Big Enterprise or B.E. is a multibillion dollar telecommunications and virtual services company. Their offices and data centers offer storage, streaming media for training, Video Teleconferencing, and Voice Over IP for companies all over the world. It is the responsibility of the Network Operation Center to maintain service availability by managing many types of network related issues, ranging from network intrusions to bandwidth allocation.

The B.E. Solution for situational awareness is an interactive display designed to provide a concise visual representation of the state of the Big Enterprise network. The goal of the display is to facilitate the prioritization of network problems as they arise, by explicitly depicting how problems interrelate. The board depicts how network problems are geographically or functionally distributed and illustrates how they impact critical enterprise mission areas.

In this example, the NOC Manager can go through each mission area to check on health, security, and performance, making sure all issues are addressed. Here enterprise resources pertaining to the day-to-day function of the VTC/VOIP mission area are highlighted in blue across all zones. When specific problems arise, warning icons appear on the board indicating the type of issue, be it health, security or performance, which functional zone the issue impacts, as well as the status of the problem: new problems are shown in red, and yellow indicates an issue is currently being worked. Bubbles at the top right summarize the number of events in each area, and update depending upon the mission currently being viewed. The aggregation of events simplifies the view of healthy systems, while the pop-up notifications draw attention to portions of the network that require immediate action.

A complete summary of all warnings is on the far right side of the board; each warning is categorized by the three types and labeled by zone. A pill icon indicates which mission the issue impacts the most and whether the issue is being addressed.

One adaptable feature of the BigBoard that aids situational awareness is a search tool with the flexibility to highlight geographic and functional categories based upon user input.

Here, the NOC manager sees a decrease in traffic (shown by the yellow pipe) between Zone 1 and Zone 2. She wonders if it is because Sydney is shutting down as part of their cyclone preparations. Searching for Assets in Australia displays a lower-than-normal density of resources being used by the Sydney office.

Before she can breathe a sigh of relief, the NOC manager notices traffic from Zone 2 to Zone 4 is increasing and starting to eat up bandwidth to the Data Center. Security badges in Network Defense indicate security issues, which in this case could be the result of beaconing. Performance badges appear in Applications and Data Storage, indicating outages and a Health badge appears in the Customers Zone, which she sees is likely the result of Malware.

Here, the NOC Manager learns from the Network Defense lead that root-kit activity leveraging a Java vulnerability is affecting B_Docs, the company's cloud storage service.

Switching Mission views, the manager can do a search for vulnerable hosts. Sure enough, the root-kit is overlapping with unpatched machines. Apparently, as part of the cyclone preparations, Boston has been taking over Sydney's functions and some key machines were left unpatched. The Network Defense group quarantines the infected machines in Boston, blocking corresponding outbound traffic. However, they can't be shut down as they are filling in for functions diverted from Sydney.

A layering of different types of information shows how multiple functions are interrelated. Here, resources allocated to B_Docs (the content-sharing tool) are shown in green, unpatched machines are shown in orange, and a security warning icon indicates the presence of an "unauthorized user."

In the meantime, a number of badge icons previously in the VTC VOIP mission area have switched from red to yellow, indicating that that issues are actively being worked on, while other warnings have disappeared altogether, showing successful resolution.

In this scenario, the NETWORK OPERATIONS CENTER used the BigBoard to help B.E. avoid a potentially disastrous crisis. The network manager was able to use the display to gain situational awareness of the enterprise network where she could detect and prioritize issues, understand operational impact, and respond with the best course of action.