Tune Up Your Network for the New Year


Published on

Watch the full OnDemand Webcast: http://bit.ly/tuneupnetwork
It’s time to make good on that new year’s resolution. Admit it, in a moment of weakness as the clock hit midnight you resolved to dig in and tune up your corporate network in the new year. Well, the new year is already passing quickly by, so if you haven’t yet made good on that resolution, here is your chance. In these slides from our web seminar, we return to the basics – overall network evaluation, baseline measurements and comparisons, typical yet troublesome network issues, sharing bandwidth in the presence of time-sensitive applications, security, and overall network monitoring and reporting, just to name a few. We focus on practical issues and practical methods for improving the overall health of your network.

In these slides, we will cover:

- Critical elements to consider when evaluating your network
- Common pitfalls and how to avoid them
- Developing and using network baselines
- Optimizing network usage in the presence of competing applications and protocols
- Monitoring and reporting on your well-tuned network

What you will learn:

1. How and where to find the data you need
2. How to automate network monitoring and analysis to ensure the success of your tune up
3. How to quickly diagnose problems when things go wrong

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • NetFlowNetFlow is a network protocol developed by CiscoProprietary protocol that runs on Cisco IOSNetFlow accounts for all traffic going in and out of the routerTransit trafficTraffic destined for the routerEach NetFlow record contains a wide variety of information about the flowNetFlow never includes the payloads Sampled NetFlow can be configured for use on busy networks – not 100% accurateIPFIXInternet Protocol Flow Information eXchangeAn emerging, IETF (standard) version of NetFlowBased on NetFlow v9Predicted to rapidly become the industry standardsFlowA standard (RFC 3176), sampling-based mechanism to capture network traffic dataApplicable to higher speed networks (gigabit speeds or greater)An sFlow agent compiles flow recordsFlow records are based on Statistical packet-based samplingTime-based sampling of interface countersStatistically based – not 100% accurateJflowSimilar functionality to NetFlow but provided by JuniperData sampled at a globally configured rateStatistically based – not 100% accurateOmniFlowWildPackets proprietary flow analysis and recording mechanismAnalysis of each and every packetNot statistical – 100% accurateSignificantly exceeds the flow records from other mechanismsProvides detailed flow analysis above Layer 3VoIP/VideoApdexCorrelated event analysisCorrelated to packets for instant troubleshooting using deep packet inspection – a complete solution
  • Tune Up Your Network for the New Year

    1. 1. Tune Up Your Network <br />For The New Year<br />Jay Botelho<br />Director of Product Management<br />WildPackets<br />jbotelho@wildpackets.com<br />
    2. 2. Agenda<br />What to consider<br />Resolve to develop baselines<br />Common pitfalls<br />The network battlefield<br />Monitoring for life<br />Troubleshooting as a last resort<br />Company overview<br />Product line overview<br />
    3. 3. What To Consider<br />
    4. 4. Know Your Network<br />Traffic levels per segment<br />Mbps? <br />Packets per second?<br />Packet size distribution?<br />Traffic types per segment<br />Data?<br />VoIP?<br />Video?<br />Baselines<br />Establish and re-establish<br />Use automated analysis to identify anomalies<br />
    5. 5. Statistics vs. Packets<br />
    6. 6. Not All Flows Are Created Equal<br />
    7. 7. It’s All In The Packets<br />Packets contain vitalinformation not detected<br />by flow-based systems<br />
    8. 8. Choices and Comprises<br />Greater visibility<br />Monitoringand troubleshooting<br />Single solution<br />Integrated, cost-effective<br />Packet-based<br />Overhead?<br />Cost?<br />
    9. 9. Key VoIP/Video Issues<br />Packet<br /> Loss<br />Latency<br />Jitter<br />CAMP IT<br />Pinpointing the Problem<br />9<br />
    10. 10. Be Specific<br />Where to collect data?<br />Real-time or post-capture analysis? Everywhere?<br />What data to collect?<br />Am I getting all the data I expect?<br />
    11. 11. Resolve to Develop Baselines<br />
    12. 12. Network Dashboard<br />
    13. 13. VoIP Dashboard<br />
    14. 14. Application Dashboard<br />
    15. 15. A Bit More Precisely …<br />Application Response Time<br />
    16. 16. Archiving Your Results<br />Packets files<br />Formatted reports<br />
    17. 17. Common Pitfalls<br />
    18. 18. 5 Most Common Networking Problems<br />Cabling issues<br />Connectivity problems<br />Configuration<br />Hardware malfunctions<br />Excessive network collisions<br />Collisions are normal and expected<br />Early collisions – first 512 bits – recovery automatic (2 – 3 ms)<br />Late collisions – recovery 100x longer – eg. NIC stuck in TX mode<br />Software problem<br />DNS configuration<br />WINS configuration<br />Duplicate IP addresses<br />
    19. 19. The Network Battlefield<br />
    20. 20. Data Impacts on VoIP<br />
    21. 21. Network Traffic: Quantitative Analysis<br />Most network engineers are concerned about the amount of traffic on their networks<br />Utilization (percentage of bandwidth)<br />Throughput (bits or bytes per second)<br />You also need to be concerned about individual utilization components<br />How much bandwidth and throughput can be attributed to each application or process?<br />Clarifies which application traffic may need to be tuned or controlled<br />How well or poorly will the baseline (trended) behavior of each application interact with VoIP<br />Don’t forget to also consider the reverse case – VoIP’s impact on existing applications<br />
    22. 22. Key VoIP/Video Issues<br />Packet<br /> Loss<br />Latency<br />Jitter<br />CAMP IT<br />Pinpointing the Problem<br />22<br />
    23. 23. Network Traffic: Qualitative Analysis<br />The quality of your network traffic is potentially more important than its quantity when it comes to VoIP<br />Many traffic streams are “bursty” in nature<br />Burstiness my occur over long period of time, or may consist of rapid, recurring traffic spikes<br />Prolonged rises in utilization may decrease the number of calls that can occur simultaneously<br />Sharp spikes may cause very noticeable quality issues with ongoing calls<br />Your baseline monitoring should consider not only averages and long-term trends, but also the short-term peaks and dips that characterize your traffic flow<br />
    24. 24. Assessing the Monster's Impact<br />While traditional network applications are very tolerant of jitter, latency, and even some degree of packet loss, VoIP is very sensitive to these troubles<br />Levels of jitter, latency, and packet loss that would be easily tolerated on a data network can be devastating on a converged VoIP network<br />Pre- and post-deployment network assessments are critical<br />You must understand your network’s ability to accommodate VoIP<br />Current latency, jitter, and packet loss<br />QoS capabilities<br />Current bandwidth utilization (is there any room for VoIP)<br />You must maintain a constant vigil after deployment to watch for imminent troubles<br />
    25. 25. The Impact of "Just One More Call"<br />Although a network link may be able to support a number of concurrent calls, one additional call is often enough to cause quality problems…<br />1st Call<br />2nd Call<br />x2111<br />x1111<br />x2112<br />x1112<br />3rd Call<br />x2113<br />x1113<br />Example: The WAN can support 2 simultaneous calls. <br /> What happens when a third call is attempted???<br />Call #3 Causes Poor Quality for ALL Calls<br />
    26. 26. Monitoring For Life<br />
    27. 27. Changing Methods - Data Recorders<br />Servers<br />IDS/IPS System<br />Post-incident<br />Real-time<br />
    28. 28. Strategy for Monitoring 10G Ethernet<br />Which of the following apply to your strategy for monitoring 10G segments? (Select all that apply)<br />SOURCE:Benchmarking Network and Security Operations: Tools, Processes, and Enabling Technologies Study, 2009, Enterprise Management Associates. n=124<br />
    29. 29. 10Gig Network Analysis Workflow<br />Identify Key Analysis Pts<br />Deploy 24x7 Monitoring<br />Alarms/Alerts<br />At 10Gig – 24x7 Is Essential<br />Problem?<br />NO<br />YES<br />Rewind Data<br />Analyze<br />Tune if Necessary<br />
    30. 30. Troubleshooting As A Last Resort<br />
    31. 31. Network Recording,Real-Time Statistics, Forensics Search<br />Display TimeLine Graph during capture-to-disk<br />Utilization (Mbits/s)<br />Packets/s<br />unicast/multicast/broadcast<br />Packet sizes<br />VLAN/MPLS<br />Protocols<br />Company and Product Line Overview<br />
    32. 32. A Picture is Worth a 1000 Words<br />A graph of latency, jitter, or packet loss can speak volumes about network health, either for proactive or reactive troubleshooting<br />Overlaying this graph with a graph of utilization or total throughput can reveal even more about the causes of VoIP troubles<br />
    33. 33. Analyst’s Perspective<br />
    34. 34. Visual Expert Provides Proof<br />Two requests for data, two quick TCP Acks, but then a long delay before the server sends the requested data<br />ACK fast = Network fast<br />Then the Data gets returned much later<br />Requests and Acks<br />Data slow = System slow<br />
    35. 35. Company Overview<br />
    36. 36. Corporate Background<br />Experts in network monitoring, analysis, and troubleshooting<br />Founded: 1990 / Headquarters: Walnut Creek, CA<br />Offices throughout the US, EMEA, and APAC<br />Our customers are leading edge organizations<br />Mid-market, and enterprise lines of business<br />Financial, manufacturing, ISPs, major federal agencies,state and local governments, and universities<br />Over 7,000 customers / 60+ countries / 80% of Fortune 1,000<br />Award-winning solutions that improve network performance<br />Internet Telephony, Network Magazine, Network Computing Awards<br />United States Patent 5,787,253 issued July 28, 1998<br />Different approach to maintaining availability of network services<br />
    37. 37. What We Do<br />Provide network visibility and intelligence …<br />WatchPoint, OmniPeek, OmniEngines<br />Expert systems – we find the problems for you<br />Superior drill-down capability – trouble-shoot from anywhere<br />Flexible, customizable, extensible – leverage your investment<br />Professional services, training, best practices<br />For all network segments …<br />Data center to desktop to remote office<br />LAN, WAN, Wireless …<br />HTTP, Email, Database, VoIP, Video …<br />To …<br />Network engineers; IT Management; Developers<br />
    38. 38. Real-World Deployments<br />Education<br />Financial<br />Government<br />Health Care / Retail<br />Telecom<br />Technology<br />
    39. 39. With accurate visibilityinto the network…IT staff can improve:<br />End-user Productivity<br />Network Performance<br />Application Performance<br />Security<br />Compliance<br />
    40. 40. Product Line Overview<br />
    41. 41. Product OfferingsSoftware and Turnkey Appliances<br />Enterprise Monitoring and Reporting<br />WatchPoint Server<br />OmniFlow, NetFlow, and sFlow Collectors<br />Network Probes & Recorders<br />Omnipliance Network Recorders – Edge, Core<br />TimeLine Network Recorder<br />OmniAdapter Analysis Cards<br />Distributed Analysis Software<br />OmniPeek – Enterprise, Professional, Basic, Connect<br />OmniEngine – Enterprise, Desktop, OmniVirtual<br />Portable Solutions<br />OmniPeek software<br />Omnipliance Portable<br />
    42. 42. WatchPointCentralized Monitoring for Distributed Enterprise Networks<br />High-level, aggregated view of all network segments<br />Monitor per campus, per region, per country<br /> Wide range of network data<br />NetFlow, sFlow, OmniFlow, SNMP<br />Web-based, customizable network dashboards<br />Flexible and detailed reports<br />
    43. 43.
    44. 44. Omnipliance Network Recorders<br />Captures and analyzes all network traffic at the source 24x7<br />Runs our OmniEngine intelligent probe software<br />Generates vital statistics on network and application performance<br />Intuitive root-cause analysis of performance bottlenecks<br />Intelligent data transport<br />Network data analyzed locally<br />Detailed analysis passed to OmniPeek on demand<br />Summary statistics sent to WatchPoint for long term trending and reporting<br />Efficient use of network bandwidth<br />Expert analysis speeds problem resolution<br />Fault analysis, statistical analysis, and independent notification<br />Multiple Issue Digital Forensics<br />Real-time and post capture data mining for compliance and troubleshooting<br />
    45. 45. TimeLine Network Recorder11.7Gbps Sustained Capture<br />Fastest network recording and real-time statistical display — simultaneously<br />Network statistics display in TimeLine visualization format<br />Rapid, intuitive forensics search and retrieval<br />Historical network traffic analysis and quick data rewinding<br />Several pre-defined forensics search templates making searches easy and fast<br />A natural extension to the WildPackets product line<br />Turnkey bundled solution<br />
    46. 46. Omnipliance Network RecordersPrice/performance solutions for every application<br />
    47. 47. OmniPeek Network Analyzer<br />OmniEngine Manager<br />Connect and configure distributed OmniEngines/Omnipliances<br />Comprehensive dashboards present network traffic in real-time<br />Vital statistics and graphs display trends on network and application performance<br />Visual peer-map shows conversations and protocols<br />Intuitive drill-down for root-cause analysis of performance bottlenecks<br />Visual Expert diagnosis speeds problem resolution<br />Packet and Payload visualizers provide business-centric views<br />Automated analytics and problem detection 24/7<br />Easily create filters, triggers, scripting, advanced alarms and alerts<br />
    48. 48. Key Differentiators<br />High-level network monitoring to root-cause analysis<br />Single solution for today’s converged networks<br />Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV<br />Reduce and even eliminate network downtime<br />Automated monitoring 24x7<br />Speedy resolution of network bottlenecks<br />Improve network and application performance<br />Uniquely Extensible Platform – tailored to your needs<br />Plug-ins and APIs for integration and customization<br />
    49. 49. Thank You!<br />WildPackets, Inc.1340 Treat Boulevard, Suite 500Walnut Creek, CA 94597(925) 937-3200<br />