The proliferation of data on enterprise networks continues to increase with the rising demand for such technologies as virtualization, software-defined networking, and high-performance computing, as well as a growing dependency on mobility across the workforce. Couple this with a sophisticated cyber attack landscape, and it’s all IT can do to keep up with network activity.
Emulex, which plays a central role in connecting, monitoring and managing enterprise networks, conducted a survey to determine how much visibility network operations (NetOps) and security operations (SecOps) professionals actually have into critical events that happen within their networks, as well as such things as the tools they are using, how accurate their attribution and reporting of root causes is, whether they have experienced data breaches, and how much time and money network and security events cost their organizations.
Network Visibility Survey Results
Click through for results from a survey on network visibility and monitoring tools in IT operations, conducted by Emulex.
The study found that nearly half (45 percent) of IT staff monitor network and application performance manually, despite the availability of proven network monitoring tools. The study also found that it wasn’t an issue of budget constraints, as more than half of IT departments spend more than $1 million on such tools.
The main impetus for deploying such tools in the U.S. was to monitor network performance, while in Europe, the main reason was to monitor network availability. Only a very small percentage of respondents (under 10 percent) in either the U.S. or Europe listed breach prevention or detection as a reason for using networking monitoring tools.
Attribution and the blame game
One of the central issues related to a lack of visibility is the toll it takes on the human capital of the IT department. The concept of “Mean Time to Innocence” – in which IT groups are forced to prove that their department was not the one responsible for a network event – is all too common within enterprises today.
In the survey, 79 percent of respondents admitted to having experienced network events that were attributed to the wrong IT group, while 87 percent said they had reported the root cause of a network or security issue to their management team, later finding out they didn’t have the information necessary to be completely accurate in their assessment. Not surprisingly, more than one-third (39 percent) said this had happened to them more than once.
Security events on the rise
It’s no secret that cyber attacks have become much more sophisticated and that organizations are being breached at unprecedented levels. Recent high-profile data breaches at Target, Neiman Marcus and eBay prove that even the largest of organizations is susceptible to targeted or persistent attacks. Part of the equation for protecting enterprise networks from such security risks is the level of detection capabilities in use.
Eighty-three percent of respondents reported an increase in the number of security events they have investigated in the past year, while 81 percent of SecOps respondents said their organization had actually experienced a network security breach. Only 27 percent of breaches were discovered without the use of alerting tools – such as SIEM or NPM – through manual searches and user reporting, indicating the need for tools to provide analysis with accurate network traffic data.
Growing mobility demands
As more employees work remotely, communicate with company servers remotely, and bring mobile devices into the enterprise, IT organizations are working to provide a platform and processes to enable business operations from a mobile perspective. Eighty-four percent of respondents said their organization has implemented a bring your own device (BYOD) initiative. However, this added traffic, from various sources with differing quality and connectivity, requires even better monitoring capabilities.
Still, 26 percent of European respondents said they have no plans to monitor the network for performance issues related to BYOD. When combined with the fact that 45 percent of organizations are manually monitoring the performance of their networks, the growing amount of mobile device-generated traffic is on pace to overwhelm enterprise networks and potentially lead to more network and security events.
The cost of downtime
Perhaps not surprisingly given the lack of visibility these organizations have, 70 percent of NetOps respondents indicated that they have experienced a critical network event that took at least one full business day to diagnose. More than half of U.S. respondents (52 percent) said it costs their organization more than a half million dollars in revenue per hour when they have a network outage or performance degradation.