Enterprise networks are being shaken up with the convergence of NetOps/SecOps and adoption of AI — but some things remain the same, according to a new report from Viavi Solutions
Enterprise network teams are navigating new challenges, both in terms of internal structure and businesses chasing use cases and value from artificial intelligence. But when it comes to security and network visibility, the demand for useful intelligence is only growing, according to a recent report from Viavi Solutions on the state of enterprise networks. (Viavi will soon be expanding its network security and high-speed Ethernet network performance portfolio, with assets that will be divested from Spirent Communications’ acquisition by Keysight Technologies.)
That report painted a picture of businesses which are trying to capture value in changes to their network IT strategy, but aren’t quite there yet, and revealed three major trends impacting enterprise network teams.
First, how are enterprise network teams monitoring their networks? There is a lot of fragmentation across tools. Network performance monitoring tech was the most popular, in use by more than 80% of respondents. Application performance management and digital experience monitoring were used by more than 60%. Security information and event management and infrastructure monitoring were used by more than 70%. A quarter of respondents said that they used all of the monitoring types.
And how were those tools deployed? The majority of respondents, 63%, indicated that they were using a hybrid approach: Mostly platform-based, with some specific tools in addition. On the surface, the survey seems to indicate that a strategic change is on the way in monitoring, with many respondents saying that they want to move away from the hybrid approach. Most said they wanted to move to a purpose-built architecture that could achieve multi-vendor monitoring, but some wanted a single-vendor-only monitoring proposition, or a hybrid option that focused more on individual tools and less on a platform approach.
But Viavi pointed out that over time, its annual survey has shown that the answers to those questions tend to be aspirational rather than reflect real changes that get made. The company asked the same question last year and most people also said they wanted to move away from a hybrid approach. But a year later, 10% more people reported that they were using a hybrid platform-plus-tools approach.
“Clearly, change is difficult, and monitoring architecture desires are being overwhelmed by other, broader considerations,” the report concluded.
That disconnect between aspiration and reality color some of the other trends that Viavi discovered in its annual survey, which is based on responses from some 750 network security and operations professionals across multiple verticals and seven countries. Those trends include:
–Convergence of network operations (NetOps) and security operations (SecOps). This is a trend that has been accelerating, according to Chris Labac, VP and GM of the network performance and threat solutions business unit at Viavi. “When you get away from the silo-izatino of keeping your SecOps group, or your DevOps group, or your NetOps group from communicating, you’ve go the benefit of the combined power of the toolsets that each one of those groups uses to look at problems from their perspectives,” Labac explained.
Labac said that while 79% of survey respondents said that they were moving toward a combined operational network group, “only a handful of those have really been able to fully realize the benefits of that.”
“When we talk to our cutomers, the people that are actually using our tools, what we still hear a vast majority of the time is, there is still a wall that exists between network operations and security operations,” confirmed Ward Cobleigh, product line manager for network performance and threat solutions at Viavi.
What will it take to get those convergence plans to reality? Common data sources and processes are a start. “What will unify these groups is if they can now start using a common data source and start using common workflows that will allow these teams to just naturally collaborate, instead of debating over whose tool is right and whose tool is wrong,” Cobleigh added.
–Packet capture is still a fundamental. Network monitoring tools, as mentioned above, were the most popular visibility tools reported by users: Visibility is still important. Cobleigh said that Viavi also sees a “renewed focus on packet capture,” even though it has been around for a long time and the use of the technology is stable rather than growing. “At the end of the day, our friend the packet is still kind of the ultimate source of truth,” he joked.
In fact, Viavi found that the companies who had a good packet-capture strategy were able to drive down their mean-time-to-resolution, or how long it takes to figure out and address a network problem.
One thing that is changing, though, is packet capture strategies and capabilities when it comes to the cloud. When Viavi dug deeper into the numbers, Cobleigh explained, it found that while leadership rated packet capture in the cloud as very important, the individual contributors to day-to-day operations didn’t share that same level of priority.”We’re making some assumptions here … but it seems as though leadership believes in the value of packet capture. Therefore, they believe ‘we surely must be doing this in the cloud. We’ve been doing this on-prem forever.’ But the actual reality is, not as many people are actually doing it. Not as many people actually know how to do it,” Cobleigh said.
He added that native cloud tools often require more expertise to direct and use for packet capture and analysis, compared to third-party solutions built for that purpose. But, he continued, enterprise teams are starting to find more value in packet capture as a data source, especially one that can be referenced by both NetOps and SecOps in a converged group.
–AI roadmaps are being demanded. As enterprises rush to make use of AI and figure out where the value lies for their business, Labac and Cobleigh said that most focus in terms of enterprise networks has been in how tool sets can and will leverage AI to be more effective. “People are definitely putting their tools under the microscope,” Cobleigh said, and businesses want to feel like their vendors have a viable and realistic plan for integrating AI.
Viavi, interestingly, has done some research on AI’s ability to analyze packet or flow data. It tested popular large language models’ ability to assess a small packet capture with a single, obvious problem. The results, Cobleigh said, were surprising. “In some cases, the LLM was almost useless. In some cases, they nailed it,” he said. “So what we’re seeing is, AI is really in the infancy of being able to analyze this kind of data in a meaningful way. We can’t rely on just, okay, I’m going to go capture some packets and let AI figure it out for me. We’re not there. Will we get there? I believe we will. We’re just not there in 2025.”
Viavi, he said, already uses dozens of algorithms and machine learning to determine end-user experience and help pinpoint root causes of problems. Cobleigh said he thinks the next natural extension of that becomes using natural language processing (NLP) so that network teams can simply ask something like “What are the most likely causes of a server taking a long time to respond to a Oracle request?” and receive suggestions.
“It’s using AI and an NLP-type interface into AI to extend existing workflows,” he explained. “I think that’s the first step down a path, and that’s where we’ve been doing a lot of our research is now we can use AI in that area.” And one more caveat: Such AI tools also will likely need to use specialized models that are informed by a smaller, specific data set, rather than the publicly available LLMs.
Read more in the full report from Viavi Solutions.
