Merriam-Webster defines “apex” as the highest or culminating point. Most people think of the apex of a mountain or other structure, like a pyramid. When you’re standing at the apex of something you have an amazing view.
You can see for miles, but everything below you looks small. That’s because sometimes the apex means gaining vision but losing visibility. It’s a tough line to walk, especially in networking and security. We need the ability to sift through mountains of data that we gather every day but we also need to be able to drill down into that data at a moment’s notice in order to investigate performance or intrusion issues. And rarely do you find a product that gives you both vision and visibility.
Ascending the Summit
I was fortunate enough to hear from VIAVI Solutions back in June at Tech Field Day Extra at Cisco Live US. They came to San Diego ready to show off one of their newest platforms, Observer Apex. This platform is a hybrid network analytics and security monitoring tool that helps administrators figure out quickly how things are looking in their environment and also how to dig into tough issues.
The whole thing starts with a highly-customizable dashboard with the kind of visibility that you need across your various units and locations. You get at-a-glance access to things like top protocol utilization, network usage stats, and congestion on a global map scale. It’s the kind of vision that you need to figure out how things look overall. Like standing at the apex of a mountain, you have the visibility across everything to understand if something looks out of place.
The idea of having a quick-view dashboard is pretty much table stakes in the industry now. So how does Observer Apex build on this? Their big contribution is the End-User Experience Score:
The pretty colors aren’t just there to add a pleasing palate to the screen. Instead, it allows your administrators to quickly see when things aren’t performing at their peak for a given user or even a given site. If you log in and see an entire branch office running in the red, that’s a huge warning sign that you need to start digging in to figure out what’s going on. On the other hand, if one user calls you and says that the entire office is down and all you see is green, it’s a good chance that the user is experiencing some issues and you should start investigating with their system and build out from there.
Observer Apex also comes with a number of pre-defined workflows that help users and junior admins to start drilling into problems with a guided discussion of which fault domain the problem might be contained in. This is akin to giving someone on the apex of the mountain a pair of binoculars. Instead of making them focus their attention all around, you can use a tool to focus them on the thing you want them to see way down on the ground or across the valley. When used properly, these workflows can help speed time to problem resolution and ensure that your junior admins are empowered to help users from the onset of issues instead of feeling the need to escalate every issue as soon as it comes in.
Batten Down The Hatches
Remember how I said that Observer Apex is a hybrid tool? Well, good network analytics tools are also great security tools as well. With the integration Observer Apex has with GigaStor and GigaFlow from VIAVI, you can collect a mountain of data and analyze it to find patterns and problems from a security perspective as well. Sometimes the innocent performance issues in a remote site are actually hiding an infection of some new zero-day exploit or perhaps a new botnet determined to use IoT devices to cause havoc.
Observer Apex can help you diagnose these issues and examine how the performance impacts can also cause security risks to your organization. Think about something like NotPetya infecting Maersk a couple of years ago. The company-wide infection was preceded by a huge performance hit as the systems in the network started infecting each other and consuming massive amounts of bandwidth. With a tool like Observer Apex, network admins might have seen the infection earlier and been able to start a remediation policy more quickly. Rapid response might have avoided the need to reinstall some 4,000 servers and cause untold billions of dollars worth of damage.
Bringing It All Together
You have to have the ability to see far and wide and also to focus on what’s important. Tools help with that. The better the tool, the better you can shift your vision and your focus. Observer Apex from VIAVI Solutions has the right mix of overall visibility to specific focus to help network and security teams figure out performance issues as well as potential sources of trouble. In my mind, Observer Apex is sitting on top of the mountain.