A little over a year ago I came to ExtraHop with no prior knowledge of the world of networking outside of selling HP Procurve switches in my formative years. The interesting thing is that my lack of familiarity put me on even footing with many of the customers who need a product like ExtraHop.
When people hear network, they think about the OSI model, UDP vs. TCP, L2 to L4… they think about a lot of things they consider a black box. What I quickly realized in my time here is now what everyone needs to realize: the network is more than just transport, it's the greatest source of insights in your entire environment.
It's Time to Rethink the Network
Too often, the network is seen as just transport, a commoditized utility. It is this role that makes the network so unique in a data collection space. It's ubiquitous, it's everywhere, everything flows through it, it is high speed, immediate, and the closest you can get to the source. With ExtraHop deployed, all this data is unlocked.
But that's all just network data right? Wrong, the network is just the ultimate source that allows you to tap into data across every department and role.
My Own Light Bulb Moment
Last November we launched ExtraHop 5.0 and introduced search functionality for transactions. I was working on a security scenario in our online demo showing how the network can provide insight into malicious data exfiltration attempts. In the demo I was looking at network traffic (expected), Identity information (Wow, you can see LDAP and Kerberos. That's cool!), but the moment my mind was blown was when I saw the SQL queries.
Without ever installing an agent or turning on a profiler we were seeing a request into a database, what was returned, and how long it took. That stopped me in my tracks. Not once had I considered our usefulness to a Database Administrator or Data Scientist for that matter. At that moment of exploring the ExtraHop security demo, I became convinced we could add a ton of value for these roles.
Life Could Be Better for Everyone
I will first start with an obvious statement: being data-driven across all roles and departments will result in better operations. Another obvious statement: when teams collaborate it is better for them all to be working from the same dataset to avoid confusion and contention.
Given these parameters, any visibility platform you use will work best if it can:
- Cover the entire organization
- Add contextual value for each role
- Correlate across disparate systems
If you haven't guessed by now -- ExtraHop fits these criteria perfectly, and in the hands of someone who understands their network, it is incredibly powerful.
So just how can some of these roles benefit from total visibility into the network?
The CIO - greatly reduce the contention between groups by creating a data-driven decision-making culture, eliminate blind spots that later turn into headaches, and drive down the costs of delivering IT while transforming IT into a differentiator for the business.
IT Operations Roles - ability to baseline and improve service levels, have more predictable migrations, and reduce IT spend by being more efficient and consolidating redundant systems that hide within the complexity of the data center.
Security Roles - gain a new understanding into what lies within their perimeter, can strengthen their security posture by optimizing identity systems, and get real-time visibility of threats by seeing anomalous behavior as it occurs.
VDI/Citrix Admins - the ability to see across their environment and dependent systems, deeper insights into the user experience, and as our customers love to point out to us the ability to actually find the ghost in the machine (please, people, stop loading photos in roaming profiles).
Storage Admins - an understanding of how their storage is performing alongside other systems that make up an application delivery chain, the ability to guard against ransomware, and also detect data exfiltration before they end up on the news.
Don't forget the networking folks. Eliminate finger pointing for the network, become an information broker for the organization, optimize and deliver strong network performance.
I could go, on and on about more roles (including the database team) but the reality is if you are in a group that has a system connected to the network we can likely help you by delivering deeper insights in a way that is much easier than what you're currently used to.
As our CEO Arif Kareem wrote eloquently about, there is a digital transformation coming and the network is at the heart of it. Yes, networking teams have a lot to gain, and conversely a lot to lose if they don't get onboard; but this critical path forward isn't just for their benefit.
If you haven't adopted a data-driven strategy, if you fail to tap into the richest source of data in your environment, or if you cannot gain contextual insights from this data source due to poor tools; you will be at a substantial disadvantage to your peers. It's time to rethink the network because it will be the differentiator in IT Operations.
This is a companion discussion topic for the original entry at https://www.extrahop.com/company/blog/2016/rethink-the-network-to-empower-it/