Is “real-time” marketing fluff or a differentiating factor? It may depend on the situation you’re facing

September 3, 2024
Author:Jeff Aboud

Without real-time observation of critical data, IT and security will remain unaware of any potential problems until one of their point products finally alerts them.

Let’s face it, the term “real-time” is dramatically overused in the data observation and orchestration market today, with every vendor out there saying that they do it. Maybe not quite as bad as “AI”, but it seems to be a close second. But when you press these vendors on exactly what they mean by real-time, you may be surprised at the honest answers.

For some, “real-time” may be 5 to 10 seconds of latency. For others, it may be as low as 3 to 4 seconds. Though absolute real-time doesn’t actually exist, an acceptable definition of it in the practical world would be measured in a handful of milliseconds. Once you get to full seconds of latency, it’s absolutely not real-time!

But that really begs a number of questions. If they’re really only talking about several seconds, does “real-time” really matter? I mean, does it really make a difference? Or, is several seconds of latency “good enough”?

The answers to these questions really depend on your needs and your use case. If you’re just patching user machines, I’d venture to say that real-time data observation isn’t at all necessary, since those systems don’t typically pose a dire emergency. But if you’re running a retailer’s e-commerce site trying to maximize revenues by presenting customers with custom content to encourage higher purchase values; or you’re enabling a bank’s anti-fraud unit to detect fraudulent activity to thwart highly-organized, tech-savvy thieves; or you’re responsible for maintaining the safe and continuous operations at an auto manufacturing plant, real-time data observation ― including real-time alerts when abnormalities, potential security risks, suspicious activity, or system troubles are detected ― may very well be considered a game-changer.

To be honest, as a marketer I never had much of a need for real-time; my projects simply don’t require that level of immediacy. But I recently had an experience that made me realize that real-time is absolutely essential in other areas ― even in my own life! See, even though I work in high-tech as a full-time career, on the weekends I give back to my community by working part-time as an Emergency Medical Technician (EMT) at a local amusement park. Trust me, a lot more happens at an amusement park than you think; we definitely get our fair share of serious calls. Which leads me to my now very personal understanding of the value of real-time.

We recently got a brand new ambulance to replace the horribly aging one we’d been using for the past 10 years. The new ambulance is high-tech and really cool. And it’s 100% electric! We were all pretty excited to get it with all of its fancy new features … until we turned the key and realized that every time we start it, the system takes about 15 seconds to initialize before we can drive away. Again, how you feel about this in a vehicle depends on your perspective ― what’s your specific need with the vehicle and what are the circumstances each time you start it? If it’s your personal car, 15 seconds probably feels like nothing at all. And in fact, even when I’m on the job, it’s no big deal if I’m going out to do inspections, or have a non-emergency call. But a few weeks ago, I had a truly critical patient who was in dire need of immediate medical attention. We even had people on-scene, verifying over the radio that the call was legitimate. And there I was, in the ambulance with my partner; my gloves were on; the ignition was engaged; and there we sat. In that instance, 15 seconds may as well have been 15 hours! I was in a life-or-death situation, but there was nothing I could do until the system was ready! Honestly, for a brief moment it even crossed my mind to jump out of the ambulance and run! Of course, that would have been foolish, but it’s the way I felt when faced with an emergency, yet powerless to do anything but wait.

Now, of course in high-tech, we’re rarely faced with life-and-death situations … but if you're an IT manager in charge of a network that’s showing warning signs that systems are failing; or you’re a cybersecurity leader who’s seeing evidence of a impending network attack, you may feel similar to how I felt in those handful of seconds. Or even if you’re the IT person in charge of the eCommerce site I mentioned earlier, and you have the opportunity to help the company dramatically increase its revenues by displaying customized offers to customers who are in the midst of checking out ― or proactively fixing the payments gateway that’s on the verge of causing mass cart abandonment, thereby costing the company hundreds of thousands, or perhaps even millions of dollars (for bigger retailers) ― how comfortable are you while you wait for the data to be analyzed and provide you with actionable information? I’d venture to guess that in many of your day-to-day activities, it may not be top-of-mind; but when those moments happen, even a few seconds is going to seem like an eternity ― and it may very well cost the company customers, lost revenue opportunities, and even direct costs.

That’s why Onum developed the industry’s only pure real-time data observation and orchestration platform. The Onum platform is deployed as close as possible to where the data is generated and, like others in the industry, we orchestrate data from any source to any destination. Also like others, we reduce, enrich, normalize, and optimize the data to help reduce your costs and make your analytics platforms run more efficiently. But that’s where the similarities end.

Onum uniquely observes and adds value at line speed as the data travels to your analytics platform. And we’re able to see all of your data from across your hybrid network (physical on-prem, public and private clouds, OT, IoT) in our single cloud-based platform, for full-context observation to truly understand exactly what’s happening. And the platform can be configured to send pure real-time alerts when any abnormalities, potential security risks, suspicious activity, or system troubles are detected.

So when we say “real-time” observation, orchestration, and alerting, what do we mean? As I mentioned above, I’m not going to pretend that absolute real-time exists; I pride myself on not being one of those marketing people who just say what sounds good. So yes, we have latency. But our average latency is 7.8 milliseconds. How fast is that? For comparison, a hummingbird flaps its wings an average of 120 times per second ― or once every 8.3 milliseconds. That’s so fast that it’s hard for the human brain to even isolate the individual flaps. Doing some quick, basic math, Onum’s latency is 0.5 milliseconds less than a single flap of those wings. So yeah, I think we’ve earned the right to use the term “real-time”.

By way of comparison, our closest competitor claims that their average latency is 4 seconds. Now, that may not seem like much, but neither did 15 seconds to me until I had to wait that long during an actual emergency. But what’s more, Onum’s 7.8 millisecond “latency” is an end-to-end measurement, whereas the competitor’s quoted number is just the latency from the point of collection to where they hand-off to their second product which processes the data. See, whereas Onum is a single platform that does everything from end-to-end, they require at least two products ― one for collecting the data and the other to orchestrate it and send it to its final destination. And that’s if you only have either 100 percent physical on-premises data or 100 percent cloud data. If you manage a hybrid environment (which nearly every organization does), you need a third product from them: one to collect cloud-based traffic, one to collect physical on-premises traffic, and a third to orchestrate that data. And since they’re different collectors, they require two different instances of the orchestration product ― the data from each of these environments are never analyzed together, so there’s never full context until it reaches your data analytics platform. So, even if that orchestration only takes another couple of seconds, you can see how the latency is already beginning to snowball.

Oh, and did I mention that they can’t alert? Nope, you won’t get alerts on any anomalies or potential issues until all data is fully processed by your analytics platform. Depending on how efficient your analytics platform is, that can be minutes, or even hours. Either way, I think we can agree that it certainly doesn’t qualify as “real-time”.

So, next time you consider a data observation and orchestration platform, and you think that maybe “real-time” is just a marketing point, ask yourself to what extent seconds count when faced with those critical use cases.


For more information, read our white paper, Benefits of Real-Time Observation