Cloud-based Monitoring Service for Software Defined Networks

Enterprises increasingly depend on computer networks and access to the Internet. Costs associated to network malfunctions are huge: they have been estimated via market surveys from around 30,000€/hour on average, to 4,000€/minute in data centers.

The first requirement to avoid malfunctions and correctly operate a network is network visibility, that is, the ability for network engineers to learn what is happening in a network: what applications are being used, identifying the root cause behind performance issues, and detecting attacks.

However, current network visibility solutions are not widespread enough, because of:

1 - Deployment complexity. Deploying a monitoring product requires expert technicians and entails planned interventions and potential downtime

2 - Excessive upfront costs. Current products are overly expensive, based on appliances or specialized hardware – and therefore upfront costs are hard to justify with a dubious return over the investment.

This project aimed to create a zero-hardware network visibility and security solution for both traditional and SDN-based networks that not only can be deployed with one click, seamlessly collect network traffic statistics for network visibility, and send them to the (our) cloud for analysis but can also act on the network to block attacks (e.g. DDoS), impacting the quality of experience for other users.

The successful completion of this project, both in terms of product and company, resulted in the interest and final acquisition of Talaia by Auvik Networks Inc.. This Canadian-based company will integrate last advances implemented in Talaia's products in their current portfolio to provide a unique and comprehensive solution for network management for MSPs.

Using as starting point for our project the minimum viable product (MVP) developed during the first phase of the SME Instrument project and original Talaia’s products, Talaia, now Auvik, has been following an iterative approach to implement a unique product for active visibility and security in both traditional and SDN-based networks. In addition, Talaia has created the distributed infrastructure necessary to handle its massive-scale commercialization.

Talaia, with negligible exceptions, has achieved all the objectives proposed in the project. First, Talaia has created a solid technological foundation by combining big data and stream processing technologies with machine learning algorithms. This technical foundation powers the solution to ingest massive amounts of network metadata from the cloud. The main advantages of this approach are (1) it enables zero-hardware network visibility, and (2) it extracts rich insights from network activity, thus achieving a product that solves the problems of deployment complexity and excessive upfront costs of incumbent solutions. Second, a cutting-edge platform has been implemented in order to allow the massive-scale commercialization with crucial features: high available, fault tolerance, scalable, cost efficient, data integrity. Last, a set of new features covering last needs from the market have been created. Special attention got the implementation of the attack mitigation feature, that allowed our solution to actuate in the network (e.g. DDoS mitigation) without the need of extra hardware deployments to perform the mitigation.

The results of the project could not be better, as as a result of the awaken interest, the company has been acquired by Auvik Networks. Therefore, the strategy implemented during this project for the exploitation and dissemination of the product is no longer needed, as the product will be fully integrated in Auvik's product and the strategy will consequently be adapted.

Current network visibility solutions are not widespread because they are excessively hard to deploy and expensive, which creates uncertainty about their financial viability. This is because they are based on specialized hardware and/or appliances that are meant to be deployed within the network, gathering a copy of all communications, which is computationally expensive. Additionally, the network visibility industry has missed the transition to the cloud and the software-as-a-service (SaaS) model that other industries have undergone long ago.

With the new solution implemented in this project, network security and visibility no longer requires deploying any hardware nor appliances (physical nor virtual). Instead, network activity metadata is collected from the cloud, thus simplifying deployment to the extreme. Additionally, this is a solution that is offered as a service from the cloud (SaaS), which removes upfront costs. As a consequence, companies can measure return over investment without commitment, and by de-risking investments in network visibility, more companies can now deploy it. Since nowadays companies increasingly depend on networks, we envision our new solution will contribute to a more efficient productive fabric.

In the last months, we focused on leveraging SDN technology to not only gather visibility, but also to act on the network, with the end-goal of fully removing the need for deploying hardware appliances in the network for both visibility and control.

Even so, the acquisition by Auvik Networks completely changed the focus of the product and its impact. With the acquisition of Talaia, its team and technology, Auvik not only wants to make easier the network management for MSPs but also provide them all the visibility and security-related features developed in this project, something unique in this market that nobody is providing so far.