Coping with the New Era of Application SLAs
Jim Frey is Vice President of Research, Network Management for Enterprise Management Associates (EMA) and is a featured guest blogger.
The steady moves toward internal/external cloud computing, virtualization, more complex web applications, BYOD, the App economy and new strategies for dealing with cyber attacks are bringing disruptive change to IT. These changes are mostly for the good, but along the way that have created a litany of new pain points and challenges. On the positive side, these forces are combining to move IT towards greater application awareness – in most cases is an effective proxy for business value awareness – and towards a more service-oriented mindset. In a small but growing number of shops, these shifts have even resulted in the use of application SLAs, by which IT teams commit to go beyond best efforts and “assure” that applications will be up, available, and performing to levels required by the business.
How can organizations prepare to support application SLAs?
To most, they would seem implausible at best, but the good news is that there is plenty that can be done to make progress in that direction, and to lay the groundwork for success.
Essential to this transition is establishing full application awareness among IT engineering and operations. Application awareness is what allows teams to align viewpoints and recognize how the physical/virtual delivery infrastructure (network, servers, and storage) is doing its job, enabling IT end users, customers, and partners to conduct business and do their work. Recent EMA research revealed that fully two thirds of enterprise network management teams consider service quality to be an increasing priority, and well over half said the same regarding end user experience and application performance.
That same study indicated that fully 40% of enterprises have folded their traditional NOC into a converged, cross-domain operations function, spanning network, systems, storage, applications, and oftentimes security. These types of organizational and priority shifts acknowledge the need to embrace service-oriented thinking to better understand and protect the ultimate output of IT.
What if you aren’t there yet?
The reality is that choosing the right place for establishing the application-aware visibility and application-oriented controls that will be necessary to underpin application SLAs is not always a simple matter. Most management technologies are not automated, and thus are prone to be best effort/reactive — always too late to get ahead of application performance issues.
The best answer is to take a structured, strategic approach to preparing for Application SLAs.
- First, learn from those who understand the concept of SLAs – the service provider community. I recently had the chance to speak with a healthcare IT outsourcer that monitors all infrastructure and applications for a number of hospitals, clinics and medical offices. They entered into SLAs with their clients that are purely based on application responsiveness, and don’t even report what is happening with the underlying infrastructure! To do this, they had to rally around the applications and tie together monitoring data across multiple technologies, so they could relate everything back to those key/core applications. For your organization, try a similar approach – identify your key applications and what the expectations are among the line of business and user community. Start with agreed service level objectives (SLOs) while you work out how to measure and approach service quality, and work your way towards the more stringent approach of committed SLAs over time.
- Strictly define the SLA in your organization / per application – this should take place prior to monitoring/management the SLA.
- Next, take a look at your infrastructure and management technologies. Can they deliver the visibility you need into application activity and health (such as transaction and response times) in order to determine if you are in compliance with SLOs or SLAs? Can those tools and technologies tell you directly if are in danger of breaching a service level commitment?
- Third, the ability to automatically adapt to changing environmental conditions and implement capacity and traffic controls will be more important as applications multiply and the managed environment itself gets more and more dynamic. Most organizations are not ready to embrace fully autonomous infrastructure systems, but even incremental, field-proven automations such as rate limiting, load balancing, and dynamic capacity management are very helpful.
- Be able to optimize app delivery and accelerate apps response time – with WPO technologies, etc.
- Most application SLAs will focus on known good traffic, but do not ignore the threat of malicious influences and cyber attacks. Security strategies need to be embedded into the plan, so that unexpected attacks cannot derail SLA compliance. This means finding approaches that can provide a solid defense while also applying access policies that can be monitored and enforced.
While there are a number of ways to approach these steps, you will be better off if you can meet multiple goals with a single/unified technology approach. For instance, some of these steps can be addressed via holistic solutions that are designed to provide application awareness, application optimization, and security in a single system. Today’s advanced application delivery controllers are a great example, such as Radware’s Alteon NG, which can be configured and tuned to monitor and assure specific application SLA objectives while also implementing both defensive and policy-based security measures.
Application SLAs may well be the bellwether of the transition to IT as an internal cloud provider, and organizations large and small are steadily leaning in that direction. There is no time better than now to prepare, by understanding your application mix, focusing on key applications of greatest value, and evaluating how you can start now to prepare.