Protocol Analysis, Data Recorder, CALEA, Lawful Intercept, Application Performance, User Experience, Industrial Ethernet, Data Loss Prevention, Deep Packet Inspection, NetFlow, SOX, HIPAA and PCI Compliance, Switching and Routing, Forensics, VoIP, IPTV ... etc.
Remember the good ole days, when a computer took up
thousands of square feet and you had to be a rocket scientist to operate it?
Man those were the days when you could solve a computer crime real easy peasy
because there were very few people who knew how to operate one (Limited suspect
pool). Compared to today, where everyone walking the streets has some form or
another of a computer on their hip or head (Google Glass). As of 2013 we have
to now take into account vehicles as well and smart homes. Everyone wants their
devices to sync with their homes, vehicles, cell phones, and other electronic
A Visual Mental Model of Your Cisco Network Topology
Why do we want to visualize our networks? Because as humans we have evolved millions of years using the ability to quickly analyze visually for survival. Our brain can visually analyze what would be impossible to describe on paper.
It’s just how our brain works! Yes, simple dashboard, graphs and charts are important, but to really understand complex systems you’re going to have to visualize it somehow.
This visualization ideally will map how you think about the network, meaning your mental model of the network. The human brain has incredible capabilities in finding patterns if the visualization is provided properly. The visualization should also be detailed enough to provide key data, but not too detailed that it becomes overwhelming. You have to be able to explore and interact with it to allow you to make sense of what you’re seeing.
In ActionPacked Networks’ LiveAction tool, visualization is developed where you can see and understand the static portions of your network visually! For example, like the physical connections between routers shown below.
I can not tell you how many times I have been involved troubleshooting an issue where the root cause was something physical. When I say physical, I mean that the answer wasnt in a packet, log or managment screen but anything from cabling, heat or other issue.
I have met so many network analysts that are very good at configuring equipment and interpeting statistics but find many of these same people unaware of the physical aspect of network managment. "Physical" typically refers to things like power consumption, heat dissipation and rack space but since I am called in to troubleshoot, install or to assist in network clean ups, I have a few more to add.
For example; one customer was telling me about a bad switch what would randomly turn off. I asked some questions and walked over to the area where he had the switch located. I explained that the issue was probably related to insufficient air flow causing the switch to overheat. He countered that the replacement switch was 'fine' and I pointed out that the old switch was fanless where the new had 4 fans. Then I explained the merit of setting up monitoring or SNMP traps that may have helped identify this possible issue.
In another scenario a customer had network equipment in what I would call, "an environmentally challenging place", specifcally a warehouse. While we were working during their maintenance window, I explained that they should inspect and probably 'clean out' the network equipment to ensure optimal operation.
I have added some examples of what I'm talking about.
While teaching a class at Interop in Las Vegas a couple of years ago, I was talking about how I had used a number of DLink DIR-601 routers with OPEN-WRT to troubleshoot some problems. One of the students asked why I wasn’t using the Raspberry Pi. When I got back to the office, I started to find a place where I could buy the Raspberry Pi. I bought 5 of them and they sat in the boxes for a while. Now that I am putting effort into making them useful, I thought I would document these efforts to share with others. I am far from a Linux expert. If while reading this you know of a better way to accomplish the same task, please let me know!
I hope you find this Pi application useful.
The purpose of this project is to explore the use of the Raspberry Pi as a network monitoring and troubleshooting tool. The Raspberry Pi is an inexpensive ($35) computer that can be used for a variety of tasks. Often times it is necessary to capture all of the network traffic to and from a device for troubleshooting purposes. In this step by step document, I will go through how to turn the Raspberry Pi into a capture to disk appliance.