NDR and NPMD - important, meaningful acronyms for once...

I’ve recently had the chance to revisit what is old – but more relevant than ever – stomping ground of mine, thanks to Kemp Technology’s recent acquisition of Flowmon, which gave the company some important acronyms – NDR (Network Detection and Response) and NPMD (Network Performance Monitoring and Diagnostics)).

In an IT world obsessed with alleged advances for the sake of it – as an aside on this, do check this out:


… it’s great to be able to talk about proper tech that actually has a major role to play in this ‘ere new norm that’s already the old norm. Or, er, just the norm. The guys at Gartner have observed that NetOps and SecOps teams need to work together in a tighter, more organised fashion and that tools such as NDR and NPMD are the best solution for the next wave of IT, so Kemp is right on the money with this acquisition.

Some basic observations show why:

  • A combination of changing trends in networking architectures and the impact of the pandemic is morphing the shape of networking infrastructures into more complex, distributed topologies.
  • Working from home (WFH) has become prevalent and will not revert entirely back to the centralised office-based/hub and spoke form that has been in place for decades before, regardless of the pandemic receding and the resulting fallout.
  • This means that a different approach is required to serving and security the user base – one that needs specific tools and a reorganisation of IT in order to successfully optimise the user experience while protecting them from cyberthreats.

The qualifier here is that, as with all IT solutions, not all NDR and NPMD tools are created equal; they need to intelligently monitor network behaviour patterns and allow proactive countering of potential threats, rather than simply responding when it is already too late. They also need to be quick and simple to deploy, yet flexible enough to cover all business requirements and the continuing change in the shape of networks. Otherwise, they simply miss the point – bloated and slow to respond are exactly what we are NOT looking for here.

While, indeed, such tech has been wholly relevant since lockdown = WFH, 2021 – ongoing – is no different in terms of those requirements. And nor will 2022 be. This “new norm” really is – by and large – here to stay. Far better to be backing a service provider than a commercial real estate investor right now! Businesses are already embracing the very different, but often more efficient, cost fabric associated with deploying and supporting a WFH workforce and waving goodbye to expensive office space. But that fundamental change in the physical shape of IT and the underlying network infrastructure creates its own potential problems. Let’s face it, even in a traditional head office-based infrastructure, or a classic hub and spoke, HQ and branch office topology, few businesses really knew exactly what was running across those connections, whether applications or other forms of data.

Visibility IS everything. How can you secure an element of the network if you can’t see it? How can you optimise a data stream that isn’t on your management radar? Simple answer – you can’t. Do you actually need to? Absolutely. In its recent market guide for Network Performance Monitoring and Diagnostics (NPMD), Gartner noted that data monitoring and analysis is becoming increasingly difficult because of these infrastructure changes, with cloud-native architectures replacing the classic designs and thereby rendering simple NetOps and SecOps monitoring collaborations meaning “job done” as being a thing of the past. The hardly anticipated mega shift to WFH strategies over the past year has simply complicated matters even further.

One specific point Gartner made was the need to “Increase alignment between network operations and security operations, by coordinating NPMD procurement decisions with security analytics solutions, including network traffic analytics tools.”  Additionally, the guide talked about the goals of NetOps and SecOps being more tightly aligned, given that they both rely on capturing and manipulating network traffic data. Therefore, combining resources in a single entity means relying on job-specific tools, notably NDR solutions. Substantiating this thought, Gartner states that “by 2024, 50% of network operations teams will be required to re-architect their network monitoring stack, due to the impact of hybrid networking.” Taken literally, that is an enormous re-investment in tools, education and mindset. Moreover, businesses cannot wait until 2024, they need to act right now, such is the speed of change and impact thereof.

Clearly then, the basics of NDR/NPMD are right on the money. I’ll be looking further into the topic in future blogs and also getting my paws on the Kemp acquisition to have a play with, so watch this space on that one! Meantime, don’t stay safe, go down the pub – the hospitality industry needs your business! That’s something I’m sure we can all drink to 😊





Data Center
Data Management