ADVANCED ANALYTICS Monitoring Systems for Emerging Threats

The sheer number of entities and ephemeral nature of resource allocations in modern infrastructure makes it impossible for IT operators to monitor activity and issues using traditional techniques. That’s where Rocana’s advanced analytics enter the picture, constantly analyzing your entire infrastructure to spot important changes in activity and performance levels.

OVERVIEW

At Rocana, we have built algorithms specific to the types of time-series data you see in modern infrastructures. The anomaly detection system does real-time analysis on 100,000’s of metrics per second, comparing those data points to expected values determined from dynamic, data-driven models. Perhaps best of all, the advanced analytics capabilities are an out-of-the-box feature—no cumbersome configuration processes, no wishing you’d paid more attention in stats class. With severity ratings, WARN scores, and purpose-built visualizations Rocana not only identifies issues, but also helps you to understand where to focus your efforts. For example, imagine a retailer who needs to keep close tabs on their site reliability. With Rocana’s advanced analytics if web page latency increases, the anomaly detection engine will identify this virtually immediately. A Site Reliability Engineer would see a low severity anomaly. If latency continues to increase, the Site Reliability Engineer would see multiple anomalies with increasing severity levels. If latency returns to normal, the number and severity of anomalies will decrease. The purpose-built visualizations in Rocana enable the Site Reliability Engineer to see these patterns and quickly decide what to do next.

ANOMALY DETECTION

Rocana Ops Anomaly Detection capabilities go far beyond simple outlier identification, such as comparison to a mean or moving average. Rocana implements advanced modeling techniques that use historical data to determine the baseline for comparisons. These modeling and comparison techniques enable Rocana to build highly reliable models and greatly reduce false positives. Key features of Rocana’s anomaly detection system are:

  • Out-of-the-Box support for key metrics, which include event volume and host metrics such as memory, disk and CPU utilization
  • Easily customizable to support additional metrics such as response time, throughput, etc.
  • Identifies anomalies real-time by analyzing streaming data
  • Accounts for periodicity in your data
  • Rates severity of anomalies so you know where to look first
  • Computes a risk indicator (WARN score) for individual components and automatically aggregates for services, hosts, and locations
  • Scales to analyze 100,000’s of metrics per second
SEVERITY RATINGS AND WARN SCORES

Identifying anomalies can be very beneficial, but often it is difficult for IT operators to determine which anomalies merit attention. The last thing IT operators want to see is another tool contributing to alert overload! With Rocana, all anomalies are assigned a Severity rating which is based on how far the metric deviates from the expected value. Severity ratings are computed not only for each individual metric, but also for aggregates such as host and location. Unique to Rocana is the WARN score: Weighted Analytic Risk Notifications. Rocana computes a unique score for both individual metrics and for aggregates such as host and location based on the severity and recency of anomalies for that entity. This helps IT operators identify things that are trending in the wrong direction—higher WARN scores mean more unusual things have happened recently.

SCALABILITY

With thousands if not tens or even hundreds of thousands of components (e.g. access points, applications, servers, containers, micro-services, and more), it is impossible for people to keep track of what is happening with each of those components. Rocana has been tested to analyze 100,000’s of metrics in real time as data points stream in. For every component in your enterprise, Rocana can quickly identify if that component is behaving in an unusual fashion and if the rate of anomalies is increasing or decreasing!

  • Operational visibility is a tricky business. Having that level of data oversight really can make a difference in how IT can contribute to the top line. Contributing to the business – rather than just supporting the business – should be the goal of IT in terms of relevance in today's environment.Dr. Alea Fairchild, Blue Hill Research Entrepreneur-in-Residence
  • With rising complexity you need to make sense of data - operational analytics is the key.John Rakowski, Forrester Analyst and Advisor
  • IT analytics lets you manage this complexity by turning Big Data inward.Jean-Pierre Garbani, Forrester VP and Principal Analyst
  • As scale and complexity increase with companies moving to the cloud, to microservice architectures, and to transient containers, monitoring needs to go back to school for its Ph.D. to cope with this new generation of IT.Donnie Berkholz, Research Director, 451 Research
  • An application that makes it easier to keep data centers up and running could become the 'killer app' for Hadoop because as companies become more dependent on large-scale customer-facing apps, it’s critical that they be reliable and scale predictably. Donald Fischer, General Catalyst Venture Partner
  • The operational data explosion has sparked a sudden and significant increase in demand for IT operations analytics (ITOA) systems.Will Cappelli, Gartner Research VP