© SecurActive 2014
WHAT’S NEW IN VERSION 3.0?
© SecurActive 2014
PERFORMANCE VISION VERSION 3.0
Database Transactions
Multi-Node Analysis
Links Between Flows & Transactions
New Features & Improvements
© SecurActive 2014
Performance Vision 3.0
DATABASE TRANSACTIONS PERFORMANCE
ANALYSIS
© SecurActive 2014
IN-DEPTH DATABASE PERFORMANCE ANALYSIS
Databases in APS
Supported Databases in APS
Oracle
Microsoft SQL
MySQL (and derivatives)
PostgreSQL
© SecurActive 2014
PERFORMANCE OF SQL QUERIES OVER TIME
Display SQL performance metrics over time for:
Performance
Number of queries
Payload
Number of Packets (PDUs)
One-click drill down to details
© SecurActive 2014
SQL MOST ACTIVE SERVERS
Display SQL metrics for most requested servers
Server IP
Number of queries and errors
Queries and responses payload
Server response time & data transfer time
One-click drill down to queries and errors
© SecurActive 2014
SQL MOST ACTIVE CLIENTS
Display SQL metrics for most active clients by IP
Client IP
Number of queries and errors
Queries and responses payload
Server response time & data transfer time
One-click drill down to queries and errors
© SecurActive 2014
SQL TOP QUERY
Display the most frequent SQL queries
SQL query
Number of occurrences and errors
Server response time & data transfer time
Queries and responses payload
One-click drill down to queries and errors
© SecurActive 2014
SQL QUERIES
Display the list of SQL queries
Client and Server
System, database, username
SQL query
Server response time & data transfer time
One-click drill down to more details
© SecurActive 2014
SQL RAW DATA: ADVANCED TROUBLESHOOTING
Display all queries details for troubleshooting
System, database, username
SQL Query
Status
Error Code
Error Message
© SecurActive 2014
TRUE ROOT CAUSE ANALYSIS
Direct access to transaction level
Display query details
Improved readability
Query formatting
Color highlighting
Resizable text area
© SecurActive 2014
SQL DEDICATED FILTERS
Dedicated SQL filters: refine your search
Search results by:
Database system
Command type
Database name
User name
SQL query
Error / status code
ORA-1403 is not considered as an error
© SecurActive 2014
EASY DRILL-DOWN
One click drill-down to flow details associated to this transaction
One click drill-down to SQL query details
One click drill-down to SQL errors
© SecurActive 2014
CONFIGURE SQL ANALYSIS
Configuration > Zones
Activate SQL queries analysis for the zone and its subzones
© SecurActive 2014
SQL ANALYSIS WORKLOAD
Configuration > Database Workload
Check the impact of SQL analysis activation on database workload
© SecurActive 2014
Performance Vision 3.0
MULTI-NODE ANALYSIS
© SecurActive 2014
MULTI-NODE ANALYSIS: TRIGGERED PCAP
Configuration > Triggered PCAP
Schedule packet captures on multiple nodes at once
© SecurActive 2014
CREATE TRIGGERED PCAPS AT ANY TIME
© SecurActive 2014
TRIGGERED PCAP LIST
Configuration > Triggered PCAP
Review packet captures list
Download packet captures files
The suggested filename is either:
The existing name or based on filters
© SecurActive 2014
ON DEMAND SECURED TRANSFER
CollectorPoller Web Client
Download packet capture files
Files are streamed on demand through a SSH channel
SSH Streaming
HTTP/HTTPS
© SecurActive 2014
CENTRALIZED FILE DELETION
Delete packet capture files
Can be deleted directly from the web interface
© SecurActive 2014
FTP ACCESS FOR TRIGGERED PCAPS
FTP access to local packet capture files
Use your favorite ftp client and the “admin” account
© SecurActive 2014
Performance Vision 3.0
LINKS BETWEENFLOWS AND
TRANSACTIONS
© SecurActive 2014
SEE THE LINKS BETWEEN FLOWS AND
TRANSACTIONS
DNS
SQL
ICMP
HTTP
© SecurActive 2014
SWITCH LAYER IN ONE CLICK: TO TRANSACTIONS
DNS
SQL
ICMP
HTTP
Switch from Flows to Transactions
Click to show transactions
Flows
© SecurActive 2014
DNS
SQL
HTTPFlows
Switch from Transactions to Flows
Click to show Flows or DNS
SWITCH LAYER IN ONE CLICK: TO FLOWS/DNS
© SecurActive 2014
Performance Vision 3.0
NEW FEATURES& IMPROVEMENTS
© SecurActive 2014
TOP PROTOCOL STACKS
Network > Tops > Protocols
Distribution of protocol stacks used over the network
© SecurActive 2014
TOP SOURCE IP
Network > Tops > Source IP
Distribution of Source IPs seen over the network
© SecurActive 2014
TOP DESTINATION IP
Network > Tops > Destination IP
Distribution of Destination IPs seen over the network
© SecurActive 2014
SUPPORT FOR IEEE 802.1AH
The sniffer Junkie supports IEEE 802.1ah
Decodes packets with IEEE 802.1ah headers (Provider Backbone Bridges)
© SecurActive 2014
IMPROVEMENTS IN HTTP
In HTTP Pages, add Server IP to the timeline
Change color on Server IP for readability
You can sort by Server IP
© SecurActive 2014
IMPROVEMENTS IN HTTP
Add origin IP in case of proxies, looks for:
x-forwarded-for or x-real-ip
HTTP Timechart
HTTP Inspect
© SecurActive 2014
ENRICH EXISTING VIEWS
Add content-length average (client & server)
Protocols
HTTP Performance
Protocols
DNS Performance Add bandwidth (client & server)
Network
Bandwidth Add number of packets
© SecurActive 2014
CANCEL QUERIES
Cancel queries
When a query is running you can now cancel it in one click in your browser
© SecurActive 2014
WARNING FOR NEW VERSION
Version check, to update:
Access to extranet
Access to documentation
© SecurActive 2014
NEW MENU INTERFACE
Redesigned menu organization
More space to display data
© SecurActive 2014
DATA TABLE IMPROVEMENTS
3.0
2.18
Redesigned time range & aggregate level
One-click access to documentation
© SecurActive 2014
DATA TABLE IMPROVEMENTS
Classify the structure of the information
Blue Data grouping columns
Orange Computed values columns
© SecurActive 2014
REDESIGNED CONFIGURATION SECTION
3.02.18
More intuitive organization
Settings
Advanced Settings
Information
© SecurActive 2014
POLLER STATUS
Poller Status updates
Display full DeviceID on the page
New design and is displayed faster
© SecurActive 2014
DATABASE SUMMARY
Configuration > Database Summary
Data disk usage
Storage distribution per data type and aggregation level
Use to optimize degradation settings
© SecurActive 2014
PERFORMANCE IMPROVEMENT ON BCN
Performance improvement
Business Critical Network is now much faster
© SecurActive 2014
PROTOCOL STACK LIST
Documentation update
Dedicated page to Protocol Stack List
© SecurActive 2014
INTERNAL: NEW HTTP SERVER
Web server change from Apache to Nginx
If you monitor SPV processes through SNMP, update the process name: apache2 > nginx
© SecurActive 2014
VERSION 3.0: IMPACTS SUMMARY
Main impacts compared to 2.18:
Database migration time: low
SQL performance analysis
Check impact of SQL performance analysis on workload & license limits
No major impact on existing metrics
Impact on database migration is low.
Update should take few minutes depending on database size
© SecurActive 2014
REBOOT AFTER UPDATE
After the upgrade is completed
© SecurActive 2014
YOU’RE READY TO GO, ENJOY THE 3.0!
© SecurActive 2014
What’s Newin Version 3.0?
THANK YOU!
For any [email protected]
Follow Us on@SecurActivePV
www.securactive.netblog.securactive.net