7 Replies Latest reply on Feb 29, 2016 9:22 AM by Melissa Herrle

    Active versus Passive Monitoring

    Scott Penn
    Scott Penn Employee Jun 18, 2013 7:17 PM
      Share:|

      Active versus Passive Monitoring for Web Sites

       

      According to Gartner, there are 5 dimensions of an APM solution1:

       

      1. End-user experience monitoring — the capture of data about how end-to-end application availability, latency, execution correctness and quality appeared to the end user.
      2. Runtime application architecture discovery and display — the discovery of the various software and hardware components involved in application execution, and the array of possible paths across which those components could communicate, which together enable that involvement.
      3. User-defined transaction profiling — the tracing of events as they occur among the components or objects as transactions move across the paths discovered in the second dimension, generated in response to a user's attempt to cause the application to execute what the user regards as a logical unit of work.
      4. Application component deep-dive monitoring — the fine-grained monitoring of resources consumed by, and events occurring within, the components discovered in the second dimension.
      5. Analytics — the marshalling of a variety of techniques, including behavior learning engines, complex-event processing platforms, log analysis, and multidimensional database analysis to discover meaningful and actionable patterns in the typically large datasets generated by the first four dimensions of APM

            

      Note 1 Application Performance
      Monitoring Is the First Step to Manage the Hybrid Cloud Application Portfolio
      19 December 2011 ID:G00227693
      Analyst(s): Will Cappelli


      Focusing specifically on the end-user experience monitoring, nirvana would be the ability to monitor every router hop from the customer to the datacenter; the entire components of the user’s screen; monitoring the web server they land on and the entire application path from the web server to the database and back out.

       

      The reality is that is impossible to instrument the Internet, client equipment, data center infrastructure, application code and hardware all at the same time. 
       
       
        picture 1.jpg
      Even if you could provide that level of instrumentation, it would prove useless in determining the actual quality of all end- users’ experience from just the sheer amount of data.

       

      When it comes to diagnosing how a site is performing, an accurate quality assessment can be made by monitoring the customer's activity, errors and response times. But what methods to monitor the end users are available?  Which are the best - Active or Passive?

       

      A comprehensive strategy can be made with active monitoring (synthetic or scripted), passive monitoring (network-based packet capture, known as End User Experience Monitoring).

       

       

      Synthetic Monitoring


      Synthetic monitoring’s can be considered “Active Monitoring” because you are acting as the client. The earliest beginnings of Synthetic monitoring stem from the data center operator or person in charge hitting their own site from their desktop and declaring it “alive”.  onstantly hitting your own web site isn’t a good use of a person’s time, so scripts were written to continuously hit the site. However, there are valid reasons to have this mechanism in place.

      Some of the benefits that synthetic testing provides are:

      • Consistently determining if the site or page is up or down. Consider the time when a page is not generally available to the public or if there are no end users hitting that particular page or aspect of the site.
      • Synthetic tests can use various protocols (doesn’t always have to be just HTTP/s) that may be difficult or impossible to monitor on the wire (like RMI, Flash, Silverlight, Citrix ICA, FTP, or other binary protocols that cannot easily be decoded).
      • Synthetic scripts can be executed from specific locations – using that locality to determine region-specific problemsActive monitoring is looking at a website from outside-in and will allow for monitoring of timing and errors specific to external web components like mash-ups (like a Google map link)  or third party hosted elements (like the Customer Support Person who drops down on the screen) that are not really hosted from the data center of the web owner.
      • Scripted monitoring can be pointed to your web site or others to show how similar scripts act against ‘golden’ or competitive web sites.

            

      Some of the drawbacks to this active method of testing are:

      • Can only test the same thing over and over and on a periodic basis.
      • The test is not real – you can’t buy shoes every five minutes on a real web site.
      • A script cannot test everything. Humans are amazing at attempting odd combinations in real life.
      • Scripting does not provide a real time sampling. Periodic sampling does not provide a good indication of what everyone is experiencing on a web site. If Synthetic scripts test a transaction every five minutes and the site is taking thousands of hits per second, thousands of errors or unhappy users would not be reflected by the script's results.

         picture2.jpg

      Products like BMC’s TM-ART provide a comprehensive method to script many types of transactions that would be found in a web environment.

       

      Network-based packet capture

      picture3.jpg

       

      Products like BMC's - End User Experience Management (EUEM) are a Network-based packet capture "Passive" monitoring solution.

       

       

      Typically, End User Experience Monitoring (EUEM) or Real User Monitoring (RUM) is a passive technology that records and monitors user interactions with a website.   Monitoring the users’ actual activity on a website or an application provides visibility into performance, errors and volume of the web property. For the sake of this discussion, we will focus on true passive monitoring which is via network packet capture.

       

      Some of the benefits that real end user monitoring testing provides are:

      • Typically sees all users all the time.
      • Typically "Inside your four walls".
      • Provides a real view into what all users see.
      • No overhead – imposes no load on the servers or application.

             

      Some of the drawbacks to a real end user monitoring method of testing are:

      • Can't see CPU/Memory/Network bottlenecks.
      • Requires a device be located in a central collection spot.

       

      Conclusions


      When the question comes up – “Which is better, Active or Passive monitoring of a web site”? The real conclusion is that both are unique and provide advantages and some disadvantages. Current implementations of web properties include many variations like mash-ups, externally hosted content, Flash or Ajax, for example. The combination of active and passive monitoring provides a more comprehensiveview of website performance and user experience then each separately. Therefore it is recommendable to use both active and passive technologies to monitor web performance.

        • 1. Re: Active versus Passive Monitoring
          Chris Marcotte Jun 19, 2013 11:34 AM (in response to Scott Penn)


          EUEM (Real End User Experience Management) has the ability to 'passively' read a copy of the traffic and is considered to be passive monitoring for the fact that it does not interfer with the packets flowing between the end user and the web application.  A new part of EUEM allows an agent to be installed to feed data from the applicatoins' back end and in part - this is considered to be 'active' as it does not read a copy of the traffic.

           

          Synthetic monitoring works well with giving the performance/availability of a web application but lacks the randomness involved in a real end user session.  Synthetic monitoring also induces a additional load on your web applicaiton where as 'passive monitoring' does not.

          • 2. Re: Active versus Passive Monitoring
            rsie /\ Nov 20, 2015 11:53 AM (in response to Chris Marcotte)

            Hello Chris,

             

            will this Real End User Experience Management with network-based packet capturing, still be in the current Truesight component set, in Truesight App Visibility Manager in November 2015?

             

            And will this still be delivered as an appliance or only as Software Installation set?

             

            Thanks

            Ronald

            • 3. Re: Active versus Passive Monitoring
              Melissa Herrle Nov 23, 2015 9:52 AM (in response to rsie /\)

              Hi Ronald,

               

              Yes, Passive EUEM (real end user experience monitoring via packet capture) is not going away and as a matter of fact, we have plans to further enhance the product. It is currently available in TrueSight App Visibility Manager 2.7 and soon will also be tightly integrated into TrueSight Operations Management/TrueSight Presentation Server.

               

              Currently there are 2 deployment models:

              Appliance and Virtual Edition. The Virtual Edition is a VM instance of our Passive EUEM solution. In the near future we'll offer a 3rd deployment model, software only (installables).

               

              -Melissa

              • 4. Re: Active versus Passive Monitoring
                rsie /\ Feb 15, 2016 11:19 AM (in response to Melissa Herrle)

                hello Melissa,

                 

                can you provide a closer estimation, when Passive EUEM will be integrated in TSOM?

                 

                Ronald

                • 5. Re: Active versus Passive Monitoring
                  Melissa Herrle Feb 15, 2016 6:20 PM (in response to rsie /\)

                  Hi Ronald,

                   

                  We are moving over Passive EUEM in a phased approach as there is much to do! We have a release slated for this Spring, currently looking at an early May timeframe (but subject to change) - This release will introduce Passive EUEM into the TSOM family. You will see a handful of dashlets that will be populated by PEUEM data as well as a central location to access all analyzers (the TSPS). We'll also be coming out with the new deployment model at this time, Passive EUEM Software Edition, which provides much flexibility and is cloud agnostic.

                   

                  Melissa

                  • 6. Re: Active versus Passive Monitoring
                    rsie /\ Feb 29, 2016 7:12 AM (in response to Melissa Herrle)

                    Hello,

                     

                    if a customer wants passive EUEM now, do we still have to implement a Virtual Edition(in the easiest case) as discribed in App Visibility 2.7?

                    1) how do we integrate monitoring aspects and also the results with TSOM

                    2) then, is configuration and management of PEUEM still carried out within the APM(2.7) console?

                    3) under this assumptions, is there any way to correlate PEUEM and Application Deep Dive results, i mean to make Application Diagnostics avaliable in an PEUEM/APM context?

                     

                    Thanks,

                    Ronald

                    • 7. Re: Active versus Passive Monitoring
                      Melissa Herrle Feb 29, 2016 9:22 AM (in response to rsie /\)

                      Hi Ronald,

                       

                      1) Can you please be more specific? What are you looking for here? The data for Passive EUEM will be displayed in the dashboards.

                      2) TSPS is replacing the APM console and will eventually do much more than the APM console does. There is very little configuration and management capabilities in the APM console, the TSPS will have much more in this area (as well as better data visualization)

                      3) There is today in the APM console and we have plans to bring this integration into the TSPS this year.

                       

                      Melissa