Understanding SaaS IPFIX Analysis: A Tutorial
What is SaaS IPFIX Analysis?
The market has embraced SaaS as a delivery model for advanced products and capabilities and its now possible to apply this cost effective approach to network traffic visibility and analytics solutions. IPFIX analysis fits very well into a SaaS deployment model and it scales on-demand for enterprises, web service providers, and service providers of all sizes.
SaaS IPFIX analysis is deployed in a public cloud. Enterprises, web services companies, and service providers can readily export IPFIX data in a secure connection to a multi-tenant, cloud-based IPFIX analysis platform. A key benefit to multi-tenant SaaS approaches to IPFIX analysis is that users can go from registration to production use of powerful analysis capabilities in tens of minutes with no hardware required. This freedom from capital and related operations costs, and the fast time to value is highly attractive to IT management.
Operator personnel can utilize web-based analytical tools to monitor their networks and perform in-depth IPFIX analysis.
IPFIX Analysis offers operators insight to overcome many common challenges in managing today’s complex network infrastructure:
- Network Planning and Analysis:IPFIX data provides key information for sophisticated analysis to optimize both strategic network planning as well as tactical network engineering decisions, minimizing the total cost of network operations while maximizing network performance, capacity and reliability.
- Network Monitoring:IPFIX data enables extensive near real-time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns as they happen enabling problem detection, efficient troubleshooting, and rapid problem resolution.
- Application Monitoring and Profiling:IPFIX data enables network managers to gain a detailed, time-based, view of application usage over the network.
- User Monitoring and Profiling:IPFIX data enables network operators to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate network resources application as well as to detect and resolve potential security and policy violations.
Benefits of SaaS-Based IPFIX Analysis
The primary benefits for operators utilizing SaaS-based IPFIX analysis are:
- The cloud-based SaaS model cost effectively scales to meet volume and data retention needs from early stage network deployments through full, large-scale network coverage as network capacities increase.
- Ensures “day 0” time to value by eliminating the need for hardware, and provides instant compatibility and integration with IPFIX-enabled devices from many different network equipment providers.
- Avoids investing in on-premises IPFIX analysis capabilities that become obsolete as back-end technology and methods change.
- Achieves real-time network visibility for real-time problem resolution.
- Eliminates capital and related operations investments such as space, power, cooling and staffing required to maintain hardware and software.
This last benefit is a key reason for operators to utilize a SaaS-based IPFIX Analysis solution versus building one in-house. An in-house deployment results in up-front investments and continuing, long-term resource allocations that can skew long-term total cost of ownership (TCO) higher than a SaaS-based service. Much of the internal build cost equation involves deployment, configuration, and ongoing maintenance of the software performed by internal staff along with the cost of hardware to deploy it. Also, a SaaS-based IPFIX Analysis environment is inherently scaled-out versus an in-house effort from the moment it is turned up, eliminating unforeseen capital spending or poor analysis performance.
Operator personnel can monitor their network using a SaaS-based IPFIX service can typically configure a client customized user interface that provides multiple viewing mechanisms for filtering and grouping data as well as setting up alerts. This is critical in large networks, where identifying the root cause of an application performance issue, security problem or outage is a complex, multi-step, multi-person process that requires isolation of specific variables.
Kentik is the first to create a purpose-built big data, SaaS platform for IPFIX analysis. Kentik’s commercially-proven IPFIX SaaS analysis environment ingests tens of billions of flow records per day. Kentik SaaS-based customers can leverage the power of a scale-out analysis engine, allowing them to perform multi-dimensional, ad-hoc traffic analyses and get answers in a few seconds. Kentik also supports flexible, network-wide DDoS and anomaly detection, network planning and intuitive BGP peering analytics visualizations.
To learn more about the trade-offs of SaaS versus traditional NetFlow, sFlow and IPFIX analysis solutions, see Jim Frey’s blog post: