.svg)
Hands up if you’ve ever had to ask your favourite chatbot to explain the difference between Network Visibility and Network Observability. There’s a range of terms in the NetOps bucket, from telemetry through to observability, with visibility, analytics and monitoring in between. I thought it would be useful to clarify them.
Network Telemetry is the automated transmission and collection of raw information from the network. For example, this would include one-off or continuous packet captures (PCAP), the flow data (NetFlow, IPFIX, J-Flow or sFlow) collection, device logs, and any other information that you choose to push from the network.
Network Visibility is information about what is happening on your network. This includes the Network Telemetry information collected by packet captures (the deepest level of visibility), IP flow information, network state (such as forwarding and connection tables), and device logs captured with Syslog.
Network Analytics takes telemetry data and uses statistical analysis and machine learning to identify patterns, which helps to troubleshoot problems, predict failures, and also identify potential optimisations.
Network Monitoring is the act of monitoring the health of the network. Typically, this is a pull model with monitoring tools polling devices to check for up/down status, measurement of indicators such as CPU, Memory, Disk or Bandwidth, and alerting against failures or threshold breaches.
Network Observability sits on top of all other functions and leverages AI and Machine Learning to deliver an end-to-end view of the environment. It is used to explain not just what has happened, but why it has happened and what may happen in the future.
To summarise, telemetry data is pushed from the network to provide visibility and input for analytics, while monitoring pulls data from the network to check status. Then observability uses all these as inputs to explain why things have happened on the network and predict what might happen next.
Now that we understand the functions, the next step is to look at the tooling on the market to deliver this functionality. Unfortunately, these products don’t map neatly to the functions, with many tools providing multiple capabilities. This will be the subject of another post, along with a “hallucination firewall”, which is a phrase I never expected to say out loud, thank you Galileo.
https://lnkd.in/ezvcp6zc