To be able to apply the appropriate control, security, and optimizations to application delivery, visibility of the performance of each component, as well as the ADI as a whole, is required. The functions supporting management either collect data for analysis or provide a view of real-time performance, or a combination of both. These functions are:
- Application monitoring that measures application response times and profiles application traffic so that IT administrators can understand how the applications process user transactions, and help troubleshoot performance problems. It also logs application delivery infrastructure health and availability statistics across each point between the application and the user.
- Capacity planning that simulates the user load and behavior of the applications to identify performance bottlenecks and infrastructure capacity requirements.
- Provisioning that provides tools for the automatic or self-service selection of application delivery.
- Shadowing that allows an application or desktop user interface to be shared with other users, to facilitate incident management and collaboration.
- Password management that centralizes and secures a user's password store for multiple applications, allowing the enforcement of password management practices, such as strong password enforcement, frequent password changes, and the control of user access to shared passwords.
It is important to note that these technologies do not operate in isolation. Rather, they interoperate, as appropriate, with the applications and their underlying infrastructure components (such as operating systems and datacenter hardware), operate over networks with their entire underlying infrastructure (such as switches and firewalls), and are then consumed by users on a range of endpoint devices. As with the ADI, these other infrastructures are overseen by management infrastructure (such as monitoring platforms and administration consoles).
Application Experience Monitoring
Monitoring IT infrastructure operations is imperative, because it provides data based on the determination of the administrator and the system of how the infrastructure is performing against its defined success measurements. Typically, these measurements are capacity and performance thresholds that are occasionally linked to Service Level Agreements (SLAs).
For ADI, the primary measurement is the user's experience of the application or desktop service being delivered. This measurement must take into consideration data from each component in the ADI, and then should be holistically analyzed against availability and performance thresholds based on the user's experience. Application experience can be granularly measured per user and per service. This granular approach allows for fine tuning in response to the monitoring results.
The following functions support application experience monitoring:
- User experience monitoring
- Performance monitoring
These functions are described below.
User Experience Monitoring
This function monitors the performance of an application from the end-user's perspective. Agents are installed on each end-user device to collect application and process performance data across all applications and processes. This data is stored locally, and compiled and uploaded at set intervals to a management console, to enable analysis of application performance.
Performance Monitoring
This function logs ADI performance statistics on each component in a particular application delivery chain, and then collates that information to provide an end-to-end view of an application's health and availability for analysis. Monitoring was once limited to custom-defined areas such as system errors, individual system component performance (for example, processor and memory utilization), and security information (for example, unsuccessful logins). It has now matured to a point where the information is used to provide a view of application performance from an end-user experience perspective.
The Evolution from ADI Monitoring to ADI Management
A granular monitoring service can enable an informed response to changes in user experience and performance during application delivery. The information is collected through an appropriately applied level of monitoring, where there is a balance between having sufficient granularity without being flooded with alerts. However, even the best monitoring information is useless, unless that information is applied to resolving issues and tuning the ADI to meet current and future needs.
The following functions support the shift from monitoring to management:
- Capacity planning
- Shadowing
- Provisioning
- Password management
These functions are described below.
Capacity Planning
This function records the use of an application for scripted replay, which can be multiplied to simulate larger numbers of users. The resulting performance monitoring output is used to determine if and where bottlenecks occur in the application delivery chain, to specify what level of infrastructure resources are required when delivering the application in a production environment. Capacity planning can also be used to calculate trends in usage, to plan infrastructure upgrades or optimizations in advance.
Shadowing
This function duplicates user interface activity to enable either passive (viewing) or active (collaboration) interaction within an application. It is, in effect, a sub-function of server-side app virtualization that has been extended. First used to allow a help desk agent to assist a user in problem resolution, experts quickly realized that this technology could also be used for education and collaboration.
Provisioning
This function manages how applications are delivered to the user, responding to a request and then instigating the appropriate application delivery control function. It could be seen as the initial step in an ADI scenario.
The types of requests can be divided into two categories:
- Self-service, where the user selects the application they require from a list of applications, often published on a Web site. Which application options are enumerated is determined by the user's permissions and, when used in conjunction with the access control function, the determination would also be based on the access scenario (for example, endpoint analysis results and location) and policies.
- Autonomic, where the system determines the need to allocate additional resources to an application resource pool based on usage and Service Level Agreements (SLA), or allocates users across the resource pool based on a profile of their normal usage patterns.
Password Management
This function provides the facility to securely store each user's credentials for different applications or systems, and submit them in response to application authentication requests. The initial credential request is intercepted and the user is prompted for their credentials which is then stored in an encrypted database (or "store"). Password changes and strengthening can be modified and remain opaque to the user, who uses only one password to access the store. These technologies can then be used in conjunction with applications and security functions to enforce strong password policies.
