Located in the Belgian province of Antwerp, Geel is a city formed of several old parishes' towns including Sint-Amand, Sint-Dimpna, Holven and Elsum and serves as a regional agricultural, industrial, and commercial centre to the neighbouring communities. The city hosts several notable pharmaceutical and biotech companies and the Institute for Reference Materials and Measurements, which is one of the seven scientific institutes of the European Commission's Joint Research Centre. The city has a heritage of technology and is the home of the influential "Brandweerinformatiecentrum voor gevaarlijke stiffen" translated as the Information Centre for Dangerous Goods (BIG). Home to around 40,000 citizens, the city has built a strong reputation for supporting its facilities with capable and centrally managed IT-based services.
Like many small European municipalities, the city directly manages a large number of critical services. From the core city administration function to libraries, fire departments, social services, schools, and other ancillary departments, the city looks after departments across more than 46 different locations and also runs a number of online services for citizens, visitors, and clients.
The city relies on several critical administrative applications such as financial accounting, enterprise resource planning (ERP), and supply chain software. The city also maintains two health and safety applications of which the Emergency Response System is the most important. This system escalates alerts to a mobile network as soon as nurses on duty don't respond within in a certain period of time. The second is a medication distribution system for an elderly care organisation. In addition, it also has mobile and web-based e-commerce and a number of fixed and mobile point-of-sales terminals deployed across a mix of on-premises and cloud platforms.
The combination of use cases, locations and legacy equipment results in a high degree of complexity. "We are tasked with managing a diverse array of critical applications running on disparate hardware systems and now in the cloud as well," explains Rob Lenaerts, Computer Scientish for the City of Geel. "Most of the departments are connected to our metropolitan area network (MAN) with fibre and other minor locations connect with less-performant uplinks. Applications and storage run on a virtualised environment across a pair of redundant datacenters."
The council also has a wide range of access requirements with 500 administrative users, as well as IT service clients such as retirement homes and schools. There are also other non-administrative personnel that need to access some applications from home such as council members.
Managing all of this complexity is a staff of only seven IT professionals. With scarce human resources, City of Geel's IT needs to be incredibly efficient to manage the complex and diverse estate and must rely, in part, on IT suppliers for software updates and the occasional technical support. Following an application problem which took a considerable amount of time to resolve, the City of Geel IT department decided it needed to invest in its own in-house diagnostic capabilities.
Prior to approaching ExtraHop, the IT department had used only the logging and monitoring functionality included in its systems to troubleshoot incidents. These tools included network monitoring software from its network switch, application logs provided by software manufacturers, and VMware tools for monitoring its virtualisation platform.
"There was no central application that offered visibility over all these domains," explains Lenaerts. "We needed a better way to gain overall visibility in our complex environment in order to diagnose problems faster and to gain an accurate determination of the root cause that would make it possible to know where to look or when to engage one of our vendors."
The goal was to find a solution that would provide visibility across the end-to-end environment, as well as be easy to implement and user-friendly. "When we tested ExtraHop it had a lot of standard metrics 'in the box' that we could just turn-on, keeping configuration to a minimum," says Lenaerts.
The solution also needed to be non-disruptive, and to this end the ExtraHop appliance requires only a network tap at one data center to ensure network traffic is captured from both locations.
The ExtraHop technology is based on analysis of wire data and performs full-stream reassembly and full-content analysis of this data running across the network to extract IT and business insights. "For us, alongside troubleshooting, it is the delivery of acceptable application performance and minimal login times that are the main targets in improving performance issues," says Lenaerts. "With some incidents you know where to look but if this isn't clear we look at ExtraHop first."
City of Geel IT staff use ExtraHop to monitor critical services on a continual basis, such as version upgrades, application migrations, and new application rollouts. However, it is when troubleshooting application problems that ExtraHop delivers the greatest return on investment.
According to Lenaerts, the deployment of ExtraHop has allowed his team to "determine the average root cause twice as fast as before and with more certainty" and also led to some additional benefits for when they interact with their software suppliers: "We now have first-hand intelligence of the health of our applications that we can bring to the attention of our suppliers to get problems solved faster." Although in service now for several months, Lenaerts recalls an early example of where ExtraHop's ability to gather insights and analyse a complex set of connected applications was able to solve a real-world problem.
During the first migration of its dedicated PCs to virtual desktops, the team experienced unacceptable slow logins of more than 15 minutes which had not occurred during the prior proof of concept and test phases. With growing consternation from the user community, "We needed to resolve this very quickly or the whole VDI project could potentially fail."
The team turned to ExtraHop which helped to indicate that the root cause was due to a combination of a centralised client on an application server, the antivirus scanner, and a router configuration, "We provided the workaround and the project could continue as planned without the slowdowns," he adds.
For Lenaerts and his team, ExtraHop has helped it gain "a lot of time and happy customers. In the past, assumptions led to a lot of unnecessary changes, costly upgrades, and also the risk of creating new problems. The faster we can diagnose, the faster we can start on solving the problem or at least provide a workaround in a cost-efficient way."