No
Yes
NOCturne Case Study Video
The video walks through the NOCturne display being applied to a crisis scenario for the fictional company Inidyne which manages the NOC for Big Enterprise.
The primary mockup shows a scenario that displays most of NOCturne's features at once. There are three mockups for different times that help show the full feature set and explain how attention is drawn to particular issues.
8:00 - View of typical network activity.
8:30 - Scenario where a more detailed topology is displayed for a localized failure.
8:48 - Scenario where there are multiple issues simultaneously.
Storyboards
Walk through some of the limited interactive setup that users can perform and how that impacts NOCturne's response to changes in network status.
NOCturne is a large electronic display that conveys the state of a network in a unified view. It provides situational awareness of the health, performance and security of a network. It is intended to be used by a network operations manager and his/her team at a large network operation center (NOC) to monitor very large and complex global networks. It displays live network activity but does not allow for direct user interaction. The expectation is for the NOC team to use NOCturne as a backdrop while they do more detailed work on their workstations.
The NOCturne display is made up of several UI elements (Fig-0) that provide the different kinds of information needed to monitor and administer large networks. Most of the interface area displays the current status and network activity.
A geomap shows the location of all offices connected by the network. The map is shaded to show where it is currently daytime and nighttime. Markers are placed on the map for each location (Fig-1.A) and indicated whether it is open or closed (Fig-1.C) and the health of its network (Fig-1.B). Geo-spatial context that significantly impacts the functioning of the network such as weather patterns (Fig-1.G), satellite coverage (Fig-01.H), major events (Fig-1.E), and status of undersea cables (Fig-01.D/F) is overlaid on the map.
Adjacent to the map, a topology grid summarized the state of the network at each location. Columns are shown for network providers, hardware, and services roughly in order of their position in the OSI network model (Fig-2.B). Each cell contains a health indicator (Fig-2.C) along with the count of each type of hardware/service found at that location (Fig2.D). So, each row summarizes network information for a location (Fig-2.A) and can be grouped however is most appropriate (Fig-3.A) for a particular business. For each location, information is provided on the overall health of components of the network (Fig-2.G). Metrics such as packet loss and latency are also given a column in the grid (Fig-2.E/F). More metrics may be added as well as desired (Fig-3.C) including a column to monitor SLA (Service Level Agreement) policy fulfillment (Fig-3.B).
Information for a single location on the grid may expand to show a more detailed topology when the problem is localized. Even showing a subset of the entire network can be prohibitively large so the detail view focuses on the most critical services (Fig-4.F) that are not working as expected. The detail view shows the path from the failing services up through the network with again a focus on the hardware and connections with low health (Fig-4.A). Each node in the diagram shown indicates how many items are aggregated into a node (Fig-4.D) and their summarized health (Fig-4.C) as well as the type of the node and the dominant network structure such as ring, star, etc. (Fig-4.B). Links represent connections between groups of devices and use glyphs to show metrics for a link (Fig-4.E). Other links simply show what hardware is supporting a particular service (Fig-4.G). To prevent overall context from being lost, locations with minimal issues are compressed into thinner rows (Fig-4.H) without precise values and rows with more serious issues are left with all values showing (Fig-4.I).
The connectivity matrix extends the grid (Fig-5.D) and represents represents a connection between two locations in the network with a glyph at each intersection in the matrix (Fig-5.A). The upper and lower edges of the matrix represent incoming and outgoing network connections (Fig-5.B) for each location respectively. Each glyph encodes two selected metrics, one by varying the color of the dot in the matrix and the other by changing the length of an arc drawn around the circumference of the circle. The overall network activity for the entire network is summarize in a glyph at the left point of the matrix (Fig-5.C). The top 5 locations of interest are shown in smaller matrices that focus on their current values for each of the 4 top metrics of interest (Fig-5.E). The two metrics out of the top 4 currently tracked in the matrix are highlighted (Fig-5.F/G).
The entire display is organized into a timeline. On either end of the display, space is dedicated to historical (Fig-6) and future or predicted (Fig-7) information. Days further into the past or future are shown in less detail than more recent or impending days. Timeline information for the current day is replicated on both ends of the matrix and a present time divider marks the split between past and future (Fig-6.A). This is done to avoid scrolling the timeline and keep visual stability. Each row in the timeline tracks either continuous trends for key metrics (Fig-6.B) or discrete events such as planned maintenance, weather warnings, or scheduled press conferences. Events are summarized with a histogram to count frequency in a time window (Fig-6.C) and critical or representative events are shown with their start time (Fig-6.E), their duration (Fig-6.F), and their subtype/location (Fig-6.G). The top 5 locations are also directly shown though event subtypes are not represented (Fig-6.D). Future events/trends are often predicted and uncertainty is captured with forecasted values and confidence intervals for trends (Fig-7.A/B), and varying opacity segments for event duration lines (Fig-7.C/D).
NOCturne is designed to scale with the size and complexity of the network. The display can adapt to more or less timeline data by extending its horizontal width or reducing detail for each day. It can accommodate larger networks hierarchically based on the structure of a business. It also allows for a variable number of metrics being tracked in the timeline by using more vertical space or by changing the amount of detail shown per event/trend.