network analytics

Network analytics is the application of big data principles and tools to the management and security of data networks. By providing deeper insight into how a network is performing and how an organization is using the network, analytics can help IT improve security, fine-tune network performance, troubleshoot subtle problems, predict traffic trends, spot upcoming trouble and perform deep forensic investigations and audits.

To take advantage of network analytics, an enterprise needs an infrastructure capable of producing performance and utilization data for the network. The data could include low-level information, such as bit rates through a particular physical network port, collision and packet drop rates, and latencies. Higher-level information might include packets affected by specific security policies, originating from any given address, or bound for any given address. An enterprise also needs systems to collect, store and analyze this enormous amount of network data.

Typically, large enterprises use network analytics. Midsize or even large companies might consume network data analytics through a cloud service. Organizations with very complex networks, over-taxed networks or high-level security requirements are most likely to adopt network analysis tools. As the tools get easier to use, more standardized and less expensive, the technology will move down-market to smaller networks.

Additionally, network analytics will become more important and more broadly deployed as network security becomes more critical. And, in the wake of sweeping enterprise trends like IoT and microservices, the number and variety of entities on the network are expected to grow precipitously, leading to copious amounts of network data.

Network analytics and big data

Network analytics needs all the user-facing accoutrements of big data. These features include extensive dashboards, robust ad-hoc querying and reporting, as well as flexible and interactive visualization tools for exploring relationships, trends and anomalous events.

network analytics
Nyansa's Voyance global dashboard summarizes client events that are analyzed across an organization's network.

With the help of big data principles that apply machine learning and artificial intelligence (AI) technologies, network managers can acquire deeper visibility into network performance. Big data, however, can produce massive reams of information that could overwhelm IT groups. As a result, network managers are typically advised to focus on the actionable intelligence that big data provides rather than slogging through voluminous amounts of data.

Network analysis tools should also integrate with other systems, such as sending network events to a network operations center or to intrusion detection and prevention systems.

Predictive network analytics tools

Network and security operations could especially benefit from predictive network analytics. The rapid infusion of AI techniques -- including machine learning and neural networks -- into network analytics is quickly increasing the power and scope to predict future issues based on current network data.

These newer techniques allow tools to ingest more data, more kinds of data and from more sources. In turn, this wealth of data powers major improvements to understand the normal behavior of network entities, such as hardware, software and human elements. Next, network teams could identify and extrapolate changes in baseline and peer into both historical and future trending. These newer techniques can also power better detection of anomalous behavior, potentially indicating misconfiguration, current or emerging system malfunction, or current or incipient attack.

Over time -- and possibly with the inclusion of data from other networks -- predictive network analytics tools could detect gradual degradation of network performance, indicating a future failure in a network card, for example. Additionally, these tools could predict the emergence of a broad array of bad actors systematically probing networks for hardware with a known vulnerability, which suggests the organization's own hardware might be attacked.

This was last updated in September 2018

Continue Reading About network analytics

Dig Deeper on Network management software and network analytics