An Oracle White Paper

September, 2011

Oracle Real User Experience Insight

 Oracle Real User Experience Insight

Executive Overview ............................................................................. 2 

Introduction ......................................................................................... 2 
Internet, Extranet and Intranet ............................................................ 3 
Internet ............................................................................................ 3 
Extranet ........................................................................................... 3 
Intranet ............................................................................................ 3 
Oracle Real User Experience Insight .................................................. 3 
Measuring Real-User Performance ..................................................... 3 
Network Protocol Analysis (NPA) ........................................................ 4 
Product Architecture ............................................................................ 5 
1. Data Collection ............................................................................ 5 
2. Data Processing .......................................................................... 6 
3. Data Presentation (Reporter) ...................................................... 6 
Installation Options .............................................................................. 7 
Reporter .......................................................................................... 7 
Collector .......................................................................................... 8 
Processing Engine .......................................................................... 8 
Deployment Scenarios ........................................................................ 8 
Single-Server Deployment .............................................................. 8 
Multiple-Server Deployment ............................................................ 9 
Three-Tier Deployment ................................................................. 11 
Installation ......................................................................................... 12 
Single-Server Configuration .......................................................... 12 
Split-Server Configuration ............................................................. 12 
Conclusion ........................................................................................ 13 
 Oracle Real User Experience Insight

Executive Overview

Oracle Enterprise Manager is Oracle’s integrated enterprise IT management product line and
provides the industry’s first complete cloud lifecycle management solution. Oracle Enterprise
Manager’s Business-Driven IT Management capabilities allow you to quickly set up, manage
and support enterprise clouds and traditional Oracle IT environments from applications to disk.
Enterprise Manager allows customers to achieve:

• Best service levels for traditional and cloud applications through management from a
business perspective including Oracle Fusion Applications.

• Maximum return on IT management investment through the best solutions for intelligent
management of the Oracle stack and engineered systems.

• Unmatched customer support experience through real-time integration of Oracle’s

knowledgebase with each customer environment.

User Experience Management

Today’s businesses applications are used to automate and simplify virtually all business
functions. To improve the returns on those investments, the applications need to deliver
superior performance, availability, and user experience. Otherwise the business will suffer due
to lost revenue from frustrated users, lower employee productivity and possibly even higher
support costs from users calling the service desk after abandoning their online interactions.
Oracle Real User Experience Insight, a key product in the Oracle Enterprise Manager solution
set for Top-Down Application Management, can help meet these challenges.

Passive, zero-touch monitoring of all your application users

Oracle Real User Experience Insight (RUEI) uses state-of-the-art technology for data
collection, which does not require any modification, changes, or instrumentation of the
applications monitored. Its passive monitoring approach allows enterprises to deploy in
production, without requiring costly test/QA environment validations.

Introduction
This white paper discusses Oracle Real User Experience Insight (RUEI) from a technical
perspective. The objective of this document is to provide more information concerning product

2
 Oracle Real User Experience Insight

architecture, technical specifications, and some practical information on configuration and

deployment considerations.

For more information, consult the Oracle Real User Experience Insight User’s Guide, the
Oracle Real User Experience Insight Installation Guide, or contact your Oracle representative.

Internet, Extranet and Intranet

Internet
The usage of the Internet continues to grow. The Internet is a strategic channel for virtually every
aspect of today’s businesses. While companies are looking to explore online opportunities, associated
risks need to be controlled. Substantial revenue is at stake, as well as organizational reputation.

Extranet
Supply chain integration, VPN, and Web services are extending the scope of Extranet applications as
companies are integrating their business and back-office channels.

Intranet
Back-office applications (including ERP solutions) are increasingly being deployed using the HTTP(s)
protocol. This allows organizations to lower the total ownership cost because application maintenance
is simplified, and hardware resources are centralized. As a result, the Intranet has become a very cost-
effective platform to deploy internal applications.

Oracle Real User Experience Insight

Oracle Real User Experience Insight (RUEI) is designed for measuring, analyzing, improving, and
controlling the availability and performance of all of the above deployment scenarios, including E-
business applications, Web transactions, and ERP systems.
Note that in this paper, the term “Web applications” is used to refer to all applications that are
deployed on the HTTP(s) protocol.

Measuring Real-User Performance

Typically, in order to control the performance and success of a Web application, a number of Key
Performance Indicators (KPIs) are defined. The following are the most commonly used KPIs:
• End-to-end response times for pages and individual objects (URLs).
• Server and Internet/network response times.
• Error messages (both technical and functional).
• End-user behavior, number of aborts, and so on.

3
 Oracle Real User Experience Insight

To follow up on the above KPIs, and to obtain a realistic view of the status of Web applications,
organizations need to measure real-user experience. In order to make this possible, a number of
requirements can be identified.
First, traffic from all users must be monitored. This is critically important because the information is
used to cross reference your performance data and users groups which, in turn, can be grouped on
location, department, type, status, and so on. Secondly, the data collection method must be 100% non-
intrusive.
Furthermore, organizations do not want to change their current applications or infrastructure. When a
new application release is deployed, or when an additional Web server is added, there must be no (or
very limited) changes to the monitoring environment.

Network Protocol Analysis (NPA)

Typically, RUEI is installed before the Web servers, behind a firewall in the DMZ (as shown below).
The data collection method is based on Network Protocol Analysis (NPA) technology. This data
collection method is shown in Figure 1.

Figure 1. How RUEI collects data.

When an object is requested by a visitor, RUEI sees the request and starts measuring the time the Web
server requires to present the visitor with the requested object. At this point, RUEI knows who
requested the page (IP client), which object was requested, and from which server the object was
requested (IP server).

4
 Oracle Real User Experience Insight

When the Web server responds and sends the object to the visitor, RUEI sees that response, and stops
timing the server response time. At this stage, RUEI can see whether there is a response from the
server, whether this response is correct, how much time the Web server required to generate the
requested object, and the size of the object.
RUEI is also able to see whether the object was completely received by the visitor, or if the visitor
aborted the download (proof of delivery). Therefore, RUEI can determine the time it took for the
object to traverse the Internet to the visitor, and can calculate the Internet throughput between the
visitor and the server (connection speed of the visitor).
Rather than defining only a representative usage of your Web site, RUEI unlocks your customers’
experience while it gathers performance information. This is possible because RUEI sees exactly how
your visitors browse and experience your Web site.

Product Architecture
RUEI is based on a three layer product architecture. The three layers are data collection, data
processing, and data presentation.

Figure 2. RUEI product architecture.

1. Data Collection
The Data Collector is responsible for acquiring raw data and delivers this to the Data Processor. Data
can be collected from multiple sources. Using this setup, a RUEI configuration can be deployed as a
fully scalable solution.
There are two common ways of attaching a RUEI Collector to the network: it can be connected to the
copy port of a switch, or it can be connected using a dedicated network tap1. Network taps have the
additional security benefit that they work as read-only connections.
To read HTTP(S) data streams, a proprietary software module reassembles TCP/IP packet streams.
Therefore, the operation system’s TCP/IP stack is disabled for those network interfaces that are used
to collect data.
Because these network interfaces do not have an assigned IP number, and the software using these
network interfaces does not have a functional IP stack, RUEI is not able to respond to incoming traffic

5
 Oracle Real User Experience Insight

over these network interfaces. This makes RUEI “invisible” to the monitored networks, and
completely secure.

Data Logging

When the Data Collector has been installed and configured, the network traffic is directly recorded.

Security Aspects

To read HTTP(S) data streams, a proprietary software module re-assembles TCP/IP packet streams.
Because the data collectors do not have an assigned IP number, and the software using these data
collectors does not have a functional IP stack, RUEI is not able to respond to incoming traffic received
from the data collectors. This makes RUEI non-intrusive to the monitored networks, and completely
secure.
Data collection can be configured to log encrypted data (HTTPS). To facilitate this, a copy of the Web
server’s private SSL keys needs to be set up in the Collector. In addition, RUEI can be configured to
omit logging of sensitive data in POST URL arguments, HTTP headers, cookies, and the content of
URLs: so-called masking.

2. Data Processing
The processor converts raw data into relevant OLAP datasets (or views). At installation time, the
correct views are defined and configured. Page identification within RUEI is based on applications.
Essentially, an application is a collection of Web pages. This is because pages on a Web site are
typically bound to a particular application. For each page that the system detects, it uses the available
application definitions to assign a name to it. Note that information about any pages that could not be
identified using these definitions is discarded, and, therefore, not available through reports and the
Data Browser.

3. Data Presentation (Reporter)

The data presentation is performed by RUEI’s analysis and reporting environment. This is a Web-
based information portal that can be accessed from any supported browser.
Standard functionality in this interface is the possibility to create reports, and to perform advanced
statistical comparisons. This is available through an interactive browser with click-through selection on
all aspects, full-text search, one-click create report button, printing ability, and various export formats.
• Data correlation can be performed across the following dimensions:
• Period (year, month, week, day, hour, 5 minutes).
• Client (country, provider, provider network, city, client IP).
• Server location (IP address).
• URL (site, Web site, name, name and POST or GET arguments).
• Page (application, page group, page).

6
 Oracle Real User Experience Insight

• Customer name (optional).

Graphs and value lists can easily be exported to spreadsheet applications (such as Microsoft Excel). It
is also possible to configure RUEI to periodically send reports by E-mail to anyone of choice.

Authorization

An authorization system allows you to define a set of roles with different privileges. The Administrator
maintains the basic network-related configuration (such as mail and reporting settings) used by the
system. In addition, they act as first point of contact for system issues, and are responsible for such
things as performing backups of the current configuration, and the administration of the other users
authorized to work with the system.
Business users are concerned with evaluating visitor behavior according to business goals. As such,
they may be concerned with improving customer satisfaction, retention, and loyalty, increasing
conversion rates, or monitoring the effectiveness of website-based marketing activities.
IT users are concerned with supporting the IT and other technical information the system needs to
monitor the Web environment. Typically, they are responsible for deeper analysis of failed SLAs or
KPIs.
For both Business and IT users, their assigned authorization level determines the level of access they
have to the system’s functionality. This includes the use of dashboard functionality, as well as on-
demand and mailed reports, and drill-down into the information captured during monitoring.
Users with Full access level permission have access to all information within the Data Browser, reports,
the KPI overview facility, and dashboards. For all other users, the information available to them is
managed as part of their user profile.
KPIs, user flows, and dashboards can be defined as generic or bound to a specific application, suite, or
service. Access to the information within an item is automatically managed through each user’s
assigned permissions.
If an item is defined as generic, only users that are authorized to access all applications would be able
to view the item. This is because a generic item can contain information about multiple applications,
suites, or services. Similarly, if a user is only authorized to view information about two applications,
they would only be able to view KPIs, dashboards, Data Browser information, and reports directly
concerning those two applications.

Installation Options
A RUEI system can be installed to preform one or more of the following roles: a Reporter, a Collector,
or a Processing Engine.

Reporter

7
 Oracle Real User Experience Insight

A Reporter system post-processes the data gathered by the Collectors attached to it. After processing,
this data is stored in an Oracle database, referred to as the Reporter database. System users can review
the collected data through a browser-based interface.
In order for RUEI to be able to accurately monitor network traffic, and report its results, it needs
certain information about your network and application infrastructure. This includes how pages,
service function calls, and end users will be identified, the scope of monitoring in your network
environment, the monitoring of specific KPIs and SLAs, and the roles and permissions assigned to
system users. This information is held in the Configuration part of the Reporter database.

Collector
A Collector monitors network traffic, and submits the data it gathers to a Reporter or Processing
Engine. Multiple Collectors can be attached to the same Reporter. Note that a direct connection is
required between the Collector systems and the Reporter system.
Note that each Reporter installation also contains a local Collector instance. The Reporter can be
configured to just process information gathered by this local Collector (this is a single-server
configuration), or to receive information from additional Collectors. Note that the local Collector
instance on the Reporter system can also be disabled if not required.

Processing Engine
A Processing Engine is an optional component in a RUEI deployment that undertakes the data pre-
processing role normally performed by the Reporter. Essentially, it involves offloading the overhead of
processing the data gathered by the Collectors to one or more separate systems.
Each Processing Engine has its own (local) database, in which intermediate network traffic monitoring
results are stored. Once processed, this data is used to update the Reporter’s database. All
configuration information is still maintained within the Reporter’s database. Note that each Processing
Engine system requires a direct connection between its associated Collector systems and the Reporter
system.

Deployment Scenarios
Single-Server Deployment
This is the simplest deployment, and is suitable for monitoring Web environments with low to medium
levels of traffic. An example is shown in Figure 3.

8
 Oracle Real User Experience Insight

Figure 3. Three-tier deployment.

In this deployment, a single system servers as both Collector and Reporter. As explained in the
previous section, the Configuration and Reporter databases can reside locally on the Reporter system
or on a remote database server.

Multiple-Server Deployment
The use of multiple servers may be considered when there is a need to monitor very high levels of
traffic. In addition, this deployment also provides the possibility of enhanced security. For example, by
placing the Collector(s) outside the office network, while placing the Reporter system within the
network. Figure 4 shows an example of a multiple-Collector deployment.

Figure 4. Multiple-server deployment.

This features a deployment in which both data lines are monitored in the same reporting environment.
Note that this deployment assumes that the traffic on each line is mutually exclusive. It also illustrates a
deployment used for security reasons. While the traffic from Web servers A and B are monitored and

9
 Oracle Real User Experience Insight

reported, the traffic from Web server C is not. This is also the reason why the Collectors are not placed
above the switch. Note that the Collector instance on the Reporter system (system 1) is disabled.
For security reasons, it is recommended that access to the Reporter system is restricted to trusted IP
ranges. Similarly, you may want to locate the Reporter system inside the internal network to maximize
its security. The Collector’s data gathering ports should be within the DMZ.
The application and infrastructure information held in the Configuration database is maintained by the
Reporter based on information provided by system users through its browser-based interface. Each
Collector uses this information to determine how the data it gathers should be reported.

10
 Oracle Real User Experience Insight

Three-Tier Deployment
As explained earlier, a Processing Engine serves to offload a significant amount of the processing
normally performed by the Reporter to one or more separate systems. It is strongly recommended that
you consider the use of a Processing Engine within your deployment when CPU utilization on the
Reporter system is reaching its upper limit. Figure 5 shows an example of a Processing Engine within a
multiple-Collector deployment.

Figure 5. Three-tier deployment.

It is important to understand that the processing performed on the Reporter system includes not only
the processing of the data gather by the attached Collectors, but also the use of the Enriched data
export facility. This enables you to combine the data gathered by RUEI with other data sources. Be
aware that, when enabled, this facility places a considerable additional load on the Reporter system.
The Enriched data export facility is described in the Oracle Real User Experience Insight User’s Guide.

Local and Remote Database Installations

The data available via the Reporter system is stored in an Oracle database. This database can reside
locally on the Reporter system, or on a remote database server (such as a database cluster).
The use of a remote database server provides a number of potential advantages over a locally installed
database. In particular, it offers easier integration with existing security and back-up policies, as well as
improved performance through the use of dedicated servers. Currently, RUEI supports the Oracle 11g
database.

High Availability Reporter, Processing Engine, and Collector Systems

11
 Oracle Real User Experience Insight

It is possible to configure passive failover Reporter, Processing Engine, and Collector systems that will
seamlessly take over processing in the event that the primary system is not available. In this way, a high
level of operational reliability is achieved.
At server level, a crossover cable connects the primary and secondary systems. As long as a regular
"heartbeat" continues between the primary and secondary servers, the secondary server will not initiate
processing of traffic. However, the secondary server will immediately take over the processing task of
the primary server as soon as it detects an alteration in the "heartbeat" of the primary server.

Installation
RUEI systems can be installed on Oracle Enterprise or RedHat Enterprise Linux 5 systems. It is
strongly recommended that RUEI is only installed on dedicated systems. The procedure and
requirements for installing RUEI are fully described in the Oracle Real User Experience Insight Installation
Guide.

Single-Server Configuration
Required network connections: one copy (SPAN) port connection and one normal network
connection as follows:
• For connection of the data Collector to the Web infrastructure. Per monitored environment, a
connection to the relevant copy (SPAN) port or network tap. These connections do not have
network addresses.
• One connection to the customer user network. This connection does have a network address, and is
used for accessing the Web-based Reporter system.

Split-Server Configuration
The required network connections are one or more SPAN connections and one normal network
connection per data collection server, and at least one normal network connections per presentation
server as follows:
• Per connection of the Data Collector on the Web infrastructure. Per monitored environment, a
connection to the relevant copy (SPAN) port.
• For a separate presentation server: one connection to receive information from the data collection
servers, plus one connection to the customer network. These may be combined.
Required network resources: two IP addresses for the presentation server, and one IP address per
collection server as follows:
• An assigned fixed IP address for Web browser and login access to the presentation server.
• Access from the user network to the RUEI presentation server: Web browser access to port 443
(HTTPS).

12
 Oracle Real User Experience Insight

Conclusion
RUEI is a solution for monitoring Web and Oracle Forms traffic through Network Protocol Analysis
(NPA). Typically, it is installed before the Web servers, behind a firewall in the DMZ. The RUEI data
collection method is based on NPA. RUEI is “invisible” to the monitored networks and completely
secure.
Installation of a RUEI system requires no changes to a Web infrastructure or website content. A
standard RUEI system can be operational within an hour.
RUEI provides an easy-to-use browser interface where you can correlate different information in a
simple way. To create reports, you simply select an interesting view within the browser interface, and
click a single button. Information is directly available, and provides you a complete insight into all
performance aspects of all (object) transactions between your Web infrastructure and your visitors.

13
Oracle Real User Insight Insight Copyright © 2011, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only and the
September, 2011 contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other
Author: Paul Coghlan warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or
fitness for a particular purpose. We specifically disclaim any liability with respect to this document and no contractual obligations are
Oracle Corporation
formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any
World Headquarters
means, electronic or mechanical, for any purpose, without our prior written permission.
500 Oracle Parkway
Redwood Shores, CA 94065
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
U.S.A.

Worldwide Inquiries: AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices.
Phone: +1.650.506.7000 Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license
Fax: +1.650.506.7200 and are trademarks or registered trademarks of SPARC International, Inc. UNIX is a registered trademark licensed through X/Open
Company, Ltd. 1010
oracle.com