The Network Guy
Author Profile - J. Scott Haugdahl is the founder and CTO of his new venture, Bitcricket. He was former Chief Technology Officer at WildPackets and holds a degree in Computer Science from the University of Minnesota, Institute of Technology. He has extensive experience in the network analysis industry in the areas of speaking, writing, competitive analysis, on-site training and network troubleshooting, and expert systems design and implementation. Industry vertical expertise include 802.11 wireless, VoIP, performance analysis and Apdex (Application Performance Index), and good old fashioned protocol analyzer detective work (including forensics). His past entrepreneur experience includes founding Net3 Group, where he wrote the industry’s first analyzer agnostic expert system. He continues writing his popular blog and can be reached by email at scott (at) bitcricket (dot) com.
April 11, 2008
Scott Haugdahl @ Sharkfest 2008
Continue reading other LoveMyTool “It's Show Time” posts »
April 09, 2008
Panel Discussion @ Sharkfest 2008
Panel Discussion: The Future of Open Source Network Tools - a distinguished panel of industry experts in a lively discussion on the future of open source versus commercial network tools.
Panel Moderator: (standing) Mike Pennacchi, Network Protocol Specialists, LLC
Panel Participants: (sitting, right to left) Scott Haugdahl - CEO of BitCricket; Gordon Lyon (aka Fyodor) - Founder of insecure.org and Creator of NMAP; Mike Kershaw - Creator of Kismet; Gerald Combs - Creator of Ethereal/Wireshark; Michael Blonsky - VP of Field Operations of PacketTrap
Editor's Note - As an experiment, we have turned on the feature that allows anyone to add comments within the videos. Hopefully this will promote further discussions regarding open source tools. Please keep it clean and civil. Thanks in advance.
Continue reading other LoveMyTool “It's Show Time” posts »
January 08, 2008
The VoIP MOS Debacle
In a nutshell, MOS stands for Mean Opinion Score, a rating system for voice transmission quality. Computer generated versions simulate how a group of real listeners would rate the quality of a call. MOS scores range from 1 to 5, where 1 is interpreted as unintelligible and 5 is considered perfect. As you can imagine, MOS is highly subjective in the ears of the beholder. That’s why there’s the big “O” for opinion in the middle of that acronym.
Apparently the same holds for the analyzer vendors applying their algorithms to VoIP streams. In fact, the only consistency about MOS as reported by various packet analysis tools is – you guessed it - inconsistency. The same packet trace run through two analyzers gave me MOS scores of 3.0 and 3.8 for the exact same call. Another call I thought sounded pretty good was rated 2.8. A call I thought was worse was rated 3.4. It’s the sort of thing that can drive you nuts.
Continue reading "The VoIP MOS Debacle" »
October 12, 2007
Let’s Standardize on QoE - Quality-of-Experience
There are many management tools that provide metrics in some wave, shape, or form that reflect the end-user Quality-of-Experience (QoE). The problem is that most tools have proprietary methods for computing and reporting the QoE. What we need is a standard way to report the information, much like we have a standard way to report the quality of a voice call with predicted MOS scores (predicted, because computer generated MOS scores are not real human listener MOS scores, but I digress).
The Application Performance Index (Apdex) from the Apdex Alliance is a metric which represents a milestone in application analysis. The Alliance is an open consortium of vendors in the network analysis and measurement industry that develop and maintain Apdex. What many network management tool vendors don’t realize is that the way in which data is collected and computed before applying the index can remain proprietary, thus protecting their intellectual property.
Continue reading "Let’s Standardize on QoE - Quality-of-Experience" »
September 20, 2007
Network Forensics - CSO's Crime Scene Kit for CALEA, Compliance and Security
Many vendors have tools with catchy taglines on variants of “Retrospective Analysis”, “Business Forensics”, “Turn Back the Clock,” and so on. Unlike real-time, the basic premise behind network forensics is to mine data (usually via packets) and perform post analysis to reconstruct content or gather intelligence as to why certain things happened. In some ways, forensics is like detailed hindsight.
Forensics tools need to provide the flexibility to blend real-time analysis with forensics and allow you to optimize the tool for your given situation. Is 100% capture to disk of massive amounts of data important to you? Where do you need to cover (capture) in your network, what is the nature of the traffic, and what are the capture bandwidth requirements? How long do you need to keep the data around? How important are the distributed aspects and how efficient is the data conveyed to centralized consoles or distributed consoles shared by multiple engineers (investigators)? Do you prefer that the forensics data mining and subsequent analysis be carried on at the remote engines or brought back to the console to analyze locally and/or take off-line?
Continue reading "Network Forensics - CSO's Crime Scene Kit for CALEA, Compliance and Security" »
Recent Comments