Monitoring and Managing Network Application Performance
Upcoming SlideShare
Loading in...5
×
 

Monitoring and Managing Network Application Performance

on

  • 233 views

 

Statistics

Views

Total Views
233
Views on SlideShare
233
Embed Views
0

Actions

Likes
0
Downloads
11
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Monitoring and Managing Network Application Performance Monitoring and Managing Network Application Performance Presentation Transcript

  • The Importance of Protocol Analyzers in Todays NetworksJim Thor – WP Professional ServicesWildPackets, Inc.www.WildPackets.com(925) 937-3200 © WildPackets, Inc. www.wildpackets.com
  • The Early Days of Protocol Analysis • We used to use Protocol Analyzers for Break/Fix ‒ Meaning we would try to fix the problem every other way before getting the protocol analyzer out of the cabinet and trying to figure out how to use it. • Protocol Analyzers were mostly text based decoders ‒ Good for bit level analysis, but very hard to use when looking for the needle in the haystack. • You had to physically be where you wanted to capture the packets ‒ No such thing back then as remote or distributed analysisThe Importance of Protocol Analysis © WildPackets, Inc. 2
  • Times Have Changed! • Those shortcomings of early analyzers are gone ‒ Many of today’s analyzers are Graphical, Distributed and Historical • Networks are larger and faster than ever before ‒ Getting to 40Gbps now and soon to 100Gbps • Systems are faster and integrated into daily life ‒ There was a day when a computer was a ‘nice to have’. ‒ Most everyone now has a computer in their pocket, and uses it for daily tasks and communications. • Today’s networks are the life blood of businesses ‒ Without a well run network, your business may die!The Importance of Protocol Analysis © WildPackets, Inc. 3
  • Is There a Doctor in the House? © WildPackets, Inc. www.wildpackets.com
  • How’s Your Networks Health? • We have doctors to keep us healthy ‒ Businesses have Network Administrators and Engineers • But a doctor has to have tools ‒ He has his 5 senses and he is very well educated! ‒ His knowledge alone does not make for a good doctor! He has to be smart and have experience as well. • You better hope your doctor has the right tools ‒ Simple tools he could have stethoscope, a thermometer, a reflex hammer, etc ‒ These would be akin to network tools like ping, traceroute, and logsThe Importance of Protocol Analysis © WildPackets, Inc. 5
  • It’s All in the Details! • Flow based reporting is nice… ‒ Flow information is a good start, but generally not good for understanding the details. It’s way too generic and high level. • Sometimes, you have to have the details, Period. ‒ But not always. There are a lot of available tools. The right tool depends on the question. • What is the question you are trying to answer? ‒ ‘Proof is in the Details’. With the details, you can answer almost ANY question. ‒ Generally, every question from overall utilization to what bit is set in a packet, can all be answered with a protocol analyzer.The Importance of Protocol Analysis © WildPackets, Inc. 6
  • The Right Tools Matter! • The tool should not impact the Network! • Simple tools are helpful and useful even today ‒ Simple tools like ping, tracert, etc., are still necessary and helpful • More advanced tools are necessary ‒ Netflow, S-Flow, and SNMP are helpful, but often leave too many questions unanswered • With the right tools, there is NO need to guess! ‒ Detail oriented tools (packet analysis) give the answers down to the bit level ‒ These tools can also answer questions ‘back in time’ using Network Forensics featuresThe Importance of Protocol Analysis © WildPackets, Inc. 7
  • Network Forensics • Knowing what is happening on the network now ‒ Real time information is always important on any network • Often, it is important to go ‘Back in Time’ ‒ Security breaches happen before you know about them ‒ Replicating an issue is often not possible ‒ Why wait for an intermittent issue? Go ‘Back’ and see it! • Network Forensics features allow you to go back and find the packets from the past ‒ It may be that a server was hacked. Who did it, when, and what else did they do or what systems did they access! ‒ Also allows for Comparative Analysis, which makes the task of protocol analysis much easier and more accurateThe Importance of Protocol Analysis © WildPackets, Inc. 8
  • The Important Featuresof a Good Protocol Analyzer © WildPackets, Inc. www.wildpackets.com
  • The Necessary Features Depend on Your Needs! • Most important is Ease of Use! ‒ Protocol Analysis can be hard. Having an analyzer that is hard to use adds unnecessary burden and time to the analysts tasks • Distributed and Local Capture capabilities ‒ Protocol Analysis is only accurate where you are capturing, so you usually want to capture at multiple locations to understand what is happening across the network at various locations • Software and Hardware Solutions ‒ Since you want to have as many capture points as possible, having a cost effective solution for deploying at the distribution and access switches is extremely importantThe Importance of Protocol Analysis © WildPackets, Inc. 10
  • Additional Items to Consider • Speeds and Feeds. ‒ Also make sure the devices are capable of captures on multiple interfaces simultaneously, and aggregating if necessary • Forensics ‒ Do you need the ability to ‘Go Back in Time?” Most people do. • Wireless ‒ Do you have any 802.11 networks? If so, make sure the analyzer you choose supports WLAN captures. • VoIP ‒ If you have a VoIP environment, or are planning on having one soon, make sure to choose an analyzer that supports those needs.The Importance of Protocol Analysis © WildPackets, Inc. 11
  • How We Have Helped • Saved lives! ‒ Yes, the results and analysis of 802.11 Wi-Fi traffic in a hospital found the source of interference that was causing device outages • Stopped hackers! ‒ The ongoing long term capture in a software company found the source of the attach, and exactly which systems were compromised • Made networks faster! ‒ Many examples of fixing network issues that were causing poor performance. Fixing the issues made the networks much faster. • Proved it wasn’t the network! ‒ Application vs. Network, we prove constantly who the true culprit is! • Made the network users more productive! ‒ By fixing network, application and systems issues, all users are more productive, including network, system, and application administrators!The Importance of Protocol Analysis © WildPackets, Inc. 12
  • The Feature Presentation © WildPackets, Inc. www.wildpackets.com
  • Focusing Blame or Fixing the Issue? • Now that we know more about protocol analyzers, let’s look at a common problem ‒ Who is to blame? • The performance is bad, so… ‒ Who is to blame? • The Users are complaining… ‒ Who is to blame? • More importantly, where do we focus to find the issue, and fix it! ‒ Stop the Blame Game! Let’s then now focus on solving this issue and not focusing the blame!The Importance of Protocol Analysis © WildPackets, Inc. 14
  • © WildPackets, Inc. www.wildpackets.com
  • The Weigh In Create a baseline… • Not just, “How much bandwidth am I consuming on my network or segment?” • Also, “How much is the X Application consuming?” ‒ What users connect to it? ‒ What outbound connections does the app do? ‒ With what ports? With what nodes? What times? How often? • It’s impossible to predict the winner if you don’t know your network and applications… … and understand their behaviors.The Importance of Protocol Analysis © WildPackets, Inc. 16
  • Scoring the FIGHT What to look for… • Primary events are anything related to “Slow” ‒ Depending on what events we see, we will know who is at fault • Application events: ‒ HTTP slow response time ‒ Oracle slow response time ‒ Inefficient client • Network events: ‒ TCP SLOW segment recovery ‒ Slow retransmissions ‒ Slow acknowledgements ‒ Low throughput Let the Expert Analysis help be the refereeThe Importance of Protocol Analysis © WildPackets, Inc. 17
  • Did Someone Say, "TKO"? Get Proof… System or Application is at fault Network may be at faultThe Importance of Protocol Analysis © WildPackets, Inc. 18
  • Who Won? The Network? This shows that there are some slow acknowledgements that could be network related… but keep in mind factors like distance Let’s keep looking…The Importance of Protocol Analysis © WildPackets, Inc. 19
  • Or is it the System or Application?This shows slow responses that are system or application related Let’s go round by round…The Importance of Protocol Analysis © WildPackets, Inc. 20
  • Follow Events to See Who is Involved Use the JAB right-click option and ‘Select Related Packets’ on the eventThe Importance of Protocol Analysis © WildPackets, Inc. 21
  • Get the Flows, Not Just Those Packets Here we would click on ‘Close’, keeping our 113 packets highlighted!The Importance of Protocol Analysis © WildPackets, Inc. 22
  • Do the Winning Combo… ‘Select Related’ We can UPPERCUT (right-click) on any highlighted packet and do a ‘Select Related’, then ‘By Flow’The Importance of Protocol Analysis © WildPackets, Inc. 23
  • All the Packets – All the FlowsWe have selected every packet, in every flow, with the expert event of interestThe Importance of Protocol Analysis © WildPackets, Inc. 24
  • Tale of the Tape "Scoring the Fight" When we select ‘Slow Server Response Time’, two sessions to the same server are highlighted. This looks like a system or application issue – not the network. But we need proof!The Importance of Protocol Analysis © WildPackets, Inc. 25
  • Visual Expert is the Proof! Here is the proof we were looking for! Two requests for data, two quick TCP Acks, but then a long delay before the server sent us the data we requested. Then the Data Payload Requests and Acks gets returned Length = 0 much later Payload Length = 1260The Importance of Protocol Analysis © WildPackets, Inc. 26
  • A Closer Look Looking more granular at the timing, we see that the ACK came back in 70ms, but the data didn’t get sent back for another 854ms! ACK fast = Network fast Data slow = System slowThe Importance of Protocol Analysis © WildPackets, Inc. 27
  • Tune the Expert for your network Make these times relevant for your network or the task at hand! And use the Import and Export features to quickly switch when necessaryThe Importance of Protocol Analysis © WildPackets, Inc. 28
  • And the winner is… You! What we covered… • Determining whether the application, system, or network is at fault using TCP • Tapping the power of ‘Select Related’ using flows to troubleshoot root causes • Eliminating false positives by tuning Expert EventsThe Importance of Protocol Analysis © WildPackets, Inc. 29
  • What’s in your network? • Manage proactively or by exception ‒ Determine top talkers, nodes, and protocols ‒ Receive early warnings of performance problems anywhere in the network and then quickly drill down for expert analysis ‒ No need to reproduce issues, simply “replay the tape” (network forensics) • Monitor the entire network ‒ Identify issues and optimize VoIP and Video quality of service ‒ Measure quality of services applications are delivering to end users ‒ Evaluate network utilization for capacity planning and upgrades • Optimize and secure your Wireless infrastructure ‒ Identify and fill security holes such has weak encryption or rogue access points ‒ Determine gaps in service across access points • Extend the capabilities for custom applications ‒ Develop plug-ins to integrate with proprietary equipment ‒ Build decodes for proprietary protocolsThe Importance of Protocol Analysis © WildPackets, Inc. 30
  • About WildPackets © WildPackets, Inc. www.wildpackets.com
  • Corporate Overview Pioneer and global leader in network and application performance monitoring, management, and analysis. • Our Company ‒ Founded: 1990 ‒ Headquarters: Walnut Creek, CA ‒ Offices throughout US, EMEA, APAC • Our Customers ‒ Thousands of active mid-market and enterprise customers ‒ 60+ countries / 80% of Fortune 1,000 ‒ Financial, government, education, health care, telecom • Our Products ‒ Patented, awarding-winning hardware and software solutions that optimize network performance and eliminate downtimeThe Importance of Protocol Analysis © WildPackets, Inc. 32
  • Real-World Deployments Education Financial Government Health Care / Retail Telecom TechnologyThe Importance of Protocol Analysis © WildPackets, Inc. 33
  • OmniPeek Network Analyzer • Standalone Analysis and Remote Analysis UI ‒ Can be used as a portable analyzer, or standalone ‒ Can also connect and configure distributed OmniEngines/Omnipliances • Comprehensive dashboards present network traffic in real-time ‒ Vital statistics and graphs display trends on network and application performance ‒ Visual peer-map shows conversations and protocols ‒ Intuitive drill-down for root-cause analysis of performance bottlenecks • Visual Expert diagnosis speeds problem resolution ‒ Packet and Payload visualizers provide business-centric views • Automated analytics and problem detection 24/7 ‒ Easily create filters, triggers, scripting, advanced alarms and alertsThe Importance of Protocol Analysis © WildPackets, Inc. 34
  • The Importance of Protocol Analysis © WildPackets, Inc. 35
  • Omnipliance Network Recorders • Captures and analyzes all network traffic at the source 24x7 ‒ Runs our OmniEngine intelligent probe software ‒ Generates vital statistics on network and application performance ‒ Intuitive root-cause analysis of performance bottlenecks • Intelligent data transport ‒ Network data analyzed locally ‒ Detailed analysis passed to OmniPeek on demand ‒ Summary statistics sent to WatchPoint for long term trending and reporting ‒ Efficient use of network bandwidth • Expert analysis speeds problem resolution ‒ Fault analysis, statistical analysis, and independent notification • Multiple Issue Digital Forensics ‒ Real-time and post capture data mining for compliance and troubleshootingThe Importance of Protocol Analysis © WildPackets, Inc. 36
  • Unprecedented Network Visibility NETWORK HEALTH GLOBAL WatchPoint can manage and report on key devices’ performance and availability across the entire network, from anywhere on the network. UNDERSTAND END-USER PERFORMANCE TimeLine and Omnipliance network recorders monitor DISTRIBUTED and analyze performance across critical network segments, virtual environments, and remote sites. PINPOINT NETWORK ISSUES ANYWHERE Omnipliance Portable can rapidly identify and troubleshoot PORTABLE issues before they become major problems—wired or wireless—down the hall or across the globe. ROOT-CAUSE ANALYSIS OmniPeek network analyzer performs deep packet inspection DPI and can reconstruct all network activity, including e-mail and IM, as well as analyze VoIP and video traffic quality.The Importance of Protocol Analysis © WildPackets, Inc. 37
  • WildPackets Product Lines Software and Hardware Solutions for Portable and Distributed Network Monitoring and Analysis © WildPackets, Inc. www.wildpackets.com
  • Product Offerings Software and Turnkey Appliances • Enterprise Monitoring and Reporting ‒ WatchPoint Server ‒ OmniFlow, NetFlow, SNMP, and sFlow Collectors • Network Probes & Recorders ‒ Omnipliance Network Recorders – Edge, Core ‒ TimeLine Network Recorder ‒ OmniAdapter Analysis Cards • Portable Hardware Solutions ‒ Omnipliance Portable • Windows based Software Solutions ‒ OmniPeek software – Enterprise, Professional, Basic, Connect ‒ OmniEngine software – Enterprise, Desktop, OmniVirtualThe Importance of Protocol Analysis © WildPackets, Inc. 39
  • Omnipliance Network Recorders Price/performance solutions for every application Portable Edge Core TimeLine Ruggedized Small Networks / Regional Offices / Datacenter Troubleshooting Remote Offices Small Datacenter Workhorse Chassis 1U 3U 3U Memory 24GB 4 GB 6 GB 18 GB Expansion 2 PCI-E 2 PCI-E 4 PCI-E 4 PCI-E Storage 6 TB 1 TB 8 TB / 16 TB 8 TB / 16 TB / 32 TB Max. CTD 4.5Gbps 1Gbps 3.8Gbps 11+GbpsThe Importance of Protocol Analysis © WildPackets, Inc. 40
  • Comprehensive Support and Services Standard Support Premier Support  Maintenance and upgrades  24 x 7 x 365  Telephone and email contacts  Dedicated escalation manager  Knowledgebase  2 customer contacts per site  MyPeek Portal  Plug-in reconfiguration assistance WildPackets Training Academy  Public, web-based, and on-site classes  Complete curriculum: Technology and product focused  Practical applications and labs covering network analysis, wireless, VoIP monitoring and advanced troubleshooting Consulting and Custom Development Services  Deployment, configuration, and assessment engagement  Systems integration and testing  Application integration, driver, decode, interface developmentThe Importance of Protocol Analysis © WildPackets, Inc. 41
  • Key Differentiators • High-level network monitoring to root-cause analysis • Single solution for today’s converged networks ‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV • Reduce and even eliminate network downtime ‒ Automated monitoring 24x7 ‒ Speedy resolution of network bottlenecks • Improve network and application performance • Uniquely extensible platform – tailored to your needs ‒ Plug-ins and APIs for integration and customization • Fastest capture to disk performance in the industryThe Importance of Protocol Analysis © WildPackets, Inc. 42
  • Thank You! & Questions… Check out MyPeek! @ mypeek.wildpackets.com Follow us on SlideShare! Check out today’s slides on SlideShareWildPackets, Inc. www.slideshare.net/wildpacketswww.WildPackets.com(925) 937-3200 © WildPackets, Inc. www.wildpackets.com