How AI helps organisations move to proactive observability

Stephen Amstutz, Head of Strategy and Innovation at Xalient explores how AI helps organisations move from network monitoring to proactive observability.

In today’s world, the volume of data and network bandwidth requirements are growing relentlessly.  So much is happening in real-time as businesses adapt and advance to become more digital, which means the state of the network is constantly evolving. Meanwhile, users have high expectations around applications – quick loading times, look and feel visually advanced, with feature-rich content, video streaming, and multimedia capabilities - all of these devour network bandwidth. With millions of users accessing applications and mobile apps from multiple devices, most companies today generate seemingly unmanageable volumes of data and traffic on their networks. 

Networks are dealing with unmanageable volumes of data

In this always-on environment, networks are completely overloaded, but organizations still need to deliver peak performance from their network to users with no degradation in service. But traffic volumes are growing, and this is bursting networks at peak hours, akin to the M25; no matter how many lanes are added to the freeway, there will always be congestion problems during the busiest periods.

As an example, we're seeing increasing need for rail operator networks to handle video footage from body-worn cameras, in order to cut down on anti-social behavior on trains and at stations.  However, this directly impacts the network, with daily uploads of hundreds of video files consuming bandwidth at a phenomenal rate, yet the operators still need to go about their day-to-day operations while countless hours of video footage are uploaded and processed.

This is a good example of where AI and ML can and is helping organisations take a proactive stance on capacity and analyze whether networks have breached certain thresholds. These technologies enable organizations to ‘learn’ seasonality and understand when there will be peak times, implementing dynamic thresholds based on the time of day, day of the week, etc., as a result.  AI helps to spot abnormal activity on the network, but now this traditional use of AI/ML is starting to advance from ‘monitoring’ to ‘observability’. 

So, what is the difference between the two? 

Monitoring is more linear in approach. Monitoring informs organisations when thresholds or capacities are being hit, enabling organisations to determine whether networks need upgrading.  Whereas observability is more about the correlation of multiple aspects and context gathering and behavioral analysis. 

For example, where an organisation might monitor 20 different aspects of an application for it to run more efficiently and effectively; observability will take those 20 different signals and analyze the data making diagnostics with various scenarios presented.  It will leverage the rich network telemetry and generate contextualised visualisations, automatically initiating predefined playbooks to minimize user disruptions and ensure quick restoration of service. This means the engineer isn’t waiting for a call from a customer reporting that an application is running slow. Likewise, the engineer doesn’t need to log in and run a host of tests, and painstakingly wade through hundreds of reports, but instead can quickly triage the problem.  It also means network engineers can proactively explore different dimensions of these anomalies rather than get bogged down in mundane, repetitive tasks.

This delivers clear benefits to the business by reducing the time teams spend manually sifting through and analyzing realms of data and alerts.  It leads to faster debugging, more uptime, better performing services, more time for innovation, and ultimately happier network engineers, end-users and customers. Observability correlation of multiple activities enables applications to operate more efficiently and identify when a site’s operations are sub-optimal with this context delivered to the right engineer at the right time. This means a high volume of alerts is transformed into a small volume of actionable insights.

Machines over humans

Automating this process, and using a machine rather than a human, is far more accurate because machines don’t care how many datasets they must correlate. Machines build hierarchies, and when something in that hierarchy impacts something else, the machine spots certain behaviors and finds these faults. The more datasets that are added, the more of a picture this starts to build for engineers who can then determine whether any further action is required.

Let’s touch on another real-life example. We are currently in discussions with a large management company who own and manage gas station forecourts. They have 40,000 gas stations, and each forecourt has roughly 10 pumps, equating to 400,000 gas pumps across the US.  Their current pain point is a lack of visibility into the gas pumps and EV chargers connected to the network.  As a result, when a pump or charger is not working, they might only become aware of this following a customer complaint, which is far from ideal.

The network telemetry that we are gathering, and that behavior analysis, means we are developing business insights, not just network insights. We can see if a gas pump stops creating traffic, which triggers a maintenance request to go and fix the pump. This isn’t a network problem, but the network traffic can be leveraged to look for the business problem. This is a use case for gas pumps and EV chargers but imagine how many other network-connected devices there are in factories or production facilities worldwide that could be used in a similar way.

Getting actionable insight quickly

This is where our AIOps solution, Martina, predicts and remediates network faults and security breaches before they occur. Additionally, it helps to automate repetitive and mundane tasks while proactively taking a problem to an organization in a contextualised and meaningful way instead of simply batting it across to the customer to solve. Martina discovers issues with recommendations around tackling the problem, ensuring that organizations always have high-performing resilient networks. In essence, it essentially makes the network invisible to users by providing customers with secure, reliable, and performant connectivity that works. It provides a single view of multiple data sources and easily configurable reporting so organizations can get insights quickly.

Executives and boards want their network teams to be proactive. They won’t tolerate poor network performance and want any service degradation, however slight, to be swiftly resolved.  This means that teams must act on anomalies, not thresholds, to understand behavior to predict and act ahead of time. They need fast MTTD and MTTR because poor-performing networks and downtime impact brand reputation and ultimately cost money! This is where proactive AI/ML observability really comes into its own.

Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security