Protocol Analysis, Data Recorder, CALEA, Lawful Intercept, Application Performance, User Experience, Industrial Ethernet, Data Loss Prevention, Deep Packet Inspection, NetFlow, SOX, HIPAA and PCI Compliance, Switching and Routing, Forensics, VoIP, IPTV ... etc.
This week we will speak with Steve Brown and Warren Caron of Viavi Solutions, who are their Director of Solutions Marketing and Solutions Engineer, respectively.
With network teams increasingly involved in all aspects of security from threat prevention to breach investigation and remediation, understanding how to be proactive is critical. In this week's LMTV LIVE, we’ll discuss how network pros can more effectively work with security teams on threat prevention, investigations, and cleanup efforts.
Proactively ID anomalous network behavior
Recognize malware, ransomware, and DDoS
Assess damage post-attack
Reconstruct or playback breaches
Ensure successful remediation
Overcoming key visibility and intelligence issues
Strategies to ensure security events are fully captured
Application Intelligence Reduces Troubleshooting Time and Costs
Network engineers often struggle with where to start the troubleshooting process and if there is a way to be proactive about troubleshooting. The situation will only get worse, especially with data overload. A Cisco report states that global IP traffic will triple from 72.5 EB per month in 2015 to 194.4 EB per month in 2020. Data overload will contribute to more blind spots, and these blind spots directly correlate to network problems and outages.
One key component of problem resolution is problem identification. Zeus Kerravala, Principal Analyst at ZK Research asserts that, “Problem identification is IT’s biggest challenge.” He explains that 85% of the mean time to repair (MTTR) is the time taken to identify that there is in fact, an issue. Even worse, the MTTR clock starts ticking whether IT knows there is an issue or not.
A second component of problem resolution is identifying the location of the problem(s). It is one thing to try to find the needle in the haystack. But which haystack should you even be looking at (network equipment, network applications, virtual data center, cloud provider, user/customer premises equipment, etc.)? IT security and analytics tools are only as good as the data they are seeing. IT’s fundamental challenge is to ensure that the infrastructure under these tools deliver applications that are reliable, fast, and secure.
A visibility architecture that uses application intelligence information can be used to capture critical information needed for the whole troubleshooting process. This is because visibility architectures enable IT to combat blind spots and quickly isolate the resulting security threats and resolve performance issues; ultimately ensuring the best possible end user experience. Without visibility, IT can only operate reactively to problems and may be ineffective at eliminating those problems.
This week we will be speaking with Stefano Gridelli, Co-Founder and CEO of NetBeez, who will be showing a live demonstration of the latest release of the BeezKeeper, which includes new features like scheduled iperf tests, Internet speedtests, and VoIP call quality estimates (MOS).
Stefano Gridelli is cofounder and CEO of NetBeez (netbeez.net), a Pittsburgh-based company that has released a distributed network monitoring solution for enterprises. Before NetBeez, Stefano worked as a network engineer, leading network design and implementation projects in complex network environments. He is Cisco CCNP certified and holds a Service Routing Architect (SRA) certification from Alcatel-Lucent.
HOW TO LEVERAGE A FLOW MATRIX FOR NETWORK MONITORING !
A flow matrix is a representation of the IP traffic map; it can be used in many ways to troubleshoot, monitor and optimize network infrastructures.
Let's take a closer look at all the use cases for the traffic matrix!
WHAT IS A TRAFFIC / FLOW MATRIX?
Here is a general definition of a traffic matrix: « it is an abstract representation of the traffic volume flowing between sets of source and destination pairs. Each element in the matrix denotes the amount of traffic between a source and destination pair. There are many variants: depending on the network layer under study, sources and destinations could be routers or even whole networks. And “Amount” is generally measured in the number of bytes or packets, but could refer to other quantities such as connections.
This week we will be speaking with Colin Walker (technical marketing engineer) and Nick Brackney (product marketing manager) at ExtraHop.
Specifically, Colin and Nick will discuss the new ExtraHop Platform v6.0, which makes existing wire data and performance systems obsolete by empowering IT with features to unearth the source of IT issues - including security - within 5 clicks.
While there are numerous competitive tools in the wire data, NPM, and APM ecosystem, our special guests will discuss how ExtraHop differentiates itself from the pack. The two technical experts will discuss which use cases and verticals are best suited for the ExtraHop Platform, and provide real-world customer stories.
Performance Vision (PV) is a leading vendor in the Application Performance Monitoring (APM) and network visibility markets. PV provides a range of innovative solutions that helps IT managers obtain a global vision of their infrastructure as well as application performance and usage.
Boris will talk about how WireData can address the need of IT operations for performance analytics, in particular, the challenges of handling hundreds of applications for thousands of users and similarly, the challenges of taking troubleshooting capabilities in a virtualized / cloud / SDN data centers.
He will also discuss the need to take a new approach to traffic analysis to address this new situation and give an update on Performance Vision's latest development: Version 4.1.
As technologists, we often think that our industry consists of only the vendors and the customers, the two ends of the technology consuming spectrum. In fact, our industry would come to a quick stand still if it weren't for the teams of hard working, customer serving manufacturer reps and resellers.
This week, LMTV takes a break from our normal format and interviews one of the best, Resource Communication, which has specialized and focused on Network Test and Measurement, Performance Management and Security Solutions for many decades.
Or… if you are going to change things, at least don’t break things!
Remember the first time you learned about NAT? Or PAT? Or changing TCP MSS at the router level?
Cool stuff. The network became involved in adjusting, changing, shaping, or translating packet header values as data passed through. These alterations to packet headers were made for several reasons - everything from extending the life of IPv4 address ranges to making header room for WAN acceleration technologies - allowing engineers to keep data flowing in today’s networks at top speed. That is pretty impressive given that the two main data protocols, IP and TCP, are about to turn 40 years old. (Wow!)
These adjustments to header values by the network are very much in use today, which is a great thing - until something goes wrong. At times, the configurations on routers and other network devices that make these adjustments can be either mistyped, misunderstood, miscalculated, or some combination of the three. This can lead to problems in both connectivity and performance of applications, which can appear to lag or break altogether.
TRANSUM is a Wireshark plugin that generates detailed response time information to allow network engineers to troubleshoot performance problems with their favorite packet analyzer. TRANSUM is being developed as part of Advance7’s TribeLab project and is its most popular download.
In this week’s show, Advance7’s Paul Offord brings us up to date with the capabilities of TRANSUM and gives us a glimpse of things to come.