more budget! Most enterprises will be under constant budget pressure, meaning they have to operate in an ongoing ‘more for less’ financial environment a dynamic applications environment with demanding network requirements. The applications environment is rarely static. Existing applications can grow in users and traffic and new applications are introduced meaning that the demands for networking can vary greatly over time. Many individual applications have demanding network requirements – in addition to latency-sensitive applications such as realtime voice and video, some business applications are also sensitive to latency – for example, SAP and Citrix maintaining high service levels across a large number of applications. In addition to the 50 to 100 business applications that the IT department of a large enterprise will have to support, most IT departments admit that they don’t know of all the applications on their networks. These may include departmental applications that are still essential to the enterprise and unauthorised personal applications that can have a detrimental impact on overall applications performance.
•
•
Difficulties in responding to the challenge
Many IT departments are strapped for resources and have necessarily grown in a break-fix mode of operation. They have not had the luxury of being able to proactively monitor performance across a large number of applications so have tended to only address an applications issue when a problem has already been encountered that impacts users and business processes. Ideally they need to escape from a break-fix mode of operation but the growth in the number of applications and business sites to which applications are networked makes this impractical. In particular, as applications are networked across business sites in many countries this would be a major task.
The high cost of poor performing applications
The impact of poor applications performance on a business can be substantial and often translates directly into lost business or higher operational costs. In the case of hard failures, where an application is unavailable, this can mean lost business until the fault is rectified. Although this type of situation will usually generate immediate attention it can sometimes be time consuming to localise the fault between IT systems and the network. However, not all faults mean that applications cease to operate entirely and, in many fault situations, an application can operate at below optimum performance for days or even weeks before a fault is localised and addressed. The impact can be just as costly as a hard failure.
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
4
In spite of the wide-ranging impact on the business, many companies are not resourced to address these issues. Research conducted on behalf of BT indicates that 50% of European companies lack the resources to properly address application performance problems.
The growth of IP VPN services
The last five years have seen a massive growth of IP networking which is now replacing the older generation of private line and frame-relay networks. In particular, MPLS-based VPNs are becoming the de facto standard for enterprise networking to support both business-critical data applications and convergent applications such as voice and multimedia. Whilst MPLS-based services were introduced in the late 1990s, these first generation services were quite basic. They were soon replaced by services that better met the evolving needs of business networking with support for multiple classes of service (CoS). The current generation of MPLS-based VPN services typically have three to five CoS levels and SLAs that cover availability, round-trip delay, packet loss and (for class of service levels that support voice and multimedia) jitter. Individual applications are mapped into a particular class of service to allow a degree of prioritisation. This allows, for instance, latency-sensitive applications such as voice and multimedia to take priority over data and for business-critical data applications such as SAP to have priority over applications such as email and web access. MPLS VPNs incorporating CoS have become an extremely important tool in helping enterprises network their business critical and convergent applications but they are not a panacea and have some limitations.
Limitations of MPLS VPNs and Class of Service (CoS)
MPLS VPN services are sometimes described as ‘applications aware’ IP VPNs but this is a misleading label. The MPLS VPN service is not able to recognise applications, only to process traffic according to the class of service level assigned to the application. In order to decide how to map applications into a CoS levels it is first necessary to baseline the existing applications on the network. This is normally carried out by performing an applications audit prior to implementing MPLS VPN. Additionally any planned new applications (eg VoIP) must be taken into account in network sizing and allocation to CoS levels. The enterprise must ensure traffic levels in each class are within limits set by the network provider’s Service Level Agreement (SLA) and no account is taken of the dynamic nature of applications traffic meaning that high priority traffic can sometime overflow to a lower priority traffic class or even be lost altogether. This is illustrated in Figure 1 which for simplicity has three classes of service. In this example, the voice and multimedia traffic class is limited to 20% of total traffic. If this is insufficient to allow
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
5
for the dynamic nature of this traffic, for example a bandwidth hungry video conference call, then the performance of voice traffic will suffer with the result that users start to see poor voice quality. This might also impact the performance of business critical applications as voice and videoconference traffic spills over to this traffic class. Figure 1 Limitations of MPLS VPN Class of Service
CLASS OF SERVICE Real time: e.g. voice and multimedia
Traffic limits set by SLAs
eg 20% of traffic
Provider edge MPLS router CPE router
Mission critical data: business applications e.g. SAP Best effort: e.g. email, WWW, file transfer
Source: Ovum
eg 50%
Access line Traffic classification applied
Network provider’s MPLS core
eg 30%
Traffic classification preserved
Whilst MPLS VPN reporting might indicate traffic overload problems this will usually be historic reporting and doesn’t prevent users or applications suffering a drop in performance. MPLS VPN services have little or no ability to classify traffic according to individual applications or to report on the real-time performance of individual applications. The dynamic nature of applications traffic means that optimum applications performance cannot be achieved by relying on CoS alone. It is necessary to understand issues such as: • • • • • how is the applications landscape changing? how is usage of applications changing? is bandwidth sufficient for optimum applications performance? are all applications allocated to the correct CoS is the performance of individual applications degrading?
This can be ac hieved by real-time applications performance monitoring to ensure there is a match between actual traffic on the network and predetermined limits set by CoS.
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
6
Talking the language of applications, not networks
Whilst network services like MPLS VPNs have evolved in recent years they still talk the language of networking and not applications (see Figure 2). This network-centric approach is understandable given the heritage of telcos but services and SLAs expressed in terms of network traffic parameters such as latency, jitter and packet loss do not translate easily into applications performance metrics that are meaningful to enterprises. Over time we may see some of these needs built into the network services themselves but in the meantime enterprises must turn to in-house applications management software tools or additional services to ensure that they have full visibility of the performance of their networks at an applications level. Figure 2 MPLS VPN SLAs take a network centric view of performance
Network provider Customer
Network availability
Round-trip delay Applications availability Packet loss
Applications response time
MTTR
Network optimisation
Jitter Class of service
Problem localisation
Applications degradation
Source: Ovum
VoIP presents new challenges
Implementation of VoIP by businesses of all sizes has increased greatly in recent years and this presents new challenges to ensure high performance. High availability and voice quality from the company phone system has always been the expectation and little thought was given that it could be anything different. This is not the case with VoIP where voice traffic shares bandwidth with data traffic both on the LAN (local area network) and WAN (wide area network).
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
7
It is common practice to perform a network audit before VoIP is implemented to ensure bandwidth is adequate to support both voice and data traffic, taking account of peaks in traffic. In addition, QoS measures (such as MPLS class of service) are implemented on the WAN to give voice traffic prioritisation over data. As a result of these measures the new VoIP phone system works fine at handover. Many companies assume that this is all that is necessary to ensure high voice performance, but then find that performance deteriorates several months later. Furthermore, the deterioration emerges through an increasing number of complaints from staff that the new system is not a good as the old one. This happens because data and voice traffic is dynamic and a traffic audit cannot predict how traffic will change in future as new applications are implemented or new users are added. The solution to this is to monitor voice performance on an ongoing basis. Voice quality is measured on a scale referred to as MOS (Mean Opinion Score), a measurement system which historically used a panel of listeners to rate quality. Systems are available to continuously measure MOS in real time and these enable any degradation in performance to be detected before it impacts end users. In additio n, when voice quality monitoring is part of a broader applications management framework, the impact of adding new business applications on voice quality can be predicted in advance and additional network bandwidth put in place.
The role and implementation of applications performance management
Applications performance management (APM) requires the enterprise to have access to the appropriate software tools and skills. Whilst many large enterprise IT departments will have invested in internal tools and skills to assist in the management and monitoring of their networks (eg SMTP management tools), it is less common for enterprises to have the tools and resources in place to provide proactive monitoring and management of applications performance over their networks. APM tools that provide continuous and proactive applications management are available from a number of vendors. These are designed to be easy to implement and typically provide dashboard type monitoring of applications performance. This means they can be implemented in-house using existing IT personnel and skills.
Typical components of applications performance management
The following are examples of issues which can be addressed with APM tools, although the list is not exhaustive. In many cases it is possible to
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
8
just select the components of the tool-set required to address specific performance management requirements. • • • Applications audit: identification of applications, bandwidth usage, users Application discovery: real-time automatic identification of all applications that are active over a network Real-time application monitoring: monitoring in real-time all application flows across the network (eg individual business applications, voice, multimedia) Application performance reporting: reporting on application performance across the network (both historic and real time reporting) Application optimisation: optimising network performance for support of individual applications Application SLAs definition: defining application performance objectives expected from a WAN Network rightsizing: offering the right level of bandwidth to achieve application performance objectives Application helpdesk: support to internal users for detection and resolution of applications performance issues
•
• • • •
Applications performance management as a managed service
An alternative to having the tools and skills in-house is to utilise a managed service. This is not to say that all enterprises will want to go down the managed services route and many will want to keep the responsibility for performance monitoring and management in-house. However, we expect to see an increasing recognition by all enterprises of the importance of applications performance on their business and the role that service providers can play in helping them proactively maintain high applications availability. The last year has seen managed solutions from several leading network providers to address most of the requirements of applications performance management. As these are typically positioned as out-tasked or managed services rather than outsourcing propositions they can be a cost effective means of supplementing existing skills within the enterprise. It is important to stress that this does not mean that the enterprise is discharging all responsibility for applications performance to a third party. In most cases the responsibility is shared, with the service provider offering 24x7 proactive monitoring of the performance of individual
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
9
applications across multiple business sites (globally where necessary) and assistance in fault localisation and resolution. As a minimum the service provider becomes the proactive monitor and can quickly localise a problem and eliminate the network as cause.
Summary
High and consistent applications performance over enterprise networks is critical to the efficient running of an enterprise. This is now even more important than ever as everyday applications such as voice add to existing business critical software applications. New network services such as MPLS VPNs have helped greatly to address the needs of high network performance across multiple applications but have limitations in providing performance monitoring and reporting at the level of individual applications. Hence these alone are inadequate to identify and localise most applications performance issues. The business cost of poor performing applications can be considerable and APM tools are essential to help maintain high and consistent applications performance and proactively identify applications degradation before users and business processes are seriously impacted. APM tools are designed to be easily implemented with existing IT personnel and skills, but out-tasking to a managed service provider can be an alternative and cost-effective approach.
© Ovum 2006. Unauthorised reproduction prohibited
�MEETING THE DEMANDS OF BUSINESS-CRITICAL APPLICATIONS WITH NEXT-GENERATION NETWORKS
10
Ovum does not endorse companies or their products. Ovum operates under an Independence Charter. For full details please see www.ovum.com/about/charter.asp. For full details of Ovum's citation policy, see www.ovum.com/media/citation.asp. Whilst every care is taken to ensure the accuracy of the information contained in this material, the facts, estimates and opinions stated are based on information and sources which, while we believe them to be reliable, are not guaranteed. In particular, it should not be relied upon as the sole source of reference in relation to the subject matter. No liability can be accepted by Ovum Europe Limited, its directors or employees for any loss occasioned to any person or entity acting or failing to act as a result of anything contained in or omitted from the content of this material, or our conclusions as stated. The findings are Ovum's current opinions; they are subject to change without notice. Ovum has no obligation to update or amend the research or to let anyone know if our opinions change materially.
© Ovum 2006. Unauthorised reproduction prohibited
�