Rapid time to market is becoming increasingly important in the rollout of new applications and services, or, in simpler terms: everyone wants to be first. So new architectures are planned with virtual environments and hybrid clouds on the drawing board and implemented to then learn that customers complain about a loss of quality in VoIP service and online gamers for long ping times. This waiting for customer complaints is one of three basic ways to learn about the performance and resilience of your network, but certainly not the most promising. Waiting for a hacker attack to paralyse your network is the second option, but its popularity has limits, too. The third option is called "test".
However, not all test methods are suitable for ensuring the availability of services and applications. Approaches to validation of performance and security, with no realistic assumptions about application loads and attack techniques, quickly lead to a false sense of security. Only tests based on realistic conditions receive reliable information about the behavior of the network and security infrastructure. Big Data and especially the internet of things (IoT) will generate significantly higher loads, and the best way to determine how a network will handle these loads is to make sure that each component required for the provision of services and applications, is tested under the most severe expected load conditions.
The best place to start is at the beginning
The ‘connected world’ is no longer just a buzzword, it is reality. More than 5 billion devices are already connected to the Internet, and the rate of new connected devices will only accelerate with the proliferation of IoT. A report from Cisco and DHL forecasted that by 2020, there will be about 50 billion devices connected to the Internet, 10 times more than there are today. Many of these devices run complex applications that need to communicate with each other around the clock. These increasing user endpoints not only automatically generate more data, they place greater demands on the performance and availability of a network infrastructure. In particular, Web 2.0, HD video, and social networking, combined with big data and IoT have a virtually unlimited hunger for bandwidth. In a report published in January 2016 entitled "ENISA Threat Landscape 2015" the European Agency for Network and Information Security (ENISA) stated that the number of DDoS attacks with a bandwidth of over 100 Gbps has doubled in 2015, and will continue to increase.
Meeting these growing demands on a network infrastructure requires a massive upgrade to the data centre, ranging from migration of their top-of-rack to server connectivity from 10 GbE to 25 GbE and 50GbE, to enhancing the core network with 100 GbE technology. The expected result of this type of upgrade is significantly higher data rates with approximately the same footprint and power consumption, as well as a higher server density and reduced cost per bandwidth unit. But what guarantees do enterprises have that these expectations will be achieved under real world conditions?
In addition, unique characteristics of network devices, storage, and security systems, coupled with the virtualisation of resources, the integration of cloud computing, as well as SaaS, can significantly slow the introduction and delivery of new services. To ensure the data rates needed to deliver new services anytime, anywhere, requires infrastructure tests that go above and beyond standard performance tests of individual components.
Customers and internal stakeholders do not care how many packets a web application firewall can inspect per second. They only care about the application response time, which depends on a number of factors. These include the individual systems in the network and their interaction, the application specific protocols and traffic patterns, as well as the location, and time of day, of the security architecture. Therefore, it is imperative to test the entire delivery path of an application - end to end - under realistic conditions. This means using a realistic mix of applications and traffic workloads that recreate even the lowest layer protocols. Simple and standardised tests such as IO meters in complex environments are simply not enough.
Testing under real conditions
Enterprise data centres need a test environment that reflects their real load and actual traffic, including all applications and protocols, such as Facebook, Skype, Amazon EC2 / S3, SQL, SAP, Oracle, HTTP or IPSEC. It’s meaningless, and dangerous, to test a data centre infrastructure with 200 Gbps of data, when the live network experiences peak loads of over 500 Gbps. Additionally, when testing, consider illegitimate traffic including increasingly frequent DDoS and synchronised attacks on multithreaded systems. Since attack patterns are constantly changing, timely and continuous tests are crucial. One way to ensure the consistency and timeliness of testing is to leverage an external service that can analyse current attack patterns and update the test environment continuously and automatically.
Testing complex storage workloads can only be achieved with real traffic. Cache utilisation, deduplication, compression, as well as backup and recovery, must be tested with all protocols used -SMB2.1 / 3.0, NFS, CIFS, CDMI or iSCSI - and optionally tuned to ensure compliance with defined service levels.
While the need for stringent testing is obvious for a new data centre, it is equally important when consolidating or integrating hybrid clouds. This is because each new application, and even updates and patches of existing applications, can significantly alter the performance and response times of the network.
DIY or TaaS?
Ensuring optimal data centre performance not only requires investments in test systems, but also in the employees entrusted to manage it. In addition to the development and testing of a network infrastructure, equally important is the development of a qualified test team. Enterprises do not typically hire dedicated test engineers, and network and security architects are not always proficient in the design and execution of comprehensive tests to ensure their applications and IT systems can handle strenuous loads and sophisticated attacks.
If budget is an issue, external TaaS offers (Testing as a Service) offerings can be a useful addition to an in-house solution, especially for larger projects. An external service provider can help determine which systems are the best fit within an existing environment, or before the rollout of a new demanding application such as online gaming. Performance and reliability tests of wireless environments or WAN assessments are other examples of complex projects for which an external TaaS service provider is well suited.
So the choices are simple: Wait for customer complaints to learn about the performance and resilience of your network; wait for a hacker attack to paralyse your network; or put your network and applications to the “real” test with solutions and offerings that replicate your specific load requirements. No brainer.
Article by Areg Alimian, solutions marketing senior director at Ixia