Predictive networks: How realistic are they?
While the associated term might sound magical, predictive networks make use of real historical data to predict network events. Be ready for a bit of complexity, though.
Predictive networks are a popular concept, but the term can suggest some incredible magic occurs to predict the future. As such, it's important to explore how realistic predictive networks are, what we can expect them to achieve and how they differ from proactive networks.
A proactive network uses analysis of collected network data to detect problems, at the same time or slightly before customers and applications are affected. Proactive network management products are successful and don't require highly specialized staff to make them effective. Most of the networks I encounter are still working to achieve proactive status.
In contrast, a predictive network uses massive amounts of historical data to predict the recurrence of network events based on past history. It is a typical big data application, with machine learning or artificial intelligence that learns from past history and creates the predictions.
Predicting events for the next month requires many months of historical data to feed a deep neural network. You'll also need some big data scientists who understand how to structure and analyze the required volume of data. If you want to roll your own system, numerous machine learning programming libraries are available for different languages, with Java and Python being the most popular.
Using predictive network analytics
If you don't have big data scientists at your disposal, you can still use predictive network analytics. Available products include Illumio, GuardiCore and Cisco Tetration Analytics. Most products seem to focus on security, using behavioral analytics to drive the detection of malware and attackers.
Predictive network analytics products are complex platforms. They use big data tools like Hadoop data lakes, the Apache Kafka messaging system and data modeling. This type of work is different from networking or network management, so don't assume it will result in reduced staffing.
Enterprises should also expect to learn the system in months and to collect enough historical data before it provides real value. Do your homework before deciding on a product, and understand what types of predictions and analysis it can perform. If the product is focused on security, it may not provide any value for diagnosing a poorly performing application. It is easy for expectations to exceed what's possible, so do your research before buying.
The volume and quality of data directly correlate to successful predictions. The data collection elements could be software modules that must be installed on application servers. This location provides visibility into all elements of an application server, including which process is consuming memory or whether another process is generating excessive network traffic.
Application server administrators will be comfortable with an additional module running on the servers. I know of one instance in which an application administrator asked to remove a data collection module because the server wasn't performing as expected. Instead, the analytics administrator took a look at the data coming from that server and identified another software element that was generating excessive network traffic. That information allowed the server administrator to track down the problem. Note that the system didn't automatically identify the problem; it required someone to drive the investigation.
Fine-tune your result expectations
The next step regarding predictive networks is to look at the results you expect from predictive analytics. Some questions you can consider include the following:
- Does the system automatically identify problems -- or potential problems -- and take action? Or, does it simply report the problem, after which a human must respond?
- Is real-time action needed? This indicates the need for an automated response.
- How does the system get feedback? Does it need a human to identify anomalies it can then automatically find in the future?
Investigate whether sanitized data is available from other customers with the same applications. This can drive faster learning and more accurate actions.
Read up on predictive networks
The predictive analysis market is new, and most of the focus is on building your own system. I recommend reading about building an infrastructure in order to learn about the internal construction of such systems. That knowledge will help you communicate with a vendor's technical staff.
If you're thinking about building your own infrastructure, the following articles can help you determine if it's something you wish to tackle:
If you're still trying to get to proactive network analysis, you can jump directly to predictive network analytics by using a vendor's product. The big factor to take into account is the change in network management processes, most of which is due to cultural shifts. It can be challenging and rewarding.