From The Old Comm Guy
Editor Profile - Tim O’Neill is an independent technology consultant. He has over 30 years experience working in the WAN, Analog, ISDN, ATM and LAN test market. Tim has worked with companies like Navtel, Network General, Ganymede and ClearSight Networks and is now helping companies get lab recognition and technology verification. Tim is also the Chief Contributing Editor for LoveMyTool.com, a website designed to help network managers gain access to valuable information and real solution stories from other customers. Tim is a patent holding, published and degreed engineer, who has seen this technology grow from Teletype (current loop) data analysis to today’s 10 Gigabit LAN’s focused on business applications with heavy compliance demands. Tim can be reached at oldcommguy (at) bellsouth (dot) net.
April 16, 2008
Pilot Swims with WireShark
“The CACE Team's mission is to find more and more relevant ways to make Wireshark and complementary open source tools even more useful. Pilot and upcoming development projects will make Wireshark an increasingly powerful platform for analyzing wired and wireless networks.”
-- Gerald Combs, Wireshark project creator and Director of Open Source Projects at CACE Technologies
Pilot is the name of a very cool networking tool being commercially introduced today and in my opinion is a professional necessity for Wireshark users. Every Wireshark user wishing for enhanced graphical displays and reports along with ripping-fast access to large data files should take the time to review Pilot and make it a must-have for your network toolkit.
Not only does it make Wireshark sing, but Pilot will help you be a more effective network manager. I believe this is another giant step for Open Source tool integration with commercial technology!
Continue reading "Pilot Swims with WireShark" »
March 26, 2008
Go Deep or Get No Sleep
dPacket.org was founded by industry insiders who recognize that DPI has a broad group of stakeholders, and the comprehensive challenges presented by DPI will benefit from a central resource, broader discussions, and added transparency. It is a place where we can share our knowledge and experiences. dPacket.org is well funded from industry leaders not as a closed trade association, but as an open user-driven community with the intention of gaining 501(c)(3) status as an educational and scientific resource.
I hope that this article will open your eyes and has sparked your interest into this fascinating technology arena. This era of compliance, security with the ever increasing demand for the required depth of analysis and evidence requirements is the root of the need for Deep Packet Inspection (DPI) and Deep Packet Capture (DPC). The days of just troubleshooting your network by reviewing a few captured traces has gone and been replaced with the need for storing lots of frames for review as well as for evidence is here, today!
Continue reading "Go Deep or Get No Sleep" »
March 07, 2008
One Giant Step by PacketTrap
I often hear about customers spending hoards of money on a new network management system or some new tools and it makes me wonder whether they are buying what they need or whether some vendor sold them way more than they needed. I believe we all get caught in the buying frenzy and lots of time we are not even really sure what parameters we actually need to verify for our networks or applications.
My experience is that Open Source tool is the key for many network managers to cost-effectively find the parameters and values that are needed to verify, quantify, report and manage their networks. The process is inexpensive and can take some time but can also be a super and valuable learning adventure.
PacketTrap has listened to their registered users (over 18,000) and the feedback that was given in pursuit of their latest Pro release that I think you will find of significant value. This new product may help the overworked “first responders” we know as Network Managers while providing them with access to a one console, integrated view of commercial and open source products.
Continue reading "One Giant Step by PacketTrap" »
February 22, 2008
VoIP and Video Measurements
There are three main methods currently in the market for measuring VoIP and Video quality.
Method #1 - This is the least recommended method but has been applied by many if not all of the vendors of software only general data analyzers. It is the method I call “FM” and it stands for Fricking Magic, but there is no magic here, just shortcuts!
Method #2 – Another method is one where companies base their measurements on the RTSP and RTSP-XR frames that are interleaved into the RTP streams (RFC-2326). The big problem with this method is that not every RTP stream has unique RTSP frames to give data on the quality of the flow.
Method #3 – The third method is all about standards and we are very lucky to have the resident industry experts explain these methods in detail.
Robert Merrill of Telchemy has been kind enough to write a 4-part series explaining the ways that Telchemy, the most used technology for quality measurement, handles these measurements. The first article is titled Accurately Measuring VoIP Performance.
Continue reading "VoIP and Video Measurements" »
January 31, 2008
Rising Above … Cahaba Data
Cahaba Data, Inc. is a regional, one-man company that specializes in Microsoft Access and Web Enabled Database Services and Solutions with focus and dedication. The owner and my Friend, Jim Bailie, had spend twenty five years in the IT business arena in large companies and decided to do something local and something for himself. He found a real, local niche and is focusing on that need and making quite a profitable business out of it.
If you are retiring, being downsized or just tired of the travel, moving from the corporate IT world to the small business level can be rewarding. It definitely requires hustle, focus and staying power. Ramping back up to a corporate level salary, including health care is very difficult. However, demand is strong for networking experience and good solid management skills are very helpful.
Always keep your eyes open as there are enormous niche markets right in your own back yard. If you look and are ready to get serious, it can be done very successfully as Jim shows us. It takes focus, dedication and patience but it can be very enjoyable.
Continue reading "Rising Above … Cahaba Data" »
January 28, 2008
Friends of OldCommGuy
The one thing I learned early on and I still remember today is that no one knows everything, about anything. So over the years I have accumulated many very smart friends that always review what I write and help me in everything I do. I call them “My Friends” and that is exactly what they are.
We have worked together in companies, in volunteer groups, on trade shows, on technical documents (some of which became industry standards) and much more. I believe that these friends are so important to the industry that I am going to introduce several of them to you and more as time goes by.
I also learned the 3 F’s – Friends, Family and Faith and below are my personal Friends as well as technical Friends. Enjoy meeting these wonderful people and I hope you make many friends in your career.
Continue reading "Friends of OldCommGuy" »
January 18, 2008
Lucky Bitcricket Sings Again
What is a Bitcricket?
My friend, expert network consultant and analyst, Scott Haugdahl, can tell you. It is his new website and blog for network managers. It is not just another website and blog. This one is focused on the network managers and issues that they face daily. Bitcricket.com is also where his introspective and thoughtful articles and reviews are placed.
I have had the pleasure of knowing Scott for a long time both professionally and personally and he is one of the good guys. If you have problems with your network, he is the one you can rely on to help fix them ... Real analysts are needed to really find and solve your problems and educate you at the same time. Today’s network must completely support the business and its goals. The network and its applications, like a race car, needs to be tuned to be at its best. Finding problems is a tough task today and is not going to get any easier in the future. People like Scott will be even more valuable as time goes by.
Continue reading "Lucky Bitcricket Sings Again" »
December 20, 2007
Year in Review – 2007
For all of us in networking, 2007 was a year of changes, successes, challenges and renewals.
My personal favorite event of the year was the merger of Network General and NetScout. I asked in my previous article if the marriage would work and from what I have seen and with the dedication and focus of the CEO, Anil Singhal, I feel that it has real success potential.
Capturing terabytes for review and analysis was almost a dream at the beginning of the year and now Solera Networks could handle that function at 10 Gigabit FDX speeds, no problem.
Data access technology has come back not as a convenience but a necessity and out of this a new innovative company has risen, Network Critical. Be sure to watch for some awesome new technology from them in 2008.
In addition, LoveMyTool’s sponsor, Gigamon, has announced that they have shipped their 1000th unit. Keep in mind that Gigamon has been shipping products for only 30 months, which means they have been shipping an average of 33+ units a month. Not bad for a company with six Founders bootstrapping with their own money.
Continue reading "Year in Review – 2007" »
December 7, 2007
Network Management “Cockpit” from PacketTrap
PacketTrap’s first product is the PtDashboard. This is part of their new network management solution called PT360, which sets a new standard for network management vendors and open source usage. It is a free download currently. The PacketTrap Team recognizes the value of open source tools and that today’s managers need easy-to-use consolidated views and that is what PacketTrap is beginning to bring to the industry.
They figured out a way to let network engineers run any tool, test, report or application from a centralized dashboard called PtDashboard. When I first saw the dashboard, I felt like I was sitting in the cockpit of an airplane. It has dials that tell the network engineer, at a glance, the status of the network. It allows users to create and save project-specific dashboards and return to them later, and gives “ease of use” a whole new meaning by allowing users to view complex network information with one click.
The current PT360 toolsuite includes trace route, TFTP server, DNS audit, SNMP scan, WMI Scan, Port Scan and many other capabilities. In this review article, I focus on two features that I think really stand out.
Continue reading "Network Management “Cockpit” from PacketTrap" »
November 30, 2007
RSPAN … Friend or Foe?
Is RSPAN something one should be using? Or is it something to be avoided?
The list of problems with using SPAN ports for network monitoring and analysis are many and in particular, as I have previously pointed out, SPAN ports will not meet the demands of compliance requirements for high fidelity data access nor for analysis of synchronized traffic such as VoIP. So it is not surprising that RSPAN is even a bigger potential mess and that its usage is not only not recommended but is in fact prohibited altogether in many high-end customer sites!
Continue reading "RSPAN … Friend or Foe?" »
October 19, 2007
Future of Our Industry is in Your Hands
How can the industry help support the development of our future Network Technologist?
I have had the good fortune to have worked with several universities and their labs over my many years in communications and also when I was a student and a teacher (now that was a very long time ago). Getting involved recently has shown me that many things have really changed – Universities are struggling to recruit students into the communications and engineering curriculums as well as providing real life teaching environments with declining and very limited budgets.
In summary, I think that if the industry joins together and donates equipment to the Universities that will allow them to provide an atmosphere of Real World educational experiences, the students will flock to participate in this exciting communications industry. Further the result of the Universities having access to current technology will go a long way to helping the professors and instructors keep current with new trends and technologies.
Continue reading "Future of Our Industry is in Your Hands" »
October 11, 2007
PacketStorm to Monitor OSPF Networks
Why am I excited about an OSPF Real Time Monitor, you ask? Well I am big on visualization of deployed technology, like what we built at ClearSight Networks. I hate to have network managers being blind to what is going on in their networks. PacketStorm's Route Analyzer is a very unique device since it sits inside a production network and monitors the OSPF activity looking for flapping routes, recovery issues while giving a real time views including graphical results into the traffic associated with convergence and changes plus maintains a forensic history for review.
The customer that had asked for a device like this said that with the Route Analyzer he could update 10 times more routers than his sister company since he could watch the LSA traffic and actually see how long it took for the routes to be established and if they were stable. This is a very important task that has not been able to be monitored before and if the routers are constantly advertising and changing routes it is very difficult to have an efficient network and very hard to see with today’s analyzers.
Continue reading "PacketStorm to Monitor OSPF Networks" »
October 5, 2007
SHARKFEST 2008 is coming !!!
Gerald Combs, the original creator of Ethereal, now dubbed WireShark, and CACE Technologies will host the first SHARKFEST Developers and Users Conference March 31st through April 2nd at Foothill College located in Los Altos Hills, California.
CACE Technologies and Wireshark University are the primary sponsors of this inaugural gathering of the vast global community that comprises the open source network analyzer’s user and proponent base.
SHARKFEST '08 will be a landmark event for the Wireshark community, a celebration of an exemplary open source experiment, and a chance for the developers that have helped make Wireshark a worldwide success to meet for the first time since the project began almost ten years ago.
Continue reading "SHARKFEST 2008 is coming !!!" »
September 28, 2007
CALEA Compliance – Bitter but Good Medicine
Customers who do not wish to relinquish control of their network to third parties, which is almost always the case, need to deploy CALEA solution and access taps directly and handle all warrant activities on their own. Typical CALEA compliance tool set involves three interoperating components: 1) a number of passive taps, 2) if the network is complex enough, an aggregation and data access switch and 3) a line-rate packet capture forensics recorder with off-line storage capability.
Even though enterprise managers are not currently required to be CALEA compliant, it is in every manager’s best interest to learn from the best practice CALEA compliance solution to define and support their internal policies and procedures.
CALEA is only one of many compliance standards facing businesses today. They will soon spread to all areas of networking, so be prepared and be proactive! Adopting a CALEA mindset to supporting one’s network will definitely pay off.
Continue reading "CALEA Compliance – Bitter but Good Medicine" »
September 27, 2007
“Aggregation Tap” versus “Tap Aggregation”
To ensure security and compliance, network monitoring has become mission critical for our customers. In particular, for both technical and political reasons, customers prefer that monitoring is to be done non-intrusively, i.e., out-of-band. This requires either SPAN ports or deployment of passive taps, both are useful depending on application.
SPAN port is free, simple and flexible. But taps are more accurate and scalable and in case of “Lawful Monitoring”, i.e., monitoring as a result of legal requirement, it is most likely the only acceptable solution. Unfortunately, tapping is not as simple or flexible as SPAN ports.
In this paper, we discussed a new generation of “Aggregation Tap” as well as a revolutionary class of “Tap Aggregation” data access switch that are designed to restore simplicity and flexibility to monitoring of customer networks.
Continue reading "“Aggregation Tap” versus “Tap Aggregation”" »
September 21, 2007
NetScout Acquired Network General, Will it Blend?
Netscout (publicly traded under the symbol NTCT on NASDAQ and with a market capitalization of $300 million) announced that they will acquire Network General (aka NGC, a private company).
They announced that the purchase price will be $205 million which makes sense since on August 1st, NetScout did file with the SEC to sell “up to $120 million in common and preferred stock, debt securities and warrants … for general corporate purposes, including working capital, research and development, strategic transactions and acquisitions of complementary businesses.”
For those of us who have been with the industry for the past fifteen plus years and watched how the two companies have competed fiercely in the marketplace, this is a significant event. Moreover, for those of us who have insights into the history of the two companies, this latest episode is very entertaining if not at least interesting; and unfortunately for some, this could even be personal.
Continue reading "NetScout Acquired Network General, Will it Blend?" »
September 14, 2007
Time to Roll Your Own 802.11n Standard
Summary of a Conversation with Gerald Combs – Founder of Wireshark and Ethereal
Who is Gerald Combs? – Gerald was a computer science graduate of the University of Missouri-Kansas City, and the creator and lead developer of Ethereal, now Wireshark, which was first released in 1998. Combs worked for Network Integration Services (NIS) until mid-2006 when he moved to a new job at CACE Technologies. Due to trademark issues he was forced to change the name from Ethereal to Wireshark. His goal is to continue to grow Wireshark such that it remains the most wildly used data analyzer in the World.
Background - Gerald recently worked on the dissector for IEEE 802.11n to add to Wireshark and his experience with this “standard” got us talking about today’s standards and standards bodies. Gerald said “I was shocked by the lack of requirements in 802.11n. All of the cool stuff that makes 802.11n worthwhile is optional. Is this a standard?”
Once I started reading 802.11n, I was shocked too as I confirmed what Gerald had said. It is all suggestions including the requirement of a base band frequency of 5 MHz, but most of the current “compliant” devices are still running in the 2.4 MHz band. How can there be compliance when there are no real requirements?
Q. How do you meet compliance when everything is an option?
A. You make up your own standard and comply with that!
Continue reading "Time to Roll Your Own 802.11n Standard" »
August 23, 2007
SPAN Port or TAP? CSO Beware
Is SPAN port a viable data access technology for today’s business critical networks, especially with today’s ever increasing pressure to satisfy Data Security Compliance and Lawful Intercept requirements?Not really, see why!
ABSTRACT - Network engineers and managers need to think about today’s compliance requirements and the limitations of conventional data access methods. This article is focused on taps versus port mirroring / SPAN technology.
SPAN is not all bad but one must be aware of its limitations and since managed switches are integral part of the infrastructure, one must be careful not to establish a failure point. Understanding what can be monitored is important for success since SPAN ports are often overused leading to drop frames, all due to the fact that LAN switches are designed to groom data (change timing, add delay) and extract bad frames as well as ignore all layer 1 & 2 information. Furthermore, typical implementations of SPAN ports cannot handle FDX monitoring and analysis of VLAN is also problematic.
Moreover, when dealing with Data Security Compliance, the combination of the facts that SPAN ports limit views, are not secure and transporting monitored traffic through the production network could prove itself to be unacceptable in the court of law.
Recent Comments