Three years ago, my wife and I packed up and moved to Denver, mostly to enjoy more of the outdoors and the beautiful mountains. But if I’m being honest, there’s one thing I look forward to more than anything else: ski season.
With so many incredible resorts on the Epic or Ikon pass, it’s hard to tire of hitting the slopes all winter. And let’s be honest—there’s nothing quite like those perfect powder days: fresh snow, bright sunshine, and (if you’re lucky) no high winds. Living here has definitely spoiled me when it comes to what counts as “good” conditions.
But there’s a catch. Those dreamy powder days, especially on weekends, come with a not-so-dreamy reality check: I-70, the interstate connecting people from Denver to most ski resorts, looks like this:
Then there’s the other extreme—the storm hasn’t yet passed as I write this. In those moments, I-70 ends up looking like this:
When deciding if—and where—we’re going to ski, the Colorado Department of Transportation (CDOT) webcams have been incredibly helpful. Even better, these webcams got an upgrade a while back: they don’t just snap photos anymore—now they stream live video with surprisingly decent quality, giving me a real-time look at traffic conditions along key parts of the road.
What Do Traffic Cameras Have to Do with Network Observability?
You might wonder why I’m talking about traffic webcams in a blog post for a network observability platform. I use those CDOT webcams for two primary purposes:
I'm checking if traffic is backed up and figuring out why. Is it an accident closing a lane, or are there just too many cars for the available road “bandwidth?”
Making sure the conditions are safe enough for the drive and that the round-trip time works for me to get home on time.
Does it sound similar to network use cases? I think so. However, static images from those webcams could get the job done well enough for my two needs. But having access to a live-stream video gives me a much clearer picture and helps me make better decisions.
For example, it’s nearly impossible to gauge traffic speed from a single snapshot taken—or sampled—from a stream of data. That’s why I’m thankful CDOT invested in an observability platform that doesn’t rely on sampling, allowing me to see the full picture.
Unsampled Data Massively Expands Use Cases and Increases Value
I can only imagine how important real-time video is for CDOT in keeping its traffic infrastructure running smoothly. But this type of valuable data can do even more.
Take the Colorado Police, for example. They might need to determine which direction a suspect drove away or track down a car linked to an Amber Alert. If these traffic cameras only snapped a picture every minute, it would be pure luck to catch an image of the license plate (with 25fps video, that’s roughly 1 picture every 1,500 frames—about what you might get with today’s netflow devices). However, when the police can access 1,500 pictures every minute and an observability platform that lets them quickly search through that data, they can track a suspect’s movements with much more certainty.
This scenario highlights the frustration many SecOps and NetSecOps teams face today. They’re flooded with security alerts—basically 911 calls��—but often lack the fine-grained visibility needed to investigate efficiently. Why? Legacy tools collect network traffic data that is typically only accessible to network teams and often sampled. As a result, even if SecOps teams have access, they may miss the threats they're investigating, making the data ineffective for many security use cases beyond denial-of-service or flooding attacks.
Related blog post: Why Sampling Sucks for Network Observability
ElastiFlow Enables NetSecOps Teams to Do Their Job
ElastiFlow NetObserv helps NetSecOps teams collect all network flow data without relying on sampling. It’s the most efficient flow collector on the market, supporting the widest range of vendor-specific fields and offering the most enrichment sources, so every team member has exactly what they need.
ElastiFlow’s Network Intelligence service, NetIntel, enriches all flows with threat information, a history of threat behavior, and MITRE ATT&CK framework mapping. This comprehensive approach helps SecOps teams detect and mitigate threats that might otherwise get lost in the noise of regular network traffic, strengthening the organization’s overall security.
Today, my wife and I aren’t heading to the mountains—a decision made thanks to an observability platform that gave us all the insights we needed in one place. Your network operators and security analysts deserve the same.
Ready to learn more? Download our eBook, How Network Traffic Data Keeps You Ahead of Threats, and learn how real-time, unsampled data bridges gaps between NetOps and SecOps teams for faster detection and response to sophisticated threats.
Stay connected
Sign up to stay connected and receive the latest content and updates from us!