The Endace product line consists of three hardware products (EndaceProbe INR, Endace NGA, EndaceODE) that provide network traffic capture capabilities. The EndaceAccess product allows for recording of 40GbE and 100GbE network traffic by breaking up the network stream across multiple INRs. EndaceVision is a software tool that provides visibility and visualization of network traffic that has been captured and recorded by the Endace hardware products. These products are powered by our Endace DAG card technology, which we also sell to large government and telecom customers.We also integrate with a variety of tools. These include:EndaceProbe Intelligent Packet Recorder: Integrates through RESTful API with Splunk and Compuware today.Endace Netflow Generator Appliance (NGA): Integrates with SevOne and Arbor Networks NetOps analysis tools, and with Lancope security analysis tool.Roughly 20% of the Endace product line’s overall revenue comes from DAG card sales. These sales are generally to large government security agencies and to telecom carriers. Of the non-DAG card revenue, the vast bulk of it (~70%) comes from the EndaceProbe INR. The Endace NGA is a new product that represented 10% of our total revenue last quarter, which we expect to grow over time.
Complete and accurate network visibility is critical to today’s enterprises. This chart (from the EndaceVision tool) graphically demonstrates the difference in visibility between low-res (sampling) network recorders and high-res (100% capture) network recorders from Emulex. Here you can see that the low-res tool did not provide the user with visibility into microbursts that were occurring that were at or near full network bandwidth. Without that visibility, it would be impossible to identify which applications and/or users were causing these microbursts, which could adversely impact the performance of critical applications.
One of the biggest differentiators for our visualization tools comes from our partnership with a variety of best-in-breed network packet broker (NPB), Network Performance Management (NPM), Application Performance Management (APM), and Security Event Management (SEM) tool vendors. We have names these partnerships the Endace Fusion Alliance. The Endace Fusion Alliance enables customers to build NPM/APM/SEM suites that meet their exact needs, and is in contrast to integrated tools, which force customers to buy tools that they may or may not need. The benefit to customers of this best-in-breed approach is lower CapEx (less tools and recording hardware to buy) and lower OpEx (less training, quicker time to resolution of network issues). This also provides channel partners with additional opportunities to integrate custom suites of tools together for customers, increasing their “share of wallet”.
So what does all this mean?It means that you get to make quicker decisions about how to respond to events, and to have confidence in those decisions.You get to deal with those annoying recurring events.You save your company loads of money by reducing the area under the curve and you get to be a hero.
Network Forensics for Splunk, an Emulex presentation
Matt Walmsley, EMEA Marketing
Tom Jones, Sales Engineer
Emulex, Endace Division