Late in 2013 TRAC Research, a market research and analyst company that specializes in IT management, published research findings on key trends in the Network Performance Monitoring market. The research highlights some challenges, and well as some common misconceptions, with the state of Network Performance Monitoring solutions. Join us as we host Bojan Simic, Principal Analyst at TRAC Research, who will share his insights on these research findings as well as his perspectives on the changing landscape in the Network Performance Monitoring market.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
• NPM by the Numbers • Network Forensics for NPM • Configuring Your Network for Forensics • Customer Use Cases • Best Practices in Network Forensics • WildPackets Corporate Overview • WildPackets Product Line Overview
What is Network Forensics ? • Marcus Ranum is credited with defining Network
Forensics as “the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.” (wikipedia)
• It’s not like TV – employ forensics before the “crime” - network traffic is transmitted and then lost, leaving no clues behind
• Other names: packet mining, packet forensics, digital forensics
• Faster networks/greater data volumes ‒ 10/40G adoption grew 62% in 2012 ‒ 75% of the investments in networking are for 10G1
• Richer data • Subtler and more malicious security threats
‒ Zero-day attacks ‒ APTs (Advanced Persistent Threats) ‒ 75% of data breaches financially motivated ‒ 66% of breaches took months or longer to discover2
• Sampled data and high-level stats ‒ Flow-based network monitoring vs. detailed DPI analysis
• Capturing and recording data ‒ 10/40G network support ‒ No dropped packets – 100% fidelity ‒ Continuously available ‒ Always test in your environment
• Discovering data ‒ Timely results delivery ‒ Filtering for IP addresses, applications, etc.
• Analyzing data ‒ Automated analysis – Expert events ‒ Simple, intuitive workflow ‒ Data visualization from multiple perspectives
Capturing Network Traffic 1. Capture traffic continuously 2. Deploy a solution that captures traffic reliably 3. Set up filters to catch anomalies Storing Traffic 4. Allocate sufficient storage for the volume of data
being collected 5. Adjust file sizes for the desired performance
Corporate Background • Experts in network monitoring, analysis, and troubleshooting
‒ Founded: 1990 / Headquarters: Walnut Creek, CA ‒ Offices throughout the US, EMEA, and APAC
• Customers spanning leading edge organizations ‒ Mid-market and enterprise lines of business ‒ Financial, manufacturing, ISPs, major federal agencies,
state and local governments, universities ‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000
• Award-winning solutions that improve network performance ‒ Internet Telephony, Network Magazine, Network Computing awards ‒ United States Patent 5,787,253 issued July 28, 1998
• “Apparatus and Method of Analyzing Internet Activity”
Presenter
Presentation Notes
Founded in 1990, WildPackets develops network and application analysis solutions that enable organizations of all sizes to analyze, troubleshoot, optimize, and secure their wired and wireless networks, improving network and application performance. Our patented technology emerged in the early nineties with the award-winning EtherPeek network protocol analyzer. Today OmniPeek encompasses troubleshooting and analysis, of wired and wireless networks including 10 gigabit, 802.11n, and as well as VoIP and application performance analysis. WildPackets products are sold in over 60 countries through a broad network of channel and strategic partners. Our customers span all industrial sectors, including 80% of the Fortune 1000, including Boeing, Chrysler, Cisco, Comcast, EDS, Hewlett-Packard, Microsoft, Motorola, Nationwide, Siemens, Qualcomm, and Deutsche Bank. Strategic partners include Aruba, Atheros, Cisco, 3Com, Intel, Net Optics, and Gigamon.
We provide innovative, industry-leading, real-time network performance management solutions
‒ Easy-to-use, easy-to-learn user interface ‒ Uniquely extensible solutions ‒ Wireless network leadership ‒ Detailed analytics related to network applications ‒ Fastest network traffic capture appliance in its class ‒ Technical superiority at competitive price point
WildPackets has continually advanced its solution to meet the needs of its customers
OmniPeek network analyzer performs deep packet inspection and can reconstruct all network activity, including e-mail and IM, as well as analyze VoIP and video traffic quality.
PINPOINT NETWORK ISSUES ANYWHERE
Omnipliance Portable can rapidly identify and troubleshoot issues before they become major problems—wired or wireless—down the hall or across the globe.
UNDERSTAND END-USER PERFORMANCE Omnipliance network analysis and recorder appliances monitor and analyze performance across critical network segments, virtual environments, and remote sites.
NETWORK HEALTH
WatchPoint can manage and report on key device performance and availability across the entire network, from anywhere on the network.
• Ethernet,1/10 Gigabit, 802.11, and voice and video over IP • Portable capture and OmniEngine console • Aggregate analysis data across multiple capture points
Omnipliance Network Analysis and Recorder Appliances
• High-performance packet capture and real-time analysis • Stream-to-disk for forensics analysis • Integrated OmniAdapter network analysis cards up to 40G
• Aggregation and graphical display of network data • WildPackets OmniEngines • NetFlow and sFlow
Presenter
Presentation Notes
The OmniPeek Product Family offers both portable and distributed solutions for troubleshooting and optimizing enterprise networks and applications. OmniPeek network analyzers are used for portable analysis and troubleshooting, and the OmniPeek console connects to distributed OmniEngines, which analyze data at remote locations on the network. WatchPoint brings the data collection and Expert Analysis capabilities of the OmniPeek Product Family to an entirely new level by offering unprecedented visibility into network traffic trends and behavior across the entire enterprise.
‒ Fastest network recorder in its class! Captures traffic up to 20Gbps of real-world traffic (all size packet distribution)
‒ Scales up to 128 TB of storage ‒ Provides simultaneous real-time analysis and a comprehensive Forensic
Search that rapidly searches through terabytes of captured traffic for the details relevant to an investigation
Precise ‒ Captures complete network traffic, so you can analyze everything, not just
samples or high-level statistics ‒ Doesn’t drop packets or sacrifice accuracy for speed ‒ Supports rich, detailed analysis, including VoIP and video-over-IP traffic
Affordable ‒ Delivers outstanding price/performance (lower price; half the rack space) ‒ Allows mix of 1G/10G/40G interfaces without buying extra appliances ‒ Solutions start at $16,995
Your network is bigger and faster. Now your analysis solution is, too.
Omnipliance TL Industry Leading Network Analysis and Recorder Appliance
• Sets a new standard in capture-to-disk speeds ‒ 20Gbps sustained capture to disk rate with zero packet drop
• Best price/performance Network Analysis Appliance in the market ‒ 20Gbps with only one Omnipliance TL + OmniStorage ‒ Consuming less rack space, less cooling, less electrical power
• Most flexible network interface offering ‒ 1G/10G/40G interfaces supported in a single unit eliminates
additional unit requirement
• Most accurate real-time analytics ‒ Packet-based processing and analysis vs. inaccurate sample-
Comprehensive Support and Services Standard Support Maintenance and upgrades Telephone and email contacts Knowledgebase MyPeek Portal
Premier Support 24 x 7 x 365 Dedicated escalation manager 2 customer contacts per site Plug-in reconfiguration assistance
WildPackets Training Academy Public, web-based, and on-site classes Complete curriculum: technology and product focused Practical applications and labs covering network analysis,
wireless, VoIP monitoring and advanced troubleshooting
Consulting and Custom Development Services Deployment, configuration, and assessment engagement Systems integration and testing Application integration, driver, decode, interface development
WildPackets Key Differentiators • Visual Expert intelligence with intuitive drill-down
– Let computer do the hard work, and return results, real-time – Packet /payload visualization is faster than packet-per-packet diagnostics – Experts and analytics can be memorized and automated
• Automated capture analytics – Filters, triggers, scripting, and advanced alarming system combine to provide
automated network problem detection 24x7 • Multiple issue network forensics
– Can be tracked by one or more people simultaneously – Real-time or post capture
• User-extensible platform – Plug-in architecture and SDK
• Aggregated network views and reporting – NetFlow, sFlow, and OmniFlow
Presenter
Presentation Notes
Expert intelligence… real-time… automate alarms and actions. Verbally give examples: Here is what we actually do. TOOT! More highly evolved analytics than any other product.
24x7 Network Monitoring, Analysis, and Troubleshooting
Presenter
Presentation Notes
Simply put, at WildPackets we’ve created an extensible, scalable network platform that illuminates every part of your network. We show you what’s happening on every network segment--wired or wireless, LAN and WAN, even Gigabit. We’re not just capturing packets; we’re providing real-time expert analysis that identifies problems such as unresponsive servers, poor application performance for end users, DoS attacks, and more. The analysis is performed locally everywhere you have a network. At headquarters. In remote offices. WatchPoint and The OmniPeek Product Family: • Provides real-time troubleshooting of mission-critical network services • Covers entire enterprise networks, including network segments at remote offices • Gives engineers powerful analysis relevant to today’s networks • Secures diagnostic communications so analysis never compromises security • Optimizes diagnostic communications to minimize impact on networks using Intelligent Data Transport™ • Is flexible, scalable, and extensible to grow with network needs • Monitors and troubleshoots Voice and Video over IP applications without having to invest in stand-alone troubleshooting tools or special hardware • Monitors and analyzes remote network segments • Analyzes application performance in the context of overall network activity