Back to Blog

Separating the answers from the data: Networking Field Day 29

Phil Gervasi
Phil GervasiDirector of Tech Evangelism
Kentik-NFD-unfurling-img

Summary

There is a critical difference between having more data and more answers. Read our recap of Networking Field Day 29 and learn how network observability provides the insight necessary to support your app over the network.


There is a key difference between having more data and having more answers.

That was the theme for Kentik at Networking Field Day 29. Rather than show the delegates how we collect network telemetry and use it to populate pretty graphs (who doesn’t love a colorful Sankey?), we wanted to show the delegates how everything we do is about helping an engineer actually solve real network operations problems — problems like figuring out why an application is super slow, or detecting a DDoS attack in real-time. In other words, it’s the difference between seeing what is happening and understanding why it’s happening.

That’s one of the things I appreciate about the Kentik company culture. In many of the internal conversations I’ve had with co-workers, I sense a genuine desire to find ways to help network engineers keep service delivery smooth and stable. Even the most academic and nerdy conversations were in the context of the problem we were trying to solve.

So when we talk about using a combination of flow data and synthetic tests to troubleshoot a problem, it’s because we found that’s a faster and better way to find the root cause of network issues. And honestly, it’s a better way to find proof that it isn’t a network problem, too.

In the presentation below, Brian Davenport, one of Kentik’s superstar Solutions Engineers, talked about how Kentik combines flow data, enriches it with relevant metadata for more context, and augments it with the results of synthetic tests. The goal here isn’t just more data, although we certainly love more input into the system; instead, it’s all about how we combine it to better visualize how these metrics are related. That’s one important way we help you solve a complex problem faster and with less manual clue-chaining.

Our VP of Solutions Engineering, Justin Ryburn, spoke about the same concept, but focused on how Kentik consolidates and aggregates all the diverse telemetry we have today in one place. So, since Brian really hammered the idea that flow data and synthetic test data work hand-in-hand, Justin showed how flows, SNMP, VPC flow logs, streaming telemetry, and everything else we ingest all come together into one coherent system. We understand that each type of telemetry provides a different perspective of the network, and in his demo, he stepped through how we use all of this information to quickly isolate the cause of a slow web application (and yes, totally prove that it’s not the network).

This was the driving force behind what I wanted to say, too. I really wanted the delegates to understand that network observability, built on a foundation of diverse and accurate network data, is all about augmenting an engineer. It’s all about providing network operations with useful, insightful intelligence.

Sure, we use ML and some well-known statistical analysis algorithms to do some of that, but we consider ML as another tool in our toolbox, not the end-all be-all of what we’re doing.

So the way we use a time series model to forecast, or how we perform anomaly detection without a crazy number of false positives, or when we compare traffic patterns to our global threat feed to alert you of a DDoS attack in real-time, it always comes down to providing useful insight, not just more data to look at.

And when we alert you to a problem, we can often also tell you what other things you should check out and what the possible root cause could be. I mean, that’s like the actual dictionary definition of the word “insight,” isn’t it?

I’ve heard some in the networking community talk about network observability as marketecture or just a re-branding of traditional monitoring and visibility, but it really is so much more. Built on a foundation of traditional network visibility, network observability is the evolution of just being able to see what’s going on in your network to understand why something is happening.

To learn more, watch the entire playlist of our presentations from Networking Field Day 29 and download the Network Observability for Dummies ebook.

Explore more from Kentik

We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.