On his quest to find the golden city of Timbuktu, explorer Alexander Gordon Laing would dispatch a trusty messenger to carry updates back to his sponsors in Tripoli. Laing wouldn’t know for months if the messenger made it, if he ever knew at all. That was a typical problem with 19th-century information “technology.”
Today, people who live and die by network and application performance worry about information lag, too — and for good reason. According to a survey by Infonetics Research, outages and slow-downs cause midsize companies to experience about 140 hours of downtime every year, to the tune of about $800,000 annually. Focusing on the source of application outages could save many organizations “a significant amount of money,” Infonetics analysts conclude.
There is no lack of vendors offering ways to monitor network performance, but SevOne does a few things that might make it stand out. The company launched in 2005 to develop network- and application-performance technology that would be real-time responsive, but inexpensive and easy to use compared to legacy products. The technology is targeted at people who need to see exactly what’s going on and when, way out across their network empire, remote outposts and all.
“We developed a distributed, peer-to-peer architecture for network management that allows our customers to capture the data they need to respond to specific performance issues,” says SevOne CEO Michael Phelan. “Our design criteria were to make something very scalable, that could accommodate change very quickly, and was much faster than other tools. Being able to scale to cover every application, every device, in a cost-effective and meaningful way are a few of the things that we think make us unique.”
Its software and two types of appliances embody the company’s technology. The Performance Appliance Solution (PAS) is the standard device, incorporating SNMP and NetFlow monitoring, alerting, and sub-minute polling. There are five PAS models, capable of watching from 5,000 to 65,000 network elements. The Dedicated Network Flow Collector (DNC) appliance exists specifically for large NetFlow-based deployments. SevOne’s hardware/software package installs in a datacenter “as near to end-users as possible to collect traffic data and allow operators to immediately pinpoint problems anywhere and avoid developing slowdowns,” Phelan says.
“Each one of our appliances is both a data collector and a reporter,” he explains. “They can work stand-alone, or be joined with others using our P2P architecture. Essentially, they operate as a distributed environment, processing volumes of data that gets pushed out. You request a report or an operation. One appliance could be in Boston, one in New York, one in Chicago, and they all work together. It’s a lot like a grid computer. All the systems share a database that lets them know which peer has the information needed to originate a report. You can log into any of the peered appliances to get a report on any indicator.” SevOne supports all the usual application and network monitoring standards. If, for example, a spike is identified using SNMP, an analyst can drill down further using NetFlow.
SevOne set out to design a system that can scale not just in terms of network size but that also can expand to handle new devices and new applications quickly. “Our company founders have a background in the banking industry, where consolidation has resulted in organizations having two of everything, lots of legacy tools, management tools from all kinds of vendors,” says Phelan. “They’re asked to handle different types of applications, like video and VoIP, and different types of devices. There’s frustration trying to keep pace with these changes.”
As new routers, switches, access points and so on are added to a network, PAS can either discover them automatically or they can be added using an API. “In a health care situation, you might add a new scanner to the network,” Phelan says. “We can have it logged in and be monitoring its performance sometimes in minutes, perhaps a couple days at most.”
In an increasingly on-demand real-time world, though, it’s not only what you can monitor, but how often. “A lot of bad things can happen in under a minute,” Phelan says. “Our technology can monitor the most critical components, including your server CPUs all the way to up-links, at whatever frequency your … service level agreements require. If performance requirements aren’t going to be met, our appliance can issue an alert. Critical links need to be monitored at sub-minute frequencies, and our system will let you do that. Our customers in financial trading need to monitor things down to the second.”
He continues, touting the distributed nature of the solution: “The system has to be able to react. Bad things happen quickly. You can’t wait for reports to generate. With our appliances stationed across the network, we’re using processors across that distributed grid to create large reports that have millions of indicators in seconds. People think we’re using a canned graphic when we produce a graph that charts utilization over 24 hours and it takes a tenth of a second. We have all these cores working together to collect data and generate a report.”
SevOne’s system also yields a more accurate audit trail, providing historical data that lets customers demonstrate performance transparency, “to show then they had bandwidth, they had the switches in place, down to the individual device,” Phelan says. “Legacy solutions average out or roll up the old data. Days might show up as a single data point. A five-second spike would be completely flattened out using those tools. With our reporting capabilities, you can pinpoint any time to the level of granularity you need, which is important because a five-second spike can cause a serious disruption to a financial transaction or a VoIP application.” Each SevOne appliance can store about a year’s worth of detailed data, the company says.
One SevOne user, Aramark, suffered a spike that slowed the order processing system down to 5 percent of its usual speed. “The IT director was able to look at the screen, see the SNMP spike, take the cursor, highlight the spike, and with a few clicks determined that all the traffic was related to people going online for election coverage,” Phelan says. “We provide that overall visibility from one screen, one pane of glass. You don’t have to open another application, and can resolve down to individual IP addresses to see who is using what infrastructure.”
The Cable’s Out?!?!!!
There might be no provider as familiar with angry customer service calls as the cable company. To keep those calls to a minimum, broadband operator Comcast looked for a tool giving it better insight into all the components in its infrastructure. Comcast’s IT managers also wanted a system that could provide that insight on a continual basis, not just intermittently. Comcast chose SevOne because its tools gave Comcast the granularity and the rapid data retrieval needed to make sure service levels remain intact, Phelan says.
“One of the biggest problems our customers are facing is they need real-time monitoring,” says Vess Bakalov, SevOne’s chief technology officer (and former network architect at BankOne). “We use high-speed algorithms in our system to provide real-time performance management. Using our analysis tools and reports, Comcast is able to have the kind of performance transparency they need.”
Comcast’s Jeff Gill, senior director for network surveillance, confirms that SevOne’s system delivers the data his team needs in “two to five seconds,” whereas Comcast’s legacy system “would take three to four hours.”
Using SevOne’s application, “we can literally bring up a device in a particular region, state, or area of the network and get an all-around status of the device, from performance trends, history, current alerts and anything else happening that has some significance to the problem,” Gill says.
“One reason we displaced their incumbent solution,” Bakalov says, “is our scalability. We’re managing more than 10 billion nodes for Comcast. Our P2P architecture is unique. Some competitors might match us in terms of functionality, but we focus on the entire enterprise, and we don’t think anyone can match us in terms of volume.”
Other customers include NYU, SUNY Stony Brook, HBO, Cincinnati Bell, JP Morgan Chase, Thomson Financial and Credit Suisse.
SevOne says it competes with the likes of Concord/CA, NetIQ, InfoVista, HP and IBM, but Phelan says none of them provide the combination of real-time monitoring, speed of reporting, flexibility of polling frequency, easy interface, or scalability that its technology and appliance offer.
“The very distributed architecture, and the ability to deliver second-by-second performance views at a very low price point” distinguish SevOne, says Richard L. Ptak, analyst with Ptak, Noel & Associates. “They are very cost effective with near-real-time reporting. There are relatively few appliance-based management solutions in this space.” Ptak says SevOne is “definitely an emerging company with a product that addresses a compelling pain point.”