application dependency mapping

Complexity in information technology has been increasing at an exponential rate. The drive for innovation has fueled the rapid adoption of new technologies and a corresponding shift towards cloud computing, open source software, and a microservice approach to application architecture.

As a result, modern information systems now rely on a bewildering array of interdependencies hosted in both physical and virtual environments across dynamic, hybrid cloud and multi-cloud infrastructure.

Application dependency mapping (ADM) is an IT operations process that is designed to help companies overcome this complexity. But what exactly is ADM? Why is it important? And what are the use cases for the product?

This guide answers these questions by going through the key concepts of application dependency mapping and how it helps to address the many challenges of managing complex application deployments.

What Are Application Dependencies?

In the context of application development, dependencies are the various components on which an application relies so it can function as intended. Dependencies include:

  • other in-house codebases
  • libraries and frameworks
  • proprietary software
  • files and database systems
  • the underlying operating systems
  • servers and subnets
  • drivers
  • specific versions of scripting languages

Application dependencies, particularly libraries and frameworks, are often double-edged swords.

On one hand, they provide off-the-shelf functionalities that save a lot of the complex and time-consuming work involved in developing code that performs the same role. On the other hand, conflicts can arise when third-party developers release updated versions of their software. These can lead to issues such as slower performance, loss of functionality, and system crashes.

What is Dependency Mapping?

Dependency mapping is the process of gathering information on all underlying application dependencies and presenting it in a way that is easily understandable.

This can be in the shape of a manual spreadsheet that lists details about the different services your application uses and the connections between them. But as IT systems grow increasingly complex, organizations are using specialist software to map the dependencies.

Such tools provide information not only in spreadsheet form but also in visual representations of entire application ecosystems. These make it easy to see the interactions and relationships between the different components of your applications as well as how they work together and affect one another.

A fully featured mapping tool will be able to analyze any type of IT environment, providing detailed views of application topologies across physical and virtual servers hosted on both on-premise and cloud-based infrastructure.

What is Application Dependency Mapping?

The terms “application dependency mapping” and “dependency mapping” are often used interchangeably, but there are important distinctions.

Application dependency mapping relates to the components of your business applications themselves such as microservices, functions, subroutines, and integrations with other systems.

Dependency mapping typically refers to the underlying dependencies that make up an application stack such as the host server, operating system, developer frameworks, libraries, and databases.

What is Application Discovery?

Application discovery refers to the process in which application dependency mapping tools identify and monitor the various building blocks that make up applications.

The three main methods of application discovery are:

  • Sweep and Poll: Identifies dependencies by pinging IP addresses and gathering information from the responses
  • Network Monitoring: Uses network traffic analysis to identify the paths taken by packets as they move through systems
  • Agent-Based: Installs agents on servers to monitor inbound and outbound traffic in real time

However, some application discovery methods leverage other technologies such as orchestration platforms and application performance monitoring tools making use of their monitoring capabilities to keep track of application components and underlying server resources.

Later, we will cover these in more detail and discuss the pros and cons of each method.

How Does Application Dependency Mapping Work?

There are two standard types of application mapping solutions.

Agent-based application mapping tools: These solutions require you to install a third-party solution on your computers and servers to create a map of all applications, and therefore include the risks inherent in giving access to third parties. They can also impact your computer’s performance, slowing it down or causing the battery to burn out faster.

Active/scheduled scans: Another option is to schedule scans at specific time intervals in which the system sends pings to network devices and creates a map from the responses. The scans impact latency and performance, so they cannot be conducted on an ongoing basis. Therefore, they only give you a window into your IT ecosystem, and you discover only the things that happen during the time of the scan.

Read more here.

Why is Application Dependency Mapping Important?

The sheer scale and complexity of modern IT operations makes it difficult for organizations to understand the anatomies of their information systems fully. This makes it difficult to manage them accordingly.

Inventory and network mapping alone are not sufficient to overcome this challenge because companies need clear insight into the actual workings of their applications. They need to see what impact a change to one link in the chain could have on all the other links. They need to understand the health of the entire application, identify potential points of failure, and determine the best courses of action so they can troubleshoot issues more quickly and efficiently.

Application dependency mapping helps them to do just that. But it also helps them do so much more. ADM serves as the basis for so many of the proactive steps that operations teams need to take and as a blueprint for a wide variety of their IT objectives.

For example, it can help IT ops teams to:

  • Assess risks and impacts
  • Respond to problems more rapidly. Through a raft of features such as the ability to view historical IT system maps before an issue appeared, companies can be better informed on how to deal with problems when they appear
  • Gain better service visibility. IT operations management teams can have useful reference points for optimizing resources, diagnosing and resolving issues, tackling security incidents, and maintaining catalogs of technology services
  • Stay on top of dependency changes. By discovering dependency changes in real time, ADM creates IT environment maps that are always up to date and complete
  • Pinpoint performance bottlenecks. ADM reduces the time it takes to get to the root causes of application performance problems such as slow SQL queries and poorly configured or under-resourced dependencies
  • Avoid dependencies in the first place. ADM can help companies to develop more agnostic applications that are more loosely coupled to dependencies – especially to specific versions of software and operating systems. This will improve software stability and decrease the impacts of issues and changes elsewhere in application stacks

The Benefits of Application Dependency Mapping

Application dependency mapping gives you an accurate, end-to-end map of your entire IT ecosystem that lets you:

  • Manage changes and understand how they will impact other elements and functionalities in the ecosystem.
  • Easily migrate assets from your data center to the cloud. Read more here.
  • Isolate critical assets or customer data with microsegmentation, seamlessly reducing risk.

How to Choose the Best Application Dependency Mapping Tool

When choosing an application dependency mapping solution, it’s important to consider the following factors:

  • The size of the environment: It may be possible to install agents in an organization with 30 servers but in an enterprise with 10,000+ servers, it isn’t feasible.
  • Security risk: Organizations that handle highly classified data may have limitations on the installment of third-party tools.
  • Familiarity: If your organization is familiar with a specific solution you may prefer to continue using it if it meets your needs.
  • Pricing
  • Server supplier: It’s important to choose a solution that integrates with your server supplier (IBM, Oracle, etc.).
  • Calculating your cloud optimization costs: Cloud infrastructure can be more cost-effective than physical infrastructure, but it’s easy for companies to overspend. Fortunately, there are tools available to help you optimize your cloud spending, such as native cloud provider tools and network optimization tools and techniques.

Be Platform- and OS-Agnostic

It is important to consider what environments are included in your application mapping solution. After all, you don’t want to limit your future business structure or technology changes. The optimal solution will not be limited to any particular infrastructure and will include legacy solutions and bare-metal as well as containers and multi-cloud. A platform-independent choice means you always have full visibility.

The same logic goes for any solution that is fixed to a certain operating system or uses templates for specific mapping options. A choice that utilizes network or wire data will always remain flexible if your business needs change.

When business do not follow this best practice, complexity can spiral. According to the latest Next Generation ITAM Report, “the average IT organization uses 11 or more different inventory and discovery tools, with more than 40 being common. All but the most efficient elite groups admit to having some lingering degree of Excel spreadsheet reliance to bridge the discrepancies.”

“In a recent survey, 1 EMA found that each respondent spent an average of 15 hours every week resolving discovery discrepancies. It stands to reason those superior capabilities in discovery, rationalization, and reconciliation are essential ingredients in next-generation caliber automation.”

What is Application Dependency Mapping Used For?

IT Asset Management

Application dependency mapping can play a useful role in a wide variety of change management practices such as:

  • Launching new applications or services
  • Making changes to existing applications such as adding new functionalities, fixing issues, or meeting new requirements
  • Provisioning or procuring new infrastructure such as routers and servers
  • Performing software patches and updates
  • Making configuration changes to libraries and frameworks, operating systems, and database management systems
  • Integrating DevOps tools into software development workflows

In each of these cases, ADM can identify what changes need to occur and what potential issues may need to be addressed.

Given the complexity of modern IT systems, application dependency mapping has rapidly become an essential first step to performing these tasks because there are now often so many unknowns involved in such changes.

In addition to helping to prevent dependency issues, ADM can also help to minimize any disruptions caused by scheduled updates and maintenance. By better understanding how different components interact, IT ops teams can predict and mitigate problems ahead of time and coordinate changes to ensure that there will be little or no disruption.

Application dependency mapping can provide useful information to those doing IT asset management when liaising with the departments and people that will be affected by the changes.

Compliance

Application dependency mapping can identify gaps during compliance undertakings.

For example, under the EU General Data Protection Regulation (GDPR), companies can only generally process and store personal data about European citizens in a data center location within the European Economic Area (EEA) and a limited number of other permitted countries. ADM can determine where application data resides and therefore whether it meets applicable data residency requirements.

Some ADM tools also provide audit trails of the changing topologies of systems. These can demonstrate that companies are taking appropriate accountability measures to meet compliance.

Data Center and Cloud Migration

Migration projects are risky because many things can go wrong. Application dependency mapping beforehand can support preparations by helping companies to:

  • Understand the existing application architecture
  • Determine what data to move
  • Identify what to back up
  • Formulate a plan of action
  • Ensure that nothing will be overlooked

Companies can also use ADM to perform follow-up checks after completing the migration to ensure that everything is in place and working as it should. For example, IT ops teams can check whether applications can still access the relevant data and if they are experiencing any performance issues.

If there is a problem with the former, the new addressing system might not be working properly, the data might not be mapped correctly to its new location, the migration might not have successfully transferred everything, or there might be conflicts between the source and destination operating systems that render the data unreadable or inaccessible. If there are performance issues, the problem might be that there are not enough resources provisioned or the application might not be optimized for the new environment.

Furthermore, companies can use application dependency mapping to plan corrective measures when problems do occur following migrations.

Cloud Cost Optimization

The public cloud is pay-as-you-go infrastructure where charges are based on resource usage. This brings the risk of skyrocketing bills if companies are not right-sizing and optimizing their workloads.

However, through having a clear understanding of their application deployments, IT ops teams can make smarter choices about instance sizing or resource allocation of containers and make better use of provisioned storage. What’s more, they will be able to formulate a more informed reserved instance strategy in which they will be better able to match RI purchases with the resource requirements of applications.

Application dependency mapping also provides an overview of which application components are consuming the most resources. Teams can then make coding, configuration, or architectural changes that use cloud infrastructure more efficiently.

Cybersecurity

Companies cannot protect what they cannot see. That is why shadow IT infrastructure – which is likely under the radar of security teams – is particularly vulnerable to attack because they are far less likely to have robust protection measures in place.

Application dependency mapping provides the visibility that ensures nothing is overlooked and all systems are properly secured.

ADM can uncover numerous security issues such as expired SSL certificates and incorrect firewall configurations. It also provides insights that companies can use to devise suitable microsegmentation strategies. This is a security approach that effectively compartmentalizes workloads by defining granular network controls over traffic between the different resources within application environments. This helps to contain any breaches by limiting an attacker’s ability to move laterally across a network.

Business Continuity and Disaster Recovery

Most companies now rely so heavily on IT that they cannot function whenever their systems go down. That is why it is so important to have sound business continuity and disaster recovery processes. If they are not fit for purpose, they will be useless should you ever need to use them.

The problem is that failover systems are notoriously complex. Similarly, backup and recovery systems must be properly synchronized and take into account all of the data that applications need. However, companies with clear insights into their application dependencies will be able to overcome these challenges.

Application dependency mapping can also have a hand in the recovery process by helping to determine the order in which to restore systems. For example, authentication services would likely be high on a list of priorities so that users will be able to log straight back into applications as soon as they become available again.

Further, IT ops teams may need to contact a wide variety of people whenever one or more applications go down:

  • development, operations, and database administration teams
  • users of the software as well as any applications that integrate with it
  • customers and suppliers

ADM can also assist companies with the creation of a communications plan that will ensure everyone is in the loop during a crisis.

Finally, do not forget that ADM continually monitors applications for changes – so IT ops teams will always have up-to-date pictures of application topologies when they periodically review and test your business continuity and disaster recovery plans.

Faddom’s Application Dependency Mapping Software

Features

Faddom’s agentless dependency mapping (ADM) tools create a real-time, detailed service map of your entire IT environment, with one view for both virtual and physical servers. It’s platform-agnostic and has zero impact on performance.

Faddom’s features include:

  • Multi-cloud compliance and multi-tenant options
  • Support for all on-prem technologies and virtualization platforms
  • Hybrid application dependency mappingADM for on-premises IT and cloud topologies that shows both environments in a consolidated map
  • Dependency mapping between business applications
  • Real-time mappingmaps are always up-to-date
  • Agentless and credential-free deployment
  • Passive use of network traffic protocols in maps
  • Microsegmentation planning
  • Change managementvisibility of real environment architecture before and after an IT change
  • Impact analysisshows the network impact of shutting down servers
  • Cloud migration wave planning
  • Cloud migration “right-sizing”
  • SSL certificates
  • Inactive server identification
  • Export options and APIs

Links to the features pages (if no features pages, perhaps we can create them)

Integrations

Faddom integrates with virtualization platforms such as vSphere, load balancers, cloud platforms, and monitoring solutions. Our integrations cover AWS, Azure, Google Cloud, Oracle Cloud, Kubernetes, AWS CloudFormation, Docker, VMWare, Hyper-V, ServiceNow, AppDynamics, BMC CMDB, CA CMDB, IBM CCMDB, New Relic, Citrix, MicroFocus, and Slack.

Trusted by