My Photo
Subscribe to this blog's feed




Recent Comments

LMT Authors

Recent Posts

10 posts categorized "Data Visualization" Feed

May 01, 2013

Real Visualization for Network Professionals (by The Oldcommguy)

TAP or SPAN (RSPAN)

By: Tim O’Neill – The Oldcommguy™

Author’s comments:

  • All Rights are reserved – Copyright 2013 by The Oldcommguy™!
  • No one may repost this article without receiving permission!
  • If permission is given then it must be posted as it is, in full context, WITHOUT any changes!

This is an updated version of my original article that was written in 2007 –

http://www.lovemytool.com/blog/2007/08/span-ports-or-t.html

A Super Video Class from Sharkfest by a world class Trainer and Analyst – Betty DuBois –

http://blip.tv/lovemytool/span-port-vs-tap-by-betty-dubois-2290452

and part of the Ixia Team Blog –

http://blogs.ixiacom.com/ixia-blog/to-span-or-to-tap-that-is-the-question/ 

 The goal of Network, Security, Compliance, and Application managers requires FULL visualization of the Network and the packets therein!

Real Visualization is EVERYTHING!

If you cannot see an issue, like an attack, misusage, inefficiency, etc., then how are you going to understand it and resolve it? Here are the REAL facts about needing REAL TAPs!

Wet cat 2

Continue reading "Real Visualization for Network Professionals (by The Oldcommguy)" »

Posted in CALEA & Lawful Intercept, Data Visualization, Oldcommguy, Test & Measurement | | Comments (0) | TrackBack (0)

| |

January 08, 2013

Packet Payloads Important for Troubleshooting End User Experience (by Jay Botelho)



Often times you are faced with a problem that’s reported by your network monitoring solution, but you simply cannot identify the root cause. Based on NetFlow analysis you can isolate the flow(s) in question, maybe even look deeper into overall latency performance and configuration settings like QoS, but even with that there’s still just not enough information to determine the root cause. To be more specific, let’s say you have an end user who is reporting problems with a slow-moving application. You have exhausted your flow-based analysis and confirmed that overall latencies are excessive, but you can’t see why. So, what’s next? This is where packet payloads come in.


What Is a Payload?

In aerospace/military jargon, where the term originated, the payload is the carrying capacity of a particular delivery vehicle. For example, the payload of the space shuttle includes astronauts, their experiments, and equipment to be delivered to the space station. In networking, although the scale is quite different, a payload is very analogous. It is the data that is being carried within a packet or other transmission unit over the network. Simply put, the payload is the bits of meaningful data that get delivered to the end user sans the delivery data that makes an application work. Without payloads there is no useful information to communicate, kind of like sending empty envelopes via snail mail.


Continue reading "Packet Payloads Important for Troubleshooting End User Experience (by Jay Botelho)" »

Posted in Application Performance, Data Visualization, Switching & Routing, WildPackets | | Comments (0) | TrackBack (0)

| |

October 19, 2012

Troubleshooting is Faster with Real Visibility - OptiView XG v9 - (by Chris Greer)


Network Navigator

One report shows that two-thirds of network engineers regularly troubleshoot problems in an unfamiliar infrastructure, with unclear visibility, old documentation, and scattered connections. Not only does this lengthen the time it takes to resolve network problems, but it also involves a whole lot of guesswork, which can prevent getting to the root cause of the issue. This means that it may stick around for awhile.

With so many people in this situation, Fluke Networks came up with some handy visualization tools, which are available in the new OptiView XG Network Analysis Tablet v9 software. This version includes two information packed features, the new Network Navigator function and the improved Path Analysis tool.


Network Navigator
Since visualizing the network is such an obstacle for troubleshooting, an as-built, usable network map would be great for getting a handle on how things are connected and configured. Using CDP and LLDP data, The Network Navigator allows network engineers to simply connect to a root switch and instantly see all connected switches and hosts, with additional drill down data available per connection.

This data is critical when troubleshooting problems because it instantly gives network engineers an as-built map, allowing them to see what is really there, rather than following cables and relying on old documentation.

Continue reading "Troubleshooting is Faster with Real Visibility - OptiView XG v9 - (by Chris Greer)" »

Posted in Application Performance, Chris Greer, Data Visualization, Test & Measurement | | Comments (0) | TrackBack (0)

| |

November 08, 2011

Diagnostics for Tomorrow - Today (by Nalini Elkins)

Diagnostics for Tomorrow - Today 

Reality Check - Problems on large, complex networks are inevitable.  The only question is, how quickly can you find the problem?  The faster you can solve the problem, the more control you have over your network, and the lower the risk of managing the network with failing applications.

 Frequently, the best way to find problems is to take a packet trace.  However, many technicians avoid using this marvelous method because it can take a long time to read a trace and find problems.  With protocols proliferating and becoming more complex, new diagnostics methods are essential.  Once, we saw mostly packets in clear text, with only an IPv4 and TCP or UDP header.  But we are moving rapidly to packets encrypted with SSL or IPSec, IPv6 packets, or some type of tunnel in IPv4 or IPv6.

Often, when analyzing a trace, the analyst not only needs to decipher and analyze the IPv4, IPv6, TCP, UDP, and ICMP headers, but also the SSL handshake, DNS (v4 and v6) packets, HTTP, FTP and other application protocols!  No wonder this task is left to the most experienced analysts.

It does not need to be so difficult.  With networks connecting everything, we need new methods to solve problems.  One method we propose is using software tools to make reading traces easier.  Our tool, IP Problem Finder, can turn traces into English.   This way, many more people can read a trace and find problems on networks. 

Continue reading "Diagnostics for Tomorrow - Today (by Nalini Elkins)" »

Posted in Data Visualization, Protocol Analysis | | Comments (0) | TrackBack (0)

| |

September 07, 2011

How Do You Adapt Network Analysis and Forensics to the New Virtualized Data Center? (by Jay Bothelho)

Network Analysis and Forensics in the "New" virtual (Blind) World!

Last month I wrote a blog on how the switch to virtualization has created a blind spot between virtual servers in the same chassis. Missed it? Here’s a quick video that visually details the difference between your physical and virtual network:

http://www.wildpackets.com/virtual_networks_blind_spots

There are solutions out there that help alleviate these blind spots, which were discussed in the previous blog post. So now that you have the visibility into this traffic, how should you monitor and analyze your virtual data center? 

Blindfold

Simple: Analyze your virtual assets in exactly the same way you analyze physical servers.

Continue reading "How Do You Adapt Network Analysis and Forensics to the New Virtualized Data Center? (by Jay Bothelho)" »

Posted in Data Visualization, WildPackets | | Comments (0) | TrackBack (0)

| |

July 18, 2011

Looking into your Virtual Network (by Jay Botelho)

Take a look at the Blind Spots in Your Virtual Network (by Jay Botelho)

What’s the difference between network monitoring and analysis in a physical environment compared to a virtual environment? Nothing. Okay, not quite, but, the goals remain the same:

  • Monitoring and reporting
  • Background analysis and alarms/alerts
  • Real-time and post-capture analysis
  • Network and application performance

What is different is the implementation. The migration to virtual computing architectures has created a new blind spot in the enterprise. This "invisible traffic" never crosses any physical network segment where it can easily be captured, creating a problem when trying to troubleshoot, optimize or secure virtual server operations.

As more enterprises virtualize their data center operations, these blind spots grow. As a result, network engineers have little or no visibility into the traffic among virtual servers. If you are already in a mainly virtual environment and are experiencing these virtual blind spots, or if you are beginning to migrate, remember these key points to reduce the headaches of “invisible data.”

It May Be Virtual, But It’s Still a Switch

Continue reading "Looking into your Virtual Network (by Jay Botelho)" »

Posted in Data Visualization, Test & Measurement, WildPackets | | Comments (0) | TrackBack (0)

| |

July 12, 2011

WildPackets Compass (by Tony Fortunato)

I stubmled across this a few weeks ago and I must admit it is a very cool piece of software.

Its real simple; start the application, open a trace file and viola; reporting couldnt have been any easier.

I've used it and found it really helpful. 

Lastly, you cant beat the price - its free!!

Application Review and Quickstart

 

Continue reading "WildPackets Compass (by Tony Fortunato)" »

Posted in Data Visualization, Protocol Analysis, Test & Measurement, Tony Fortunato, WildPackets | | Comments (4) | TrackBack (0)

| |

July 01, 2011

The Power of Pilot - Tips and Tricks with Cace Pilot (by Chris Greer)



These days there are several ways to find out where users are going on the web and what they are doing. Any number of tools can give this data in a somewhat readable format. What is alarming though is how many environments have absolutely no edge monitoring tools in place. Whether we support large corporate enterprise networks, or small business environments, it is important to have monitoring tools in place that show is the truth - what users are doing, where they are going, and in some cases, why things are slow.

Pilot is a tool from Cace Technologies (now Riverbed) that makes looking at network traffic easy. In fact, for where it is priced in the market, I'd say it's the biggest bang for your buck when it comes to traffic analysis tools. It works alongside Wireshark to deliver information to the user in a simple, easy to read, get to the root of the problem format. In this article series, I'm going to go through some of the features of Pilot and show why it is a great tool to have around. As always in these articles, my goal is to show the power of analysis and monitoring, and how great tools are just a click away at a great price.

Continue reading "The Power of Pilot - Tips and Tricks with Cace Pilot (by Chris Greer)" »

Posted in Application Performance, Chris Greer, Data Visualization, Protocol Analysis | | Comments (2) | TrackBack (0)

| |

June 27, 2011

Real Testing – A Real Solutions Full Validation! (by The Oldcommguy)

Chris, Tony and I are always saying “Test Them, Don’t Trust Them” and Anue Systems took that to heart and did just that!

Most companies sell on their specifications alone, most if not all have of them have never been tested! What and Why do you believe them?

The Tolly Group and other test verification labs, test products to assure you, the customers that you are getting what the vendors say they are selling to you. Don’t Trust Them, Test Them!

I am writing about this because it is important to point out companies that focus on customer satisfaction as well as assuring the customer that they are getting a top quality product.

One must first decide on the parameters that are required for their solution and the solutions capability for future growth.

Then they must decide on the operational, deployment and operational difficulty level that they can handle.

In my humble opinion, Anue Systems deserves recognition for all their efforts and that is why I wrote this article. I also write about products that I have tested or worked with a customer that has done the testing and review.

As a consultant and a very avid supporter of deep network visualization access I would certainly use the Anue solution. This may seem as biased and yes it is – when I like a product and company and they have shown ethical and technically responsible behavior then I love to tell you about them! This is one of those solutions!

Anue Tolly Certified Anue Systems in their effort to prove that their specification and capabilities are one and the same did just that. No façade just real testing to prove that they do what they say and that buyers can be confident investing in this carrier grade network access technology solution, the Net Tool Optimizer. They wanted to again prove that they are a carrier class device and have done it with this Tolly Test along with their NEBS 3 compliance certification. One cannot be a carrier class solution without NEBs 3 compliance and fully technology verification.

Anue went to the Tolly Group and asked that they test for the real specifications required to validate the Anue NTO claims and Tolly did a great job!

Continue reading "Real Testing – A Real Solutions Full Validation! (by The Oldcommguy)" »

Posted in Anue Systems, Data Visualization, Forensics & Deep Packet Capture, Oldcommguy, Out-of-Band Data Access | | Comments (0) | TrackBack (0)

| |

June 01, 2011

How to Organize Your Trace Files - CloudShark (by Joe McEachern)

Getting Your Capture Files Organized with the CloudShark Appliance.

The CloudShark Appliance from QA Cafe is a private cloud solution that allows you to store, manage, annotate and share packet capture files with a built in viewer. For many IT organizations, capture files may be scattered across various servers and hard drives.  Without some process in place, the value of capture files quickly diminishes.  All the time it took to generate and analyze a capture file is lost if you can’t easily find and access the file.

Filei n cloud 

Oldcommguy says - Plus one does not want to keep files around any longer than they are needed to prevent the posibility of exposing corporate or personal data! CloudShark can help you keep track of those sensitive traces that you have saved for review and also allows for the timely removal of files no longer needed and that may put your data in a risk state. This is a Great Compliance and central control focus point for your trace files.


The CloudShark appliance makes it possible to get your packet captures in order. Its solves several major problems one encounters when dealing with capture files. 

View

First off, CloudShark makes capture files accessible from the web using a browser based decode window. While not a substitute for a feature rich network analyzer, CloudShark does handle the common usage of network analyzers. Now, several platforms from tablets to smart-phones can access packet data. 

Continue reading "How to Organize Your Trace Files - CloudShark (by Joe McEachern)" »

Posted in Data Visualization, Protocol Analysis, Test & Measurement | | Comments (0) | TrackBack (0)

| |

LMT Advertisers


LMT Sponsors

News From LMT Sponsors

  • Endace

  • Datacom

  • NetScout

  • WildPackets

  • Sharkfest

  • Anue Systems

  • National Instruments

  • Riverbed

  • Net Optics
  • Garland