Network Recorders Are A Window To The Past - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
9/17/2008
03:36 PM
Mike Fratto
Mike Fratto
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Network Recorders Are A Window To The Past

Announced at Interop, Endace Analytics Center 2000 provides network analysis for Endace's NinjaProbe, while Solera Networks announced an OEM program providing data-capture services to others. In both cases, the ability to play back captured network traffic eases troubleshooting and resolution.

Announced at Interop, Endace Analytics Center 2000 provides network analysis for Endace's NinjaProbe, while Solera Networks announced an OEM program providing data-capture services to others. In both cases, the ability to play back captured network traffic eases troubleshooting and resolution.Network monitoring software populates events that you are expressly looking for, although going back and re-forming the question or digging deeper is often not possible minutes, hours, or days after the event. Any IT or security administrator has said more than once, "I wish I had captured that data." Capturing network data at line rate, even at gigabit speeds, is not normally possible with off-the-shelf hardware, much less the ability to store full packet captures. Both Endace's and Solera's capture appliances can store terabytes of data with options for storage expansion.

Collecting data is one thing, but analysis is the motivator. Endace's Analytics Center 2000 is a client-server application that runs on the NinjaProbe and offers reporting and analysis tools using Endace's own SOAP API. The configurable dashboard offers filterable views of the captured traffic, letting administrators drill into network traffic by clicking on visual tables rather than typing in strings. For example, you can start searching from an IP address or discovered application, and continue filtering out the unwanted data. Deeper packet analysis can be conducted by downloading the captured packets and using your favorite analyzer. EAC 2000 uses Wireshark, natively. NinjaProbe is more than just a packet capture device -- Linux-based analysis programs like Snort IDS can be installed on NinjaProbe and provide analysis on the appliance, while NinjaProbe can generate multiple NetFlow outputs sent to external hosts.

Solera Networks bills itself as the search engine for network analysis, and they do have an intuitive interface that can look for key words and file types, in addition to IP addresses and port numbers that ships with its DeepSee appliances. In addition to native analysis, Solera Networks has announced an OEM program around its Capture Stack technology. The program allows vendors to leverage captured data in their own products. By using Solera Networks' Capture Stack for packet capture, the OEM partners can focus on building their own products. For example, automatically capturing a snapshot of traffic between two peers before and after a security event may provide vital context for further analysis.

While other network recorders like NetScout's Infinistream and Network Intruments' GigaStor appliances offer similar functionality to both Endace's NinjaProbe and Solera Networks' DeepSee, the integration API's offered by both Endace and Solera provide useful integration points for other network management and security products.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
10 RPA Vendors to Watch
Jessica Davis, Senior Editor, Enterprise Apps,  8/20/2019
Commentary
Enterprise Guide to Digital Transformation
Cathleen Gagne, Managing Editor, InformationWeek,  8/13/2019
Slideshows
IT Careers: How to Get a Job as a Site Reliability Engineer
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/31/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll