Svg Vector Icons : http://www.onlinewebfonts.com/icon Return to Glossary

What is network analytics?

Our NSX for vSphere Lab gives you hands-on experience in just 30 minutes – no installation required

Try Free Lab

Network analytics primarily addresses data packet transmissions sent and received by Layer 3 devices operating under the Open Systems Interconnection (OSI) model established by the International Organization for Standardization (ISO). Layer 2 devices represent the data link layer governed by switches and Layer 4 devices relate to TCP standards associated with web servers. However, Layer 3 devices are specifically concerned with I/O data packet transmissions sent and received through routing devices. Virtualization leads to software-defined networking (SDN) and software-defined data center (SDDC) standards where the Layer 3 functionality is established by software rather than physical devices. This creates a wider range of potential for cloud data center orchestration across “bare metal” hardware resources. In contemporary practice, network analytics software integrates information from Layer 2-4 devices simultaneously due to ecosystem expansion and the introduction of new switch, router, and firewall appliance technology standards. This granularity is further expanded through virtualization, which leads to a greater ability to script and automate data center processes at all layers of the service mesh on the basis of real-time, streaming data packet analytics.


Network analytics can be categorized into historical approaches to recording and reading data from operations that are presented in logs, reports, or graphs by utility software. These reports provide administrators with hourly, daily, monthly, and yearly portraits of events that occur on a particular network or may be based on user and endpoint device activity. IP addresses are the key components of Layer 3 network activity through routers that control data packet transmissions between endpoints based on user request activity. Most network analytics refactor the data available through monitoring Layer 3 processes historically by filtering information into usage patterns or highlighting the data to expose abnormal events. Employees can access network analytics to view the flow of packet data across cloud architecture in real-time due to the increased power of contemporary web server hardware and the expansion of ecosystem software in the data center management sector. Machine learning (ML) techniques are increasingly being introduced as a critical aspect of network analytics that enables better automation of processes in industrial production, telecommunications, eCommerce, and multimedia publishing.


What problems do network analytics solve?

  • Prediction: Predictive analytics, network administrators seek to monitor usage patterns over time in order to estimate their institutional needs for bandwidth, hardware, or other services. 
  • Automated security: Entails the real-time scanning of I/O data packet transmissions with AI and ML to match incoming requests with known security exploits, viruses, or malware. In some forms of hacking and password cracking protection approaches, automated security can lead to the automated blocking of users by IP who repeatedly send bad requests to a network. In automated anti-virus scanning, malware, worms, viruses, and ransomware can be detected and quarantined without the need for human intervention. In data centers with millions of VMs and containers running in parallel, automated anti-virus and security scanning are important uses of network analytics.
  • Diagnostics: When problems arise on a network, due to congestion, bad user activity, security threats, or device failure, systems administrators need to diagnose each situation in order to localize and repair the issue. Network analytics include health checks for data center operations that inform administrators as to the operational status of their connected resources. With application-centric infrastructure, admins extend network diagnostics with increased granularity to monitor running software processes. Admins use streaming telemetry to optimize data packet transmissions for particular applications, devices, or users on a network according to IP address through preferential routing and hub appliances. They also apply network analytics to IoT devices through edge servers at scale in support of retail products with automated response requirements and rolling firmware upgrades. 
  • Resource allocation: Complex institutions depend on network analytics in order for administrators to be able to accurately estimate the need for switches, routers, hubs, and bandwidth in daily operations or manufacturing facilities. 
  • Network analytics: Used to provide administrators with an overview of historical or real-time activity on cloud architecture.


Benefits of network analytics

  • Business process optimization: When combined with corporate management, purchasing, and procurement, network analytics leads to business process optimization with greater security and efficiency in IT operations. 
  • Greater accuracy in performance monitoring: Network analytics provides performance monitoring tools to administrators that include historical patterns of usage which allow them to better predict future infrastructure needs for data center requirements. 
  • Improved security: Network analytics vastly improves the security of cloud resources and connected devices by enabling the real-time scanning of data packet transmissions. The size of I/O data packet resource consumption by IP address can be logged to automatically detect spikes in activity as a means to more quickly identify intruders, malware, and infected devices. 
  • Rapid detection of security threats: Network analytics improves the speed of detection of security threats, which is an important factor in preventing the spread of hacking attacks deep into the corporate infrastructure. The ability to view connected device status by SNMP and Windows Management Instrumentation (WMI) filtering data can provide administrators and security defense systems with a more extensive means of diagnosing network problems, speeding up the time required for repairs.
  • KPI tracking: VMware’s KPI Workflow Manager analyzes key performance indicators (KPIs) and presents them to administrators as part of a unified network management panel to simplify the reporting and alert process for complex cloud networks based on VMs. KPI tracking is a powerful tool for the industry with applications in high finance, mass media, manufacturing, health care, and telecommunications that can be customized for greater levels of data center automation at scale. 
  • Ability to apply real-time streaming analytics to "Big Data" requirements: VMware Smart Experience is a network analytics tool that includes the KPI Workflow Designer and Manager together with a series of telco-specific plugins for real-time and historical insights into packet data that operate on a carrier scale. Businesses can apply real-time streaming analytics to "Big Data" requirements in order to use the IP address for better location-based marketing internationally or for improved fraud protection on financial transactions. Integration with AI and machine learning can be used to build reactive content modelling based on prediction engines for unique customer experience production in eCommerce applications with tailored brand support and product/media recommendations.


Network analytics: Use cases

Network analytics are essential to cloud orchestration across all varieties of use cases, but become particularly powerful for enabling the next-generation of data center applications when they can be automated with custom code for industry-specific requirements. 


Telecommunications companies implement network analytics at the highest scale of user traffic when managing mobile communications or broadband connections for customers. VMware Smart Experience offers pre-coded tools for user anonymization, subscriber profiles, and cell tower traffic optimization out-of-the-box to carrier companies. These tools are also used by oil and gas companies at scale in monitoring remote IoT devices that regulate pipelines, drilling, and reservoir facilities. Industrial manufacturing companies in the automotive and high tech sectors make the most extensive use of streaming data analytics in the production of self-driving vehicle networks and the AI/ML guidance for autonomous vehicle navigation. Streaming data analytics is opening up new use cases for innovation across all sectors of industry on the basis of “Big Data” applications, Artificial Intelligence (AI), and Machine Learning (ML).


In cloud hosting and enterprise networking, real-time analytics and historical reports are vital tools for maintaining systems health, data security, and optimized I/O transfer speeds between connected devices. Platform providers can quickly identify, isolate, and quarantine incoming malware, viruses, or worms by using real-time packet scanning to identify threats. Infected devices can be detected more quickly through KPI analysis, reports, and security alerts. The ability to configure Layer 3 firewall rules gives network administrators the option to establish restrictions based upon protocol, source or destination IP address, and ports. These rules are enforced through real-time data packet analytics at the device level. Virtualization extends the granularity of control to the VM level through SDN routing functionality, the NSX distributed firewall, and streaming data analytics through Smart Experience. Maps of virtual infrastructure improve connected device discoverability for network resource optimization and can be used to build disaster recovery plans for continuity of service requirements.


For unified network analytics across an entire data center, VMware’s Workspace provides one comprehensive intelligence platform. Workspace ONE Intelligence includes predictive analytics along with the ability to script automation for security in network administration with high-level granularity on rules and filters that extend to the device or VM via SDN routing options and IP addresses. VMware’s Workspace ONE Intelligence integrates with a wide variety of third-party plugins from cloud software development companies to address niche industry requirements or particular security needs. The suite can also output reports for systems administrators that validate compliance with international auditing and data security regulations. One of the primary reasons that businesses of all sizes choose software-defined data center (SDDC) solutions is for the more detailed and advanced streaming data analytics available through real-time monitoring in virtualized environments. vRealize Log Insight creates structured metrics with KPI analysis for business intelligence, network diagnostics, and prediction that makes cloud network management more efficient.

Related Topics
Cloud Networking
Network Security
Network Virtualization
Virtual Networking


VMware Network Analytics related Products, Solutions, and Resources