Is Cisco NetFlow the only solution for application management in a virtualized world?

Q & A with Jagan Jagannathan, the founder and CTO of application management vendor Xangati.

Earlier this week, VMware announced three products for managing applications in virtual machines. So I thought it might be worthwhile to learn how Cisco NetFlow might be useful for application management in a virtualized world. Luckily, I was able to get the attention of application management vendor Xangati and its founder as well as CTO - Jagan Jagannathan, who took the time to participate in the following Q & A: 1. Is Cisco NetFlow the only solution for application management in a virtualized world?

Jagan Jagannathan: Yes, because to comprehensively and cost-effectively have awareness into the real-time application performance for virtual applications that can move anywhere at any time, enterprise IT needs a management solution anchored on a new data feed. And, the data feed needs to take into account that application performance in a virtual world is heavily dependent on the interactions among virtualized elements, which can include the application, the server, the storage, the desktop and potentially even the network link. Moreover, the data source has to be zero footprint—no agents, no probes—because IT can no longer afford to make costly investments in hard-to-implement solutions that don’t lead to an immediate ROI.

Zero-footprint—with the routers/switches as the source of the data feed--tops a powerful list of functionality which can only be fully delivered by NetFlow. The rest of the list includes:

Supports all virtualized applications
Real time with to-the-second granularity
A push solution versus pull (polling) model

Zero Footprint Deployment Model

2. Would other application management vendors agree with you?

Jagan Jagannathan: The short answer is they would vehemently disagree, but that is what you would expect from anyone who has to defend their installed base of application agents and probes (now often subtly marketed as "agentless" monitoring). And I suspect that a response would generally reflect old deployment concepts that really pre date virtualization, which generally come with a budget that will be hard to stomach in this economic climate. As a point of fact, the agents that customers previously paid thousands of dollars for (per a physical server) might very well be obsolete for virtual servers—what kind of upgrade costs will there be (in licensing and in systems integration) to make them useful once again? Meanwhile, probe-based solutions would have to be distributed everywhere your virtual applications are, which could lead to heavy new capital requirements. Additionally, there are very few network engineers I know that would allow a broad pool of "mirror" ports to be permanently dedicated to application management given that they have an ongoing need to tap in with their troubleshooting tools.

3. Why isn't Cisco promoting NetFlow for application management?

Jagan Jagannathan: Because NetFlow is not usually a price list item, its business value is not elevated by Cisco to the right level in the IT organization. The fact that NetFlow can effectively track all networked application communication without a footprint—in Cisco gear that they have already paid for--is news to most CIOs and their VP of IT Operations. And, if all they had to do was buy one appliance to actualize the value of that information, they too would be all over it like our enterprise customers. We have seen firsthand how this information actually establishes a new framework for collaborative workflow between application owners and their networking peers.

Furthermore, Jagan thinks there are two more fundamental issues at play:

1. Cisco has no P & L around NetFlow and thus its largely viewed as an enabling technology.
2. Cisco views NetFlow products as solutions built for network engineers to look at bandwidth utilization for network troubleshooting and capacity planning.

Director of Network Services for MemorialCare Hospitals - Paul Holt, discusses in the video below his experience deploying visibility into each end-user's application activity:

4. How does Xangati use Cisco NetFlow for application management?

Jagan Jagannathan: First generation or 1.0 products based on NetFlow were built for network management purposes. They gather flow records and store them in indexed files or a database (which is why you often here them called "flow collectors") for future access to generate reports on network management measures of interest. These products were a step up from SNMP polling products because they broke down interface utilization into top applications and top talkers--for the network engineers who have used them, they have been pretty helpful. However, I can tell you that we built a product with very different architectural fundamentals even though we might consume the same "fuel." Our goal was to build a next generation solution for Application Management which requires scalable real-time processing of NetFlow data instead of just collecting it. NetFlow alone is not the answer and an Application Management 2.0 solution must have a framework that allows for multiple and diverse data sources.

Xangati UI: Dashboard View 5. How is the Xangati architecture helpful?

Jagan Jagannathan: First thing you would notice is a streaming (to-the second) visual for any window they open instead of a static report page. The second is that applications, end-users, servers and network interfaces are all elements that are given equivalent status in our system -- whereas flow collectors put a primacy on the network interface. The third is that identity is established for all IPs (inclusive of all VM instances as they have distinct IPs) because to track application performance issues between a specific end-user and a specific server you have to know who and what they are at all times, especially in a virtualized environment. The fourth is that you can dynamically pan-and-zoom to view interactions for a given application and all the elements it "touches" -- and even pivot your view to look at things from the end-user perspective. The list goes on. The result is a cost-effective solution that can be deployed immediately to provide real-time situational awareness of the workload and interactions of every application on my network. It also provides unparalleled visibility into the end-user application experience, so IT operations is not blind to issues that could be affecting application performance.

Comparison Table: 2.0 vs. 1.0 Solutions 6. Can Cisco NetFlow be used to create budget justifications for new equipment?

Jagan Jagannathan: Application Management 2.0 leads to less finger-pointing from other IT teams and therefore a less hectic workload. And yes, we also find that we help network engineers create budget justifications for new equipment by enabling a direct tie-in with virtualization projects. For instance, network engineering can justify a purchase of the Cisco Nexus 1000V virtual switch as a must-have because only it can support application-level visibility through NetFlow. That’s even though traffic never hits "the wire" because this traffic is flowing back and forth within a physical host.

7. Does Cisco NetFlow provide enough granularity about applications?

Jagan Jagannathan: NetFlow will reference application information in terms of the protocol and source-destination port pairs; however, there are easy ways to convert that information into a differentiated and named application. An application can be defined very simply by a combination of the protocol & port pairs and the specific servers generating the application. Those servers can be internal and allow one to define an SAP web front-end or external like At a more advanced-level, we have been able to use NetFlow to identify application signatures of things as disparate as malware and Skype--which is incredibly important as more and more applications support end-to-end encryption.

8. Can Cisco NetFlow help the planning process for someone leading a virtualization project?

Jagan Jagannathan: Yes.

An Application Management 2.0 solution answers 4 critical questions helping you create a prioritized worksheet of your targets for physical to virtual migration:

1. What is the complete active inventory of my servers?
2. What is the active inventory of applications on those servers?
3. What is the user community tied to these servers and when are they active?
4. What is the complete application workload down to each one of these servers?

Knowing the above will give you your first targets, which are servers with minimal application workload and a small user community. Anchoring on these "low-hanging fruit" will lead to a fast and pitfall-free phase one implementation, which will allow you to show a quick project win. Thereafter, the same information will help you work through the rest of your list. 9. How can Cisco NetFlow help with performance optimization in a virtual world?

Jagan Jagannathan: There are a number of ways, but let’s focus on design. Our solution provides a 360 degree vantage point of every application and every server. In doing so, you are aware of not just the top overall communication pairs, but ones that are directly related to your target list of applications and servers. And once you have this information, you can leverage it to figure out which communication pairs it might make sense to co-locate on the same physical host. As an example, this way you could make sure that a virtual storage element and its three top data sources are all in one physical place. That means they can pass data back and forth without having to contend for resources on the physical network.

10. Why is Cisco NetFlow better than the equivalents from other vendors?

Jagan Jagannathan: NetFlow has become the de-facto terminology for this class of "flow data." Even if vendors ultimately rally around IPFIX as the standard solution, NetFlow will remain the catch-all term (besides IPFIX is essentially Cisco NetFlow v9). Additionally, Cisco has a significant leg up on its competition in the virtual world with the 1000V. Cisco’s 1000V solution is frankly an under-promoted part of the Unified Computing System (UCS) architecture, given that their competitors are effectively ceding the virtual switch market to them. Application level visibility for communication among virtual elements within a physical host is a must-have; otherwise, you have effectively created a tremendous gap in management visibility.

Cisco Nexus 1000V Video Data Sheet

Do you agree with Jagan that Cisco NetFlow is the only solution for application management in a virtualized world? BradReese.Com Cisco Refurbished - Services that protect, maintain and optimize Cisco hardware Contact: Brad Reese | Twitter:

  1. Cisco multimillionaire goes broke, loses $300 million fortune
  2. Cisco expected to guillotine more employees this Thursday
  3. Why HP ProCurve is dismantling Cisco's market share on a deal-by-deal basis
  4. Cisco lost market share in network security appliances and software in 1Q09
  5. Cisco CEO John Chambers quacks up the Cisco workforce and is an Internet sensation to boot
  6. The sudden and unexplained departure of Cisco data center marketing honcho, Douglas Gourlay
  7. Is Marc Andreessen betting $300M against Cisco's successful acquisition model?
  8. Enterasys NAC sales triple
  9. New NTIA administrator owned Cisco stock when Cisco granted coveted NTIA Buy American exemption
  10. New worldwide Cisco CCIE count surpasses historic 20K milestone
  11. Average tenure of a senior Cisco executive is 11.5 years
  12. It appears Agito Networks has surpassed competitors on mobile handset technology
  13. Cisco selling refurbished Linksys directly to end users
  14. Will Liquid Computing pour cold water over Cisco's ambitious unified computing system?
  15. New Apple iPhone 3G S will kill the Cisco Flip video camera
  16. How to reduce the high cost of T1 service
  17. New Cisco tool for those who don't know or use binary math
  18. Comment from Network World reader removes Cisco SVP Judy Lin's face from Cisco's Mount Rushmore of senior executive biographies
  19. Executive who outsourced U.S. jobs to India appears to be leaving Cisco
  20. View Brad Reese on Cisco Story Archives
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)