Cisco observability: What you need to know

Cisco adds details to its forthcoming Full Stack Observability architecture and plans for integrating telemetry across domains.

Observability may be the latest buzzword in an industry loaded with them, but Cisco will tell you the primary goal of the technology is to help enterprises get a handle on effectively managing distributed resources in ways that have not been possible in the past.

The idea of employing observability tools and applications is a hot idea. Gartner says that by 2024, 30% of enterprises implementing distributed system architectures will have adopted observability techniques to improve digital-business service performance, up from less than 10% in 2020.

“Today’s operational teams have tools for network monitoring, application monitoring, infrastructure monitoring, call monitoring, and more, but they rarely intermingle to provide a cohesive view of what’s going on across the enterprise,” according to Carlos Pereira, Cisco Fellow and chief architect in its Strategy, Incubation & Applications group.

Observability looks to address real problems by gathering information across domains and using it to show how one domain influences another and to predict problem areas or trigger incident management, Pereira said.

“By using observability tools, the business is able to determine the state of its applications with a high degree of certainty and understand how their services impact business key performance indicators and customers’ digital experience,” Gartner wrote in a recent observability report. “Observability enables quick interrogation of a digital service to identify the underlying cause of a performance degradation, even when it has never occurred before.”

At the recent Cisco Live! event in Amsterdam, Pereira provided a preview of the underlying architecture for observability called the Cisco Full-Stack Observability Platform. It’s expected in June, though some details have already been announced.

For example, at the Live! event Cisco said it will be unveiling deeper, bi-directional integration between AppDynamics and Cisco’s ThousandEyes digital-experience monitoring software. The tighter integration will enable correlation of business issues across application transactions and their dependencies, end-user experiences, the network path, and internet routing.

Last year, Cisco announced AppDynamics Cloud will offer applications and services that correlate telemetry across multiple domains. 

Telemetry use is at the core of observability. Pereira said Cisco’s Full-Stack Observability will bring together the widest set of telemetry data in the industry—

metrics, events, logs, and traces (MELT), driven by OpenTelemetry—and feature a broad portfolio of Cisco technologies as well as an ecosystem of partners and open-source tools.

OpenTelemetry, which is being developed under the Cloud Native Foundation, is a collection of tools, APIs, and SDKs used to instrument, generate, collect, and export telemetry data to analyze software performance and behavior. It’s being developed by contributors from AWS, Azure, Cisco, F5, Google Cloud, and VMware among others.  

Cisco expects that the sheer volume of MELT from its ecosystem of enterprises, telcos, and cloud relationships combined with its family of industry partners will give it competitive advantage, including development of applications to improve observability, Pereira said.

The Full-Stack Observability Platform will also take advantage of Cisco’ security portfolio and research to provide telemetry that can be included in new applications to control security across multiple domains.

“The ability to map and correlate security telemetry with all of our other information gives us a huge advantage as we look to help customers manage systems across multiple domains in multiple geographic regions,” Pereira said.

An example of this is the announcement last week of a Business Risk Observability application designed to gauge the seriousness of vulnerabilities and prioritize which are most pressing. It combines data from multiple sources to generate a business risk score for applications or services that have a high likelihood of exploitation and attacks. It gathers data from Cisco’s Kenna Risk Meter, business transaction details from Cisco AppDynamics, API details from its Panoptica software, and threat intelligence data from Talos, its security-research arm.

“If customers have 100 vulnerabilities across their network, they don’t want to hear that they need to patch them all because that just doesn’t happen. They need to know which ones to prioritize, and that’s what Business Risk does,” said Tom Gillis, senior vice president and general manager of security at Cisco. “It gives customers a better understanding of the risk of problems and the business impact of fixing them.”

In a highly distributed world, observability must stretch across all points on the enterprise network edge, whether that be user devices, campus and branch sites, multi-cloud endpoints, or IOT endpoints, said Brandon Butler, research manager with IDC’s Enterprise Networks practice speaking at a recent Cisco-sponsored webinar.

“It's important for the visibility platform to be able to enhance automation platforms, to be able to not just identify when there's a problem in the network, but actually either recommend ways to fix it or proactively mak that fix before it impacts users,” Butler said.

Add security to that, because you can't secure the network unless you know what's actually happening in the network, Butler said.

“So observability platforms provide a foundational layer for being able to enhance the security footprint of the enterprise network edge as well,” Butler said.

Taken together, components of the observability technology will drive use cases such as improving performance and optimization enterprise resources, as well as application security, Pereira said. 

Copyright © 2023 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022