Slides from the recorded webinar hosted by our VP of Marketing, Cam Cullen, on the Procera Solution - where he outlines how Procera can help you navigate your way through difficulties incurred by your broadband, network, hosting, business or servicing platforms.
At the Commsday event in Sydney April 4th 2016, Thomas Vasen, Subscriber Experience Evangelist at Procera Networks, made the case on how operators should change how they measure the quality their network is capable of delivering in order to fight back the OTT players’ Scorecards. And I’ll bring you’re a case study how this was done successfully.
1) The document discusses measuring and reporting on network performance metrics like throughput, latency, and packet loss from the subscriber's perspective.
2) It recommends that ISPs measure all subscriber traffic all the time to provide actual customer experience data over reasonable periods during peak usage, meeting FCC guidance.
3) Measuring all traffic would allow ISPs to create their own network performance "scorecards" to report to regulators, market different service offerings to subscribers based on applications, and improve deficient areas of the network.
Optimizing Network Connectivity to your Data CenterThousandEyes
This document discusses optimizing network connectivity to data centers. It describes how enterprise networks have become more complex with connections to cloud providers, SaaS applications, mobile users and branch offices. This lack of clear boundaries creates visibility challenges across different network segments. ThousandEyes provides visibility into data centers, WANs and the internet to help monitor performance, identify issues in specific locations or with particular ISPs, and troubleshoot connectivity problems collaboratively with service providers.
ThousandEyes Alerting Essentials for Your NetworkThousandEyes
ThousandEyes provides network monitoring and alerting capabilities. Alerts are triggered based on conditions defined in alert rules, which specify tests, thresholds, and notification policies. Alerts can be configured for various network and application scenarios based on factors like loss, latency, routing changes, DNS issues, page load times, and more. Notifications can be sent by email, PagerDuty integration, or custom webhooks. The system aims to reduce false positives through configurable filtering and requiring multiple failed tests. Historical alert data is also available.
Accelerating web applications is always a balance of performance gains versus investment—in both time and money. Adding dedicated software or hardware point solutions can be expensive and introduce administrative overhead. Content delivery networks can have unpredictable ongoing costs. Recoding applications can impact time to market of new versions or other applications. The F5 solution adds application acceleration functions into the application delivery layer and promotes a simple acceleration policy that results in greatly reduced cost and complexity. Check out https://f5.com/solutions/enterprise/reference-architectures/acceleration for diagrams, white papers and how-to guides.
The presentation is ideal for people who needs to know how Bluecoat packetshaper could be beneficial to any organization. Especially with organizations having problems with Data network visibility traversing across WAN/LAN traffic.
- ThousandEyes delivers network intelligence into every network through cloud, enterprise, and endpoint agents that provide visibility.
- It tackles challenges in hybrid network environments and provides end-to-end visibility through these different agent types located throughout the network.
- The solution also detects internet outages through analyzing aggregated anonymous traffic and routing data from across its global customer base to identify outage events, their scope and likely root causes.
At the Commsday event in Sydney April 4th 2016, Thomas Vasen, Subscriber Experience Evangelist at Procera Networks, made the case on how operators should change how they measure the quality their network is capable of delivering in order to fight back the OTT players’ Scorecards. And I’ll bring you’re a case study how this was done successfully.
1) The document discusses measuring and reporting on network performance metrics like throughput, latency, and packet loss from the subscriber's perspective.
2) It recommends that ISPs measure all subscriber traffic all the time to provide actual customer experience data over reasonable periods during peak usage, meeting FCC guidance.
3) Measuring all traffic would allow ISPs to create their own network performance "scorecards" to report to regulators, market different service offerings to subscribers based on applications, and improve deficient areas of the network.
Optimizing Network Connectivity to your Data CenterThousandEyes
This document discusses optimizing network connectivity to data centers. It describes how enterprise networks have become more complex with connections to cloud providers, SaaS applications, mobile users and branch offices. This lack of clear boundaries creates visibility challenges across different network segments. ThousandEyes provides visibility into data centers, WANs and the internet to help monitor performance, identify issues in specific locations or with particular ISPs, and troubleshoot connectivity problems collaboratively with service providers.
ThousandEyes Alerting Essentials for Your NetworkThousandEyes
ThousandEyes provides network monitoring and alerting capabilities. Alerts are triggered based on conditions defined in alert rules, which specify tests, thresholds, and notification policies. Alerts can be configured for various network and application scenarios based on factors like loss, latency, routing changes, DNS issues, page load times, and more. Notifications can be sent by email, PagerDuty integration, or custom webhooks. The system aims to reduce false positives through configurable filtering and requiring multiple failed tests. Historical alert data is also available.
Accelerating web applications is always a balance of performance gains versus investment—in both time and money. Adding dedicated software or hardware point solutions can be expensive and introduce administrative overhead. Content delivery networks can have unpredictable ongoing costs. Recoding applications can impact time to market of new versions or other applications. The F5 solution adds application acceleration functions into the application delivery layer and promotes a simple acceleration policy that results in greatly reduced cost and complexity. Check out https://f5.com/solutions/enterprise/reference-architectures/acceleration for diagrams, white papers and how-to guides.
The presentation is ideal for people who needs to know how Bluecoat packetshaper could be beneficial to any organization. Especially with organizations having problems with Data network visibility traversing across WAN/LAN traffic.
- ThousandEyes delivers network intelligence into every network through cloud, enterprise, and endpoint agents that provide visibility.
- It tackles challenges in hybrid network environments and provides end-to-end visibility through these different agent types located throughout the network.
- The solution also detects internet outages through analyzing aggregated anonymous traffic and routing data from across its global customer base to identify outage events, their scope and likely root causes.
Are You Ready For More Visitors Cognizant Gomez Jan20Compuware APM
1) Traditional load testing is limited in its ability to accurately measure end-user experience and identify issues with third-party components.
2) Load testing 2.0 uses real user testing from geographically distributed locations to better understand regional response times and external factors that impact performance.
3) A case study showed that load testing 2.0 uncovered poor response times for key revenue regions that traditional load testing failed to detect.
The Top Outages of 2021: Analysis and TakeawaysThousandEyes
1) The presentation provided an overview of notable internet outages that occurred in 2021 and discussed the key digital service building blocks (DNS, BGP, CDNs, cloud services, etc.) that when disrupted can cause outages.
2) A top 10 countdown of major outages was presented, including details on the duration and impact of each outage. Lessons learned from each outage were also summarized.
3) "Shadow outages" caused by attacks on DNS and routing mishaps that may fly under the radar were also briefly mentioned.
1) WTHI is implementing an enhanced corporate security plan across its 4 locations to address issues with its existing security systems and wide area network (WAN).
2) The plan includes upgrading the video surveillance, badge access control, WAN, firewalls, intrusion detection, web filtering, anti-spam, antivirus, and VPN.
3) The total capital cost is $442,079 and annual recurring costs are $131,200 but the revenue generated would cover these costs within a few hours, demonstrating a quick payoff period. Failing to upgrade security could result in network downtime costing $45,000 per hour.
Internet Outage Detection allows users to rapidly detect both network and routing outages and understand their scope and likely root cause. Explore data from major outages and learn to use Internet Outage Detection to diagnose issues and their impact. See the webinar recording at https://www.thousandeyes.com/resources/diagnosing-internet-outages-webinar
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
The Bluecoat ProxySG solution provides web filtering, malware protection, and reporting through its integrated WebFilter and WebPulse cloud services which analyze over 2 billion requests per week to provide real-time web ratings and threats intelligence to the ProxySG appliance. The new Reporter 9 interface provides customized dashboards and reporting for up to 150,000 users with scalable log storage and performance.
ISP Connectivity Webinar: No Longer a Black BoxThousandEyes
Your Internet Service Providers are critical to keeping your data centers and offices connected. Yet you may not have much insight into the performance of ISP links outside your network. ThousandEyes maps network topologies across ISP networks, measures performance of data center ingress and egress, and captures BGP routing changes across all relevant prefixes.
In this webinar, we’ll share how to:
*Get visibility into ISP environments in just minutes
*Associate path and route changes to app and network performance
*Share data on specific problem interfaces and links with your ISPs
The document provides an introduction to ACI for network administrators. It discusses building an ACI network through the perspective of a network administrator. The session objectives are to understand ACI components and models, configure external connectivity and integrate third-party devices, and automate ACI configuration. The agenda covers topics such as ACI building blocks, VMware integration, service graphs, and getting started with ACI.
This document provides information on Blue Coat's PacketShaper and ProxySG products. PacketShaper provides application visibility and quality of service to prioritize important applications. It can identify over 600 applications and provide bandwidth controls. ProxySG provides secure web gateway functionality including malware protection, web content filtering, and WAN optimization techniques like caching and compression to accelerate application performance. Both products integrate with Blue Coat's management platforms.
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...ThousandEyes
The network is a key component in application delivery and is often a direct or indirect target of security attacks
such as DDoS and BGP hijacking. Mitigation strategies often involve using a third party cloud service without any
visibility into whether the mitigation is working well. Using real life examples, we will show how one can measure
the user perceived impact of an ongoing attack, as well as identify which aspects of the mitigation are not working
as desired. With this detailed availability and performance data at the various layers, financial firms can learn how
to better manage ongoing attacks.
Facebook Outage Analysis: Using External Visibility to Fortify AvailabilityThousandEyes
The presentation summarized Facebook's outage in October 2021. It discussed how Facebook's DNS architecture was hosted in their own data centers. During the outage, Facebook's authoritative nameservers became nonresponsive. Additionally, BGP advertisements for Facebook's DNS IP blocks were withdrawn, making the DNS servers unreachable. This caused users to be unable to access Facebook services. The root cause analysis showed that maintenance impacted Facebook's internal backbone connections. Lessons included avoiding single points of failure in DNS, diversifying providers and services, and optimizing business continuity strategies.
Businesses today increasingly rely on effective networks for their success. In a world where constant connectivity is more important than ever, network inefficiencies disrupt business productivity. Sangfor’s WAN Optimization Controller (WOC) resolves these ineffeciencies to accelerate your network traffic between offices - keeping your team working instead of waiting. For more information, please visit www.sangfor.net
This document provides an introduction and overview of ThousandEyes. It begins with an introduction of ThousandEyes and what it is, followed by an agenda for the presentation which includes an introduction, demo, and Q&A section. It then provides background on ThousandEyes including its locations, founding year, customer base, and features. The remainder of the document demonstrates how ThousandEyes provides internet and cloud visibility for enterprises, highlights common enterprise problems it can help with, shows its monitoring capabilities and use cases. It also includes demos on supporting remote workforces and digital experience monitoring before concluding with customer case studies and Cisco integration information.
Endpoint Agent Part 1: End User ExperienceThousandEyes
Endpoint Agent monitors end user experience from employee laptops and desktops to understand web performance and Internet connectivity of any browser-based service.
Reverse Path Visibility with Agent-to-Agent TestsThousandEyes
This document discusses reverse path visibility using agent-to-agent tests in ThousandEyes. It describes how agent-to-agent tests provide bidirectional path visibility across internal and external networks to accurately monitor the forward and reverse paths. This gives more precise diagnostic data to isolate network faults. It also explains how enabling NAT traversal allows agent-to-agent tests to work across NAT devices without requiring inbound port forwarding rules.
Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic.
This is an introductory guide of how to get set up and monitor the benefits of Argo.
Please do note that Argo is an add-on feature.
Lessons from an AWS outage and how to detect root cause of cloud service disr...ThousandEyes
Enterprise IT and Ops team are frequently challenged by complex cloud architectures that are continually evolving. As a result, your teams suffer from increased MTTI during fault diagnosis and are often left frustrated and helpless during a cloud outage.
Join this webinar to see an analysis of a recent AWS outage and the downstream implications a cloud outage can have on your service delivery and user experience. In this demonstration you will learn:
- Monitoring best practices to reduce MTTI during cloud outages
- Why APM and cloud-native tools like CloudWatch fall short
- How to hold cloud service providers accountable when something goes wrong
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 5 of 10
This Webinar focuses on Controlling Ports and Network Devices
• Ports and Protocols
• Network Mappers
• Protocol Attacks
• Use of Firewalls
• Identifying Network Boundaries
• NIST 800 framework and CIS
• Switches and Routers
• Routing Protocols
• Switch Security
• Hardening the Network
• Good Network Administration
• Internet Control Message Protocol
• Anti-spoofing and logging
• Configuring a secure network perimeter
• Secure IOS-based Routers using automated features
• Securing Desktops, Notebooks, Servers and Mobile Devices
Security Delivery Platform: Best practicesMihajlo Prerad
Security Delivery Platform: Best practices
The traditional Security model was one that operated under simple assumptions. Those assumptions led to deployment models which in todays’ world of cyber security have been proven to be quite vulnerable and inadequate to growing amount and diversity of threats.
A Security Delivery Platform addresses the above considerations and provides a powerful solution for deploying a diverse set of security solutions, as well as scaling each security solution beyond traditional deployments. Such platform delivers visibility into the lateral movement of malware, accelerate the detection of ex-filtration activity, and could significantly reduce the overhead, complexity and costs associated with such security deployments.
In today’s world of industrialized and well-organized cyber threats, it is no longer sufficient to focus on the security applications exclusively. Focusing on how those solutions get deployed together and how they get consistent access to relevant data is a critical piece of the solution. A Security Delivery Platform in this sense is a foundational building block of any cyber security strategy.
This document discusses F5 Networks and SecureData's partnership. It notes that SecureData is an F5 Gold Partner and that F5 provides multi-cloud security solutions. It also discusses challenges of multi-cloud environments like operational complexity and security issues. F5 solutions aim to provide consistent security visibility, reduce cloud costs, and offer a unified security dashboard across environments.
Are You Ready For More Visitors Cognizant Gomez Jan20Compuware APM
1) Traditional load testing is limited in its ability to accurately measure end-user experience and identify issues with third-party components.
2) Load testing 2.0 uses real user testing from geographically distributed locations to better understand regional response times and external factors that impact performance.
3) A case study showed that load testing 2.0 uncovered poor response times for key revenue regions that traditional load testing failed to detect.
The Top Outages of 2021: Analysis and TakeawaysThousandEyes
1) The presentation provided an overview of notable internet outages that occurred in 2021 and discussed the key digital service building blocks (DNS, BGP, CDNs, cloud services, etc.) that when disrupted can cause outages.
2) A top 10 countdown of major outages was presented, including details on the duration and impact of each outage. Lessons learned from each outage were also summarized.
3) "Shadow outages" caused by attacks on DNS and routing mishaps that may fly under the radar were also briefly mentioned.
1) WTHI is implementing an enhanced corporate security plan across its 4 locations to address issues with its existing security systems and wide area network (WAN).
2) The plan includes upgrading the video surveillance, badge access control, WAN, firewalls, intrusion detection, web filtering, anti-spam, antivirus, and VPN.
3) The total capital cost is $442,079 and annual recurring costs are $131,200 but the revenue generated would cover these costs within a few hours, demonstrating a quick payoff period. Failing to upgrade security could result in network downtime costing $45,000 per hour.
Internet Outage Detection allows users to rapidly detect both network and routing outages and understand their scope and likely root cause. Explore data from major outages and learn to use Internet Outage Detection to diagnose issues and their impact. See the webinar recording at https://www.thousandeyes.com/resources/diagnosing-internet-outages-webinar
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
The Bluecoat ProxySG solution provides web filtering, malware protection, and reporting through its integrated WebFilter and WebPulse cloud services which analyze over 2 billion requests per week to provide real-time web ratings and threats intelligence to the ProxySG appliance. The new Reporter 9 interface provides customized dashboards and reporting for up to 150,000 users with scalable log storage and performance.
ISP Connectivity Webinar: No Longer a Black BoxThousandEyes
Your Internet Service Providers are critical to keeping your data centers and offices connected. Yet you may not have much insight into the performance of ISP links outside your network. ThousandEyes maps network topologies across ISP networks, measures performance of data center ingress and egress, and captures BGP routing changes across all relevant prefixes.
In this webinar, we’ll share how to:
*Get visibility into ISP environments in just minutes
*Associate path and route changes to app and network performance
*Share data on specific problem interfaces and links with your ISPs
The document provides an introduction to ACI for network administrators. It discusses building an ACI network through the perspective of a network administrator. The session objectives are to understand ACI components and models, configure external connectivity and integrate third-party devices, and automate ACI configuration. The agenda covers topics such as ACI building blocks, VMware integration, service graphs, and getting started with ACI.
This document provides information on Blue Coat's PacketShaper and ProxySG products. PacketShaper provides application visibility and quality of service to prioritize important applications. It can identify over 600 applications and provide bandwidth controls. ProxySG provides secure web gateway functionality including malware protection, web content filtering, and WAN optimization techniques like caching and compression to accelerate application performance. Both products integrate with Blue Coat's management platforms.
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...ThousandEyes
The network is a key component in application delivery and is often a direct or indirect target of security attacks
such as DDoS and BGP hijacking. Mitigation strategies often involve using a third party cloud service without any
visibility into whether the mitigation is working well. Using real life examples, we will show how one can measure
the user perceived impact of an ongoing attack, as well as identify which aspects of the mitigation are not working
as desired. With this detailed availability and performance data at the various layers, financial firms can learn how
to better manage ongoing attacks.
Facebook Outage Analysis: Using External Visibility to Fortify AvailabilityThousandEyes
The presentation summarized Facebook's outage in October 2021. It discussed how Facebook's DNS architecture was hosted in their own data centers. During the outage, Facebook's authoritative nameservers became nonresponsive. Additionally, BGP advertisements for Facebook's DNS IP blocks were withdrawn, making the DNS servers unreachable. This caused users to be unable to access Facebook services. The root cause analysis showed that maintenance impacted Facebook's internal backbone connections. Lessons included avoiding single points of failure in DNS, diversifying providers and services, and optimizing business continuity strategies.
Businesses today increasingly rely on effective networks for their success. In a world where constant connectivity is more important than ever, network inefficiencies disrupt business productivity. Sangfor’s WAN Optimization Controller (WOC) resolves these ineffeciencies to accelerate your network traffic between offices - keeping your team working instead of waiting. For more information, please visit www.sangfor.net
This document provides an introduction and overview of ThousandEyes. It begins with an introduction of ThousandEyes and what it is, followed by an agenda for the presentation which includes an introduction, demo, and Q&A section. It then provides background on ThousandEyes including its locations, founding year, customer base, and features. The remainder of the document demonstrates how ThousandEyes provides internet and cloud visibility for enterprises, highlights common enterprise problems it can help with, shows its monitoring capabilities and use cases. It also includes demos on supporting remote workforces and digital experience monitoring before concluding with customer case studies and Cisco integration information.
Endpoint Agent Part 1: End User ExperienceThousandEyes
Endpoint Agent monitors end user experience from employee laptops and desktops to understand web performance and Internet connectivity of any browser-based service.
Reverse Path Visibility with Agent-to-Agent TestsThousandEyes
This document discusses reverse path visibility using agent-to-agent tests in ThousandEyes. It describes how agent-to-agent tests provide bidirectional path visibility across internal and external networks to accurately monitor the forward and reverse paths. This gives more precise diagnostic data to isolate network faults. It also explains how enabling NAT traversal allows agent-to-agent tests to work across NAT devices without requiring inbound port forwarding rules.
Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic.
This is an introductory guide of how to get set up and monitor the benefits of Argo.
Please do note that Argo is an add-on feature.
Lessons from an AWS outage and how to detect root cause of cloud service disr...ThousandEyes
Enterprise IT and Ops team are frequently challenged by complex cloud architectures that are continually evolving. As a result, your teams suffer from increased MTTI during fault diagnosis and are often left frustrated and helpless during a cloud outage.
Join this webinar to see an analysis of a recent AWS outage and the downstream implications a cloud outage can have on your service delivery and user experience. In this demonstration you will learn:
- Monitoring best practices to reduce MTTI during cloud outages
- Why APM and cloud-native tools like CloudWatch fall short
- How to hold cloud service providers accountable when something goes wrong
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 5 of 10
This Webinar focuses on Controlling Ports and Network Devices
• Ports and Protocols
• Network Mappers
• Protocol Attacks
• Use of Firewalls
• Identifying Network Boundaries
• NIST 800 framework and CIS
• Switches and Routers
• Routing Protocols
• Switch Security
• Hardening the Network
• Good Network Administration
• Internet Control Message Protocol
• Anti-spoofing and logging
• Configuring a secure network perimeter
• Secure IOS-based Routers using automated features
• Securing Desktops, Notebooks, Servers and Mobile Devices
Security Delivery Platform: Best practicesMihajlo Prerad
Security Delivery Platform: Best practices
The traditional Security model was one that operated under simple assumptions. Those assumptions led to deployment models which in todays’ world of cyber security have been proven to be quite vulnerable and inadequate to growing amount and diversity of threats.
A Security Delivery Platform addresses the above considerations and provides a powerful solution for deploying a diverse set of security solutions, as well as scaling each security solution beyond traditional deployments. Such platform delivers visibility into the lateral movement of malware, accelerate the detection of ex-filtration activity, and could significantly reduce the overhead, complexity and costs associated with such security deployments.
In today’s world of industrialized and well-organized cyber threats, it is no longer sufficient to focus on the security applications exclusively. Focusing on how those solutions get deployed together and how they get consistent access to relevant data is a critical piece of the solution. A Security Delivery Platform in this sense is a foundational building block of any cyber security strategy.
This document discusses F5 Networks and SecureData's partnership. It notes that SecureData is an F5 Gold Partner and that F5 provides multi-cloud security solutions. It also discusses challenges of multi-cloud environments like operational complexity and security issues. F5 solutions aim to provide consistent security visibility, reduce cloud costs, and offer a unified security dashboard across environments.
Motadata offers a unified IT monitoring platform that provides network monitoring, log and flow monitoring, and IT service management. It collects and analyzes machine data from various sources to provide visibility into infrastructure performance and identify issues. The platform uses data analytics to detect anomalies and security threats. It also helps automate IT processes like incident, problem, and change management to improve service delivery and reduce ticket volumes. Motadata integrates data from multiple systems onto a single dashboard for a comprehensive view of the IT environment.
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk
The Splunk App for Stream provides concise summaries of wire data in 3 sentences or less:
The Splunk App for Stream enables capturing and analyzing wire data from public, private, and hybrid cloud infrastructures for real-time operational insights. It delivers rapid deployment and scalability along with efficient wire data collection. The app captures critical events not found in logs to enhance operational intelligence through wire data analysis.
Cisco Connect Halifax 2018 Application insight and zero trust policies with...Cisco Canada
This document provides an overview of Cisco Tetration, which is a platform that provides application dependency mapping, segmentation, and security across data centers, public clouds, and hybrid environments. It analyzes network traffic using software sensors to map application dependencies and clusters. It then generates whitelist policies and enforces segmentation policies across workloads to limit communication based on application ownership and intent-based rules. The platform also provides capabilities for compliance monitoring, inventory tracking, performance monitoring, and ecosystem integration. It has various deployment options including on-premises, public cloud, and as a managed service.
The document discusses several ways that a large enterprise customer with multiple branch offices can optimize connectivity to Microsoft cloud services like Office 365 and Azure. It provides details on configuring network security devices using published Microsoft endpoint data to identify and route Office 365 traffic efficiently. It also compares approaches like using SD-WAN, ExpressRoute connections, or secure web gateways to provide local internet breakouts or private connections to the cloud.
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
Learn how Elasticsearch efficiently combines data in a single store and how Kibana is used to analyze it. Plus, see how recent developments help identify, troubleshoot, and resolve operational issues faster.
The document discusses the need for telecommunications providers to automate their networks in order to handle increasing traffic volumes, device connections, and complexity cost effectively. It outlines the business benefits of automation including 30% revenue uplift, 70% cost reductions, and 40% better customer satisfaction. Specific Cisco products and solutions are presented that enable network automation capabilities such as intent-based networking, data centralization, accelerated troubleshooting, and network optimization. The overall message is that network automation through tools like Cisco Crosswork is necessary for telecommunications providers to sustain their business in the face of rising network demands.
The process of streaming real-time data from a wide variety of machine data sources and entities can be very complex and unwieldy. Using an agent-based approach, Informatica has invented a new technique and open access product that makes this process much more user friendly and efficient, even when dealing with multiple environments such as Hadoop, Cassandra, Storm, Amazon Kinesis and Complex Event Processing.
This document summarizes a training on customizing NetFlow Analyzer for diagnosing and troubleshooting traffic issues faster. It discusses how to customize data storage and dashboards, use reporting and automation, and conduct troubleshooting with forensics. Major topics covered include controlling data retention, identifying potential issues early with alerts, finding the root cause of issues using reports and forensics, resolving issues, optimizing traffic, and verifying billing. The trainer provides guidance on these capabilities in NetFlow Analyzer to help users diagnose network problems more quickly and efficiently.
Streaming Data and Stream Processing with Apache Kafkaconfluent
Apache Kafka is an open-source streaming platform that can be used to build real-time data pipelines and streaming applications. It addresses challenges with diverse data sets arriving at increasing rates. The document discusses how Apache Kafka can help with challenges around data integration, stream processing, and managing streaming platforms at scale. It also outlines key features of Apache Kafka like the Kafka Connect API for data integration, the Kafka Streams API for stream processing, and Confluent Control Center for monitoring and management.
In this presentation, you'll learn how to troubleshoot bandwidth issues with NetFlow Analyzer.
Topics covered:
1. Customizing data storage
2. Customizing dashboards
3. Reporting and automation
4. Troubleshooting with forensics
5. Traffic shaping
6. Capacity planning and billing
To know more, visit www.netflowanalyzer.com
The document discusses Cisco's Encrypted Traffic Analytics (ETA) solution. ETA uses machine learning techniques to analyze metadata from encrypted network traffic and detect malware without decrypting traffic. It can identify malware signatures and anomalous behavior in encrypted web, cloud, and internal traffic. ETA extracts features from packet lengths, times, and byte distributions to build detectors that can find known malware in encrypted traffic with high accuracy. The solution provides visibility, compliance monitoring, and threat detection across an organization's entire network, including campus, branch offices, and the cloud.
Legacy monitoring and troubleshooting tools can limit visibility and control over your infrastructure and applications. Organizations must find monitoring and troubleshooting tools that can scale with the volume, variety and velocity of data generated by today’s complex applications in order to keep pace with business demands. Our upcoming webinar will discuss how Sumo Logic helped Scripps Networks harness cloud-native machine data analytics to improve application quality and reliability on AWS. Sumo Logic allows IT operations teams to visualize and monitor workloads in real-time, identify issues and expedite root-cause analysis across the AWS environment.
Join us to learn:
• How to migrate from traditional on-premises data centers to AWS with confidence
• How to improve the monitoring and troubleshooting of modern applications
• How Scripps Networks, a leading content developer, used Sumo Logic to optimize their transition to AWS
Who should attend: Developers, DevOps Director/Manager, IT Operations Director/Manager, Director of Cloud/Infrastructure, VP of Engineering
Wire data provides deep insights across IT, security and business use cases by capturing the communications transmitted over the wire between machines and applications in real-time. The Splunk App for Stream enables new operational intelligence by indexing this wire data without needing instrumentation. It provides enhanced visibility, efficient cloud-ready collection, and fast time to value through interface-driven deployment. Key features include protocol decoding, attribute filtering, aggregations, and custom content extraction for analysis in Splunk.
Applications increasingly rely not only on internal enterprise networks, but also on the Internet, for high levels of end user performance. The ThousandEyes platform helps you to deploy monitoring points, analyze network data and collaborate with external vendors to achieve superior application delivery for your employees and customers. In this presentation, we demo how to collect performance data across enterprise, WAN and ISP networks, and analyze metrics and network topologies to find root causes. Watch the full presentation with interactive demo here: https://www.thousandeyes.com/lp/getting-started-webinar
Watch the full OnDemand Webcast: http://bit.ly/tuneupnetwork
It’s time to make good on that new year’s resolution. Admit it, in a moment of weakness as the clock hit midnight you resolved to dig in and tune up your corporate network in the new year. Well, the new year is already passing quickly by, so if you haven’t yet made good on that resolution, here is your chance. In these slides from our web seminar, we return to the basics – overall network evaluation, baseline measurements and comparisons, typical yet troublesome network issues, sharing bandwidth in the presence of time-sensitive applications, security, and overall network monitoring and reporting, just to name a few. We focus on practical issues and practical methods for improving the overall health of your network.
In these slides, we will cover:
- Critical elements to consider when evaluating your network
- Common pitfalls and how to avoid them
- Developing and using network baselines
- Optimizing network usage in the presence of competing applications and protocols
- Monitoring and reporting on your well-tuned network
What you will learn:
1. How and where to find the data you need
2. How to automate network monitoring and analysis to ensure the success of your tune up
3. How to quickly diagnose problems when things go wrong
An experience is a personal and emotional event we remember. Every experience is established based upon pre-determined expectations we conceive and create in our minds. It’s personal, and therefore, remains a moving and evolving target in every scenario. When our experience concludes and the moment has passed, the outcome remains in our memory. Think about what makes you happy when connecting with your own device and then think about what makes you really upset when things are hard, complicated, and slow. If the user has a bad experience in anyone of these areas (simple, fast, and smart), they are likely to leave, share their negative experience, and potentially never return. Users might forget facts or details about their computing environment but they find it difficult to forgot the feeling behind a bad network experience. When something goes wrong with the network or an application, do you always get the blame?
So what can Ultra Low, consistent latency deliver? Low latency is a requirement for intensive, time critical applications. Latency is measure on a port-to-port basis, that once a frame is received on a ingress port how long does it take the frame to go through the internal switching infrastructure and leave an ingress port. The Summit X670 Top of Rack switch supports latency of around 800-900usec while the Black Diamond chassis, BDX8, can switch frames in a little as 3usec. We’re big believers in the value of disaggregation – of breaking down traditional data center technologies into their core components so we can build new systems that are more flexible, more scalable, and more efficient. This approach has guided Facebook from the beginning, as we’ve grown and expanded our infrastructure to connect more than 1.28 billion people around the world.
Flatter networks. Traditional data center networks have a minimum of three tiers: top of rack (ToR), aggregation and core. Often, there is more than one aggregation tier, meaning the data center could have three or more network tiers. When network traffic is primarily best effort, this is sufficient. But as more mission-critical, real-time traffic flows into the data center, it becomes critical that organizations move to two-tier networks.
An increase in east-west traffic flows. Legacy data center networks are designed for traffic to flow from the edge of the network into the core and then back to the edge in a north-south direction. Today, however, factors such as workforce mobility, Hadoop, big data and other applications are driving east-west traffic flows from server to server.
Virtualization of other IT assets. Historically, compute resources such as processor, memory and storage were resident in the server itself. Over time, more and more of these resources are being put into “pools” that can be accessed on demand. In this case, the data center network becomes a “fabric” that acts as the backplane for the virtualized data center.
Challenges of a multi tenant kafka serviceThomas Alex
Presentation at Seattle Apache Kafka Meetup Apr 18, 2017
Abstract: Microsoft has extensive deployments of Kafka supporting large scale data streaming. This talk will introduce the challenges in building a multi-tenant system for the enterprise, and discuss the design approach we have taken.
Speaker: Thomas Alex, Principal Program Manager, Microsoft
Thomas Alex is a Program Manager in the Shared Data team at Microsoft, and has worked on many aspects of big data: data ingestion, data distribution, master data management, orchestration and ETL pipeline management, data virtualization, in-memory databases, business intelligence, and reporting.
Microsoft challenges of a multi tenant kafka serviceNitin Kumar
The document discusses Siphon, a managed event streaming service from Microsoft. Siphon provides an enterprise data bus that can ingest up to 800 TB of data per day from millions of data producers at near real-time speeds. It uses Apache Kafka and scales to over 1,800 production Kafka brokers and 450 topics. Siphon offers availability, reliability, isolation, and regulatory compliance through its multi-tenant architecture and deployment across multiple regions. It allows customers to easily manage their event streaming through a self-service API and UI.
Similar to Shine a Light on the Darkening of the Internet (20)
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
6. Encrypted Traffic Dominates Networks Worldwide
Service Upstream %
SSL v3 16.12%
WebDAV 7.83%
Netflix 5.65%
HTTP 5.52%
HTTP media stream 5.41%
Raw MPEG-TS 4.85%
BitTorrent transfer 4.85%
uTP 4.65%
BitTorrent KRPC 3.70%
Google 3.40%
YouTube 2.04%
RTP 1.73%
HTTP download 1.44%
Facebook 1.44%
BitTorrent encrypted transfer 1.39%
Procera Networks Data - December 2016
Service Downstream %
Netflix 19.27%
HTTP media stream 16.39%
SSL v3 9.63%
YouTube 8.96%
HTTP 4.47%
Raw MPEG-TS 4.08%
HTTP download 3.42%
Facebook 3.19%
QUIC 1.86%
Xbox Live update 1.49%
Instagram 1.46%
Playstation.net download 1.16%
uTP 1.09%
BitTorrent transfer 1.05%
HTTP2 over TLS 1.00%
7. Regional Popularity
December 2016
Service DS% US%
Netflix 22.51% 9.04%
HTTP media stream 17.64% 6.84%
SSL v3 8.66%18.98%
Raw MPEG-TS 7.79% 8.48%
YouTube 5.35% 2.05%
Service DS% US%
HTTP media stream 21.54% 2.77%
SSL v3 8.06% 8.17%
YouTube 7.23% .86%
HTTP 5.17% 3.9%
BitTorrent KPRC 5.13%25.68%
Service DS% US%
HTTP media stream 13.06% 2.72%
Netflix 11.90% 1.81%
SSL v3 8.78%14.88%
Facebook 7.75% 1.80%
YouTube 7.04% 2.22%
8. Worldwide Application Growth (By Volume)
2016 Growth in Key Services – Heavy on Encrypted Applications
Service Upstream
Netflix 30.93%
YouTube 61.01%
SSL v3 47.45%
HTTP 63.65%
Facebook 88.57%
Amazon Prime 257.64%
Instagram 119.20%
uTP 58.37%
Twitch 82.60%
Twitter 93.26%
Service Downstream
Netflix 93.55%
YouTube 67.61%
SSL v3 140.25%
HTTP 80.71%
Facebook 76.72%
Amazon Prime 217.23%
Instagram 145.64%
uTP 69.09%
Twitch 175.47%
Twitter 136.21%
9. What do we mean by encryption
Three categories
Obfuscation Proxies Encryption
PROXIES ENCRYPTION
VPN
10. Encryption Scenarios Going Forward
10
HTTP HTTPS
(TLS 1.1/1.2)
Full URL
Hostname
User Agent
Content Type
File Size
Other HTTP/HTML
Full URL
Hostname (direct)
User Agent
Content Type
File Size
Other HTTP/HTML
1 TLS 1.3
SNI Clear
TLS 1.3
SNI Encrypted
DNS
Encrypted
2 3 4
1 Happening 2015 and 2016
Will happen in 2017
May happen as part of TLS1.3 in 12-18 months
May happen in 24-36 months
2
3
4
Full URL
Hostname (direct)
User Agent
Content Type
File Size
Other HTTP/HTML
Full URL
Hostname (inferred)
User Agent
Content Type
File Size
Other HTTP/HTML
Full URL
Hostname (inferred)
User Agent
Content Type
File Size
Other HTTP/HTML
HTTP
23%
non-
HTTP
77%
12. Weekly Signature Updates
Industry-leading Agility and Speed to Keep Pace with the Internet Age
2775 signatures
Average of
16 updates or
additions per
week over the
past year
13. Multiple Application Detection Techniques
•Expression matches: Patterns on payload
•Analyzers: Virtual Services
•Control/Data protocols: Port tainted
•TLS detection: SNI tracking
•Heuristics mechanisms: Flow behavioral
analysis
— Randomness
— Metrics
— VoIP flag
Sample of DRDL techniques for Application Identification
14. Sophisticated Tools to Accelerate Development
Highly Automated Signatures Lab Solves Major Challenges
Assessing Regional
Dependencies
Automated Update
Tracking
The Device Matters
17. Impact of Encryption on Use Cases
And leveraging virtualization
SecurityIT Analytics Traffic
Management
Policy &
Charging
to
Regulatory
Compliance
to
eVolution eVolution
eVolution
18. •Customer Shifted from a
traditional probe to
Procera due to reduced
visibility
• Supporting Tens of Millions
of Mobile subscribers
• Over 20 virtual systems
running >40Gbps of capacity
streaming IPFix to HP Big
Data system
•Executives get weekly
reports leveraging
Procera’s Unique
Network, Subscriber,
and Service Intelligence
Virtualization: LTE Analytics Use Cases
Executive Decisioning with Carrier-Scale Big Data Deployment
PSM
LTE
Packet Core
Core Router
IPFix
IPFix
eVolution
Provisioning
LiveView
HP Data
Warehouse
Sample Use Cases
OTT
Trending
Revenue
Assurance
IoT
Analytics
Network Forensics
Service
Planning
Performance
Monitoring
19. Encryption: In-Line Policy Enforcement Use Cases
High Profile Application Aware Services and Regulatory Compliance
Real-time
Visibility
Real-time forensics
with topology
awareness
Traffic Mgmt
Sophisticated
queuing to enhance
subscriber QoE and
manage P2P shaping
Regulatory
Compliance
OTT VOIP Blocking
and VPN detection
Analytics
Subscriber,
application, location
and device reporting
and forecasting
Customer Care
Customer Care
Insights for real-time
problem resolution
Intelligent
Charging
Differentiated billing
based on subscriber
intelligence using Gy
Tiered Services
Service plans
enhancing customer
value using Gx
Peering
BGP Peering
analytics and
management
WiFi Services
PCEF for the WiFi
Network using Gx
and Gy
URL
Categorization
URL categorization
based on a set of
predefined rules
OTT Partnerships
Zero-rating and/or
revenue sharing
partnerships with
OTT players
IPFix Data Feed
For use with
sixthsense media
services
40G
per
system
80G
per
system
Internet
.
.
.
x9
.
.
. x4
20. Big Data: Analytics Use Cases
Data Scientists + Procera Data = $$$M in Additional Revenue Generated in 2016
PRE PL 8960
PSM Cluster
for Enrichment
6 Collection Sites
StreamMediation
.
.
.
.
PIC
COLLECTOR
IPFIX
CDR
Data
Analytics
Visualisation
Campaign
Management
Billing
IN
CRM
Network
TV Log
Sample Use Cases
Revenue
Assurance
Campaign
Demographics
Network Forensics
Service
Planning
QoE
Monitoring
Trend
Monitoring
21.
22. Thank you
Download the whitepaper at:
https://www.proceranetworks.com/lp-
procera-spotlights-encryption
Editor's Notes
This is a statement we have listened many times for the last year. Is it true? Are we going dark? Is it the end of DPI?
What it does mean: More privacy for the end user. Good for all of us, as Internet users.
What it doesn´t mean: Encryption does not make services undetectable, but it only makes us, as DPI company, to apply smarter techniques to detect the services. Some granularity is lost, but the main service will be available. Just as an example, 3 years ago we were able to see the videos seen in youtube looking at the URL, and this is not possible anymore.
What is common between bird-watching and traffic detection?
When we talk about DPI, how it is today and how it will work in the future, the analogy between DPI and Bird-watching is very powerful. Let´s call it packet-watching
Every birds have their own body shape and profile. The shape, size, colour and feature of legs, feathers, skin, beak. This is a starling
Today for DPI we look into specific details of a packet, which is written in clear text, like the hostname, or which hexadecimal pattern we can find in that packet.
This is going to change, the same way that in bird-watching you have to deal with a flock.
Between 50% and 70% of traffic volume is encrypted nowadays.
The trend keeps growing. This tweet by Josh Aas is the Head of Let´s Encrypt, former Mozilla employee, represents the importance of HTTPS for web browsing.
For the first time, in October more than 50% page loads done in Firefox were HTTPS.
Let´s Encrypt is an open certificate authority and gives free certificates to web sites.
Netflix, with its global expansion taking hold, is the overall leader in downstream worldwide, followed closely by HTTP Media streaming, which is used by many other video streaming services from content providers.
Regionally, Netflix is King in North America and a close 2nd in APAC, but not a force in Europe yet, with other streaming video services being major contributors throughout the regions as well. SSL v3 and HTTP represent the share of traffic to pure web browsing, and Bittorrent is still a big contributor in Europe to upstream traffic (which usually tracks where Netflix is popular).
Netflix has grown substantially in 2016 due to it’s worldwide expansion, and both Amazon Prime and Twitch had major jumps in contribution in 2016. SSL continues to grow fast as encryption becomes more widespread. Filesharing traffic is still growing (as seen in the European traffic trends), but far slower than other traffic types.
When we talk about encryption, we really refer to different kind of transport techniques that ensures privacy in the communication. Let’s see one by one.
Obfuscation: The main purpose is to hide the traffic send, many times, like in the case of Tor, anonymizing the sender. Their main purpose is to not being detected. Using Tor gives worst performance. Other obfuscated services are Viber and Bitorrent.
- Proxies: They are intermediate devices to access web content. For the web server the originator of the request is the proxy server, not the local computer.
In the figure ProxyServer app, Opera turbo
Encryption: We talk about keeping the payload private. There are different mechanisms:
VPN: It tunnels the traffic in an extra layer towards a VPN server, but information is keept private. You usually have to pay for it. In the figure openVPN Connect app
QUIC Crypto (over UDP), TLS (over TCP) are protocols which implementation is open and well described, that use certificates to keep the connection secured.
If you remember from a previous presentation, this is the forecast we did in early 2016 about how encryption will evolve.
In our current state, number 1, the prediction was that during 2017 we were going to see the introduction of TLS 1.3. How is this prediction going?
TLS is not new. First TLS 1.0 RFC came in 1999 (SSL 3.0 was the original name, owned by Netscape). TLS 1.1 standard released in 2006 and TLS 1.2 was released in 2008. TLS 1.3 is still a draft. DNS over HTTPS is being under development by Google: https://developers.google.com/speed/public-dns/docs/dns-over-https
If we move forward to the next slide, here we have a graph with the last bundles updates and additions.
What is a signature? A Signatures is a service or application (from all supported devices), some of them split into different kind of traffic (for example control and data, or regular traffic and VoIP.
What I would like you to highlight when you meet our customers one of our strengths compared with the competitors is not only the total amount of applications we support, but also the average number of updates we have.
Number of signatures in last bundle available in http://sigdev.int.prnw.net/frontpage/
Real-Time Endpoint Classification: Currently we can retrieve the mapping hostname-IP address using lookup on URL or SNI. Instead, we will use a Endpoint Database will give us the mapping service-IP address that won’t be possible when TLS 1-3 with 0-RTT is deployed.
Bin code detectors in signature bundle: this will provide more rich detection capabilities, beyond pure signatures, available each week, without the need of waiting for a full software upgrade. Including in the RAHE is the Evolving Flow Behavior Analysis for encrypted apps. This means more metrics to improve detection. Procera has used XFB, aka behavioral classification, for over 10 years (Active, Asymmetric, Beginning, Initial flag, Bulky, CBR Streaming, Client is Local, Download, Established, Flowsynced, Inbound, Initial, Interactive, Outbound, Pseudo , Random, Server is Local, Streaming, Unidirectional, Untracked, and VoIP-like are existing behavior flags) Extended to cover encrypted VoIP and Encrypted Video detection.
Device detection: Possibility of extract the device from encrypted traffic
Over 30 solutions and 150 use cases
Over 30 solutions and 150 use cases
But they don’t’ get there by just buying a few boxes form us. It’s a large operation, they need additional Infrastructure such as an Hadoop Data lake, mediation systems, campaign management platforms for taking action, and machine learning technologies in order to analyze the data.
You need people with specific skills, who are intelligence and high educated and also understand your business. These don’t exist (enough), Dr. Bob admitted they with in tight teams for this purpose so people complement each other – and a lot of time is spend on training. Understanding the data, researching algorithms and skilling up on Tools.
Procera is a Subscriber, Service, and Network Intelligence software provider for network operators, with over 360M subscribers across more than 60 Tier 1 operators in 88 countries worldwide. Our customers include some of the largest and most prestigious and innovative operators in the world – Softbank in Japan, British Telecom, and Boingo Wireless t oname a few. Our solutions are based on Deep Packet Inspection, and provide real-time visibility into100% of the traffic flowing through broadband networks – regardless of the access type and at any volume of traffic. We decorate the application data with a wealth of subscriber attributes, including location, service plan, network quality, and many more. Our Headquarters is in Silicon Valley in the US, but we have engineering locations in Sweden and Canada, and regional offices in Japan, Malaysia, and Dubai. Procera employs ~219 employees worldwide, with 37% of our headcount in sales and marketing, and 32% in R&D.