It was really great to see so many old friends again at Cisco Live this year in Las Vegas. It’s been a few years since I’ve been to a conference other than a few small work events, so it was exciting to wander the World of Solutions, talk to people at the many booths, and bump into people I knew online but never met in person.
The conversation often started with something like “hey it’s great to finally meet you in person,” followed by “doesn’t it feel like everyone’s talking about the same thing this year?” And honestly, it kind of did. It’s not that every booth had the exact same message, but there was definitely a theme emerging over the course of the week — mining data from the network to improve network operations.
We’ve had visibility into our networks to one extent or another since the early days of networking. Over the course of the 80s, 90s, 2000s, and today, we’ve gotten progressively better at gathering flow data, SNMP info and streaming telemetry from network devices, and logs from various sources internally and from public clouds.
My impression this year is that network visibility was taking a big step forward. Not toward gathering more kinds of data, and not toward creating prettier graphs, but toward adding intelligence to the analytics we’ve been doing manually since the beginning. From my perspective, observability took the main stage this year in the World of Solutions.
A few years ago, even uttering that term caused engineers to cringe, but this year it was pretty obvious observability was as cool as Chris Cornell in 1994 (or really any year for that matter). But is it just some new marketing term everyone’s jumping on like the intent based networking craze of a few years ago?
That’s something I’ve been thinking about a lot over the last two years. What’s going on in network operations that observability is trying to solve? How is observability different from visibility? Is the underlying technology that makes observability possible real, or is this all marketing fluff?
For me, the answers to these questions started with reflecting back on my days as an engineer working in the trenches to build and troubleshoot big networks. Usually, that meant figuring out why some application wasn’t working well. Rarely was I troubleshooting a network just to make the network better. Analyzing logs, troubleshooting QoS policies, or figuring out why traffic was taking a particular path were to make an application perform better for real people trying to get real work done.
That’s really one of the underlying themes of observability and of this year’s Cisco Live. It’s all about augmenting the engineer to help network operations work faster and more efficiently. That means root cause analysis, security mitigation and forensics, and correlating data to get deep insight into everything going on in the network.
This is the difference between only seeing what’s going on in the network and understanding why it’s happening.
For example, when end users start complaining that their line of business application feels very slow, legacy visibility can tell you that an interface is utilized a little more than normal and that the time to load a web page is taking a little longer than expected.
Observability, on the other hand, will use all of that legacy visibility as the foundation to then analyze events and automatically discover a high probability of correlation between swinging traffic between data centers, DNS lookup times rising dramatically, and application page load times increasing to the point that the app is almost unusable.
Observability is built on a foundation of visibility. However, it goes beyond just seeing what’s going on to also ingesting, scaling, normalizing, and correlating data so that you, as a network engineer, can get to the root cause of a problem faster than ever before.
This is the point of Kentik’s network observability platform and why, for instance, you can see how the specific results of a synthetic test correlate with flow data. Diverse visibility, normalized data, correlated results produce real insight into why something is happening on the network.
Cisco Live 2022 had its share of networking goodness including some cool advances in wireless tech, cloud networking, and even in network security. But it was the theme of augmenting the network engineer with diverse data and machine learning that took the main stage at the World of Solutions. Regardless of how the term was used a few years ago, observability is certainly a very real and practical solution for handling the growing complexity of application delivery today.
Learn more about Kentik and try it for free for 30 days.