AIOps Wrings Value from Full Packet Capture

Cheap computation and storage mean many impossible operations have become practical. Use of millimeter wave frequencies for commercial end user communications is among the salient examples, but enterprise ability to capture and process nearly all data generated by the enterprise, for the purpose of wringing insights out of that data provides another example. 

According to Cisco, companies can expect to see their network traffic triple by 2022. “This will require organizations to make a proportional increase in data storage and maintain a brute force, record-everything approach for network forensics that will cost companies significantly more in terms of time and money,” says Randy Caldejon, CounterFlow CEO. 

AIOps plays a key role here, he argues. “Full packet capture is finally entering the age of practicality because of the introduction of AIOps,” he argues. 

“Thanks to AIOps, security analysts now have an opportunity to utilize more open source technologies and experiment with ML and AI to make packet capture work better for them and their organization,” he says. “Before, it was unrealistic to expect a group of analysts in a security operations center to proactively ferret through petabytes of data in search of an anomaly.”

Gartner defines AIOps as the application of machine learning (ML) and data science to IT operations problems. The firm also predicts that large enterprises use of AIOps tools will reach 30 percent by 2023.

Why AIOps Might Help IT Operations Improve

A new Digital Enterprise Journal (DEJ) study, The Roadmap to Becoming a Top Performing Organization in Managing IT Operations, finds that top-performing information technology organizations outperform others in large part because they are able to detect performance issues faster, resolve issues faster and create new products faster, at lower cost. 

Top-performing organizations can proactively detect 79 percent of performance issues ahead of time while all other organizations are only able to detect 39 percent of performance problems. 

The average mean time to incident resolution for TPOs is 38 minutes while it takes five times more time (224 minutes) for all other organizations.

Top performers also can deliver innovative products and services at a faster pace (5.1 times faster release velocity as compared to all other organizations) and do so at a lower cost (4.2 times more end-users supported per IT full-time employees.

source: OpsRamp

And that is where AIOps plays a role, improving pattern recognition and anomaly detection, therefore reducing the amount of time before performance issues are identified and remedied. 

source: OpsRamp