NetFlow as a network monitoring and statics technology is not new. To make it work, you need to sample the network and generate NetFlow records, which are sent to a NetFlow collector software application for analysis. NetFlow has been widely adopted and many organisations have invested time and money in learning how to use NetFlow tools to help their network operations teams understand how their network is performing and what is creating fluctuations in traffic.
By: Alistair Meakin, MarQuest
As a certified Splunk partner, and provider of network operations and security consultancy, MarQuest has extensive knowledge of the benefits Splunk brings to network operations (NetOps) and security operations (SecOps) teams. Curious about the Endace Fusion Connector for Splunk, we completed an independent evaluation of it to assess its usability and benefits. By installing, deploying and using the application, we looked for answers to the following questions:
- Is the application likely to add value to IT operations?
- How usable is the application?
The beginning of any new year is the perfect time to build upon the positive momentum of its predecessor and what better way to start than with the new EndaceProbe™ Network Recorder EP5.1.3 release which does exactly that!
Whilst there’s too much to cover in this blog alone, I’ve focused on some of the key additions to our network visibility tool EndaceVision ™ to give a flavour of the new capabilities that this release brings.
Earlier this month, I enjoyed some time working with LAN Assistans, our Nordic partner, as we co-exhibited at Nordic IT Security 2013 in Stockholm, Sweden. As part of our participation package, we had a short “open mic” session over lunch to talk about our security topic of choice. Being stripped of my familiar presentation support aids like PowerPoint slides and asked to just stand up and talk really focused my mind (and increased my adrenaline levels!).
I often hear our team talk about our network recording and visualization solutions’ technical innovations, performance and features. In truth, Endace solutions have grown up from a DNA of engineering excellence, so it’s not so surprising that we love talking about our great technology! But for this open mic session, I thought I’d take a different approach and think about what our solutions enable our customers to do…here is a snippet of my “open mic” session:
Network operations (NetOps) and security operations (SecOps) teams can now take advantage of our Endace Fusion Connector for Splunk, which will dramatically lower time-to-resolution (TTR) for network issues that typically take days to resolve in the absence of readily available packet data. This Connector (available here on splunkbase) easily installs into any 5.x Splunk deployment and provides a seamless bridge between logs and packets.
In the world of application delivery and performance management, it’s not easy on the applications or networking operations side to troubleshoot and resolve end-to-end issues. I‘m sure you have heard of Mean Time To Resolution (MTTR); frequently used for measuring how long it takes to resolve a particular problem from the time a trouble ticket is open to when the problem is resolved (i.e. when the ticket is closed). Have you heard of Mean Time To Innocence (MTTI), which is basically the metric for how long it takes to prove the issue wasn’t your responsibility?
There is something very “je ne sais quoi” about traveling to New York which brings out the “I wanna be Michael Corleone” in me. The first step in my ritualistic preparatory precursor is that I break out my extensive catalog of Frank Sinatra tunes and drink a stiff martini (dirty, with extra olives). Every time I leave for New York, I take the time to re-learn every quotable line from my Godfather trilogy Blu-Ray box set (well, except for part three because it was a travesty) because having a tradeshow in New York and not honing in my “Godfather” lingo would be sacrilegious when speaking to partners and customers. It’s equally crucial to maintain that visage of confidence and cool collectiveness that only Marlon Brando could pull off while sitting at the table during one of his many sit-downs (or Robert DeNiro in “The Godfather Part II”). That said, the standard khaki slacks and one-size fits all black company logoed trade-show booth pullover are not exactly the cut of clothes that Michael Corleone favored, so I guess I’ll have to keep dreaming…
Because Endace has your virtualized data center covered!
VMworld has been the IT community’s premier source for gaining knowledge of virtualization and cloud computing technologies for more than ten years now. With hands-on labs, high-impact breakout sessions, and opportunities to network, VMworld brings together key innovators like Endace to help define, shape and execute customer’s business objectives. This year’s key discussion topic centers on how the software-defined data center is extending virtualization across storage, networking and security.
It was bound to happen sooner or later. Big data, the darling buzz words that have transcended the boundaries of the tech industry and proliferated every water-cooler conversation from Silicon Valley to Shanghai took a bit of a beating recently. You see, there has been a little scandal that has percolated through every global media outlet out there and stems from allegations that the National Security Agency (NSA) has been secretly compiling and storing people’s personal web and phone records (without their consent, of course), leading to a much larger debate around the validity of such extensive data-gathering operations in general.
However, like any accused criminal that has to yet to be proven guilty, unless all the facts are gathered and the jury hears both sides of the story, it would be premature to pass sentencing. It’s important to look past the negative publicity that ultimately detracts from all the positive aspects of big data and the equally positive impact it will invoke on our society as a whole.
Large enterprise customers are struggling to leverage and get better return on investment from various Network Operations (NetOps) and Security Operations (SecOps) tools. In a recent end user study we conducted, large enterprise organizations (banks, eCommerce companies, healthcare organizations, managed service providers) have in the order of 100+ tools deployed among NetOps and SecOps teams. We had a chance to closely observe both NetOps and SecOps analysts, their workflow, and how they leverage some of the common tools. Immediately one pattern jumped out – every analyst has their favorite set of tools and a particular workflow!