1 / 15

Applications everywhere

Практика применения системы аналитики поведения приложений ExtremeAnalytics в сети. Как простые данные могут ускорить решение проблем, повысить уровень безопасности и прозрачности сети. Applications everywhere. How users see applications:. How traditional switches see applications:. Port 80.

rjeff
Download Presentation

Applications everywhere

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Практика применения системы аналитики поведения приложений ExtremeAnalytics в сети. Как простые данные могут ускорить решение проблем, повысить уровень безопасности и прозрачности сети.

  2. Applications everywhere How users see applications: How traditional switches see applications: Port 80 Port 443

  3. Experience from our customers

  4. Business Analytics • Real time monitoring of business application licenses usage. • No one used specific VM for three weeks => why is the VM running. • Decommissioned email server was returned to the network by mistake. • On the customer event with 50 people, one lady streamed over 1.6GB per day.

  5. Security Analytics • Users were using printers as network share. • Pervasive L7 visibility in network as source to QradarSIEM. • User was tunnelling traffic out over the DNS port = not DNS protocol.

  6. Network troubleshooting • Detected wrong ISP routing config. Some subnets were routed to the customer router instead of being routed to the internet. • Customer blamed the bad WiFi and wanted to replace WiFi system. The WiFi was working fine, but the application was wrong designed = very high amount of transactions with small aggregation. • Configured to monitor the status of VPN service. (amount of data transferred).

  7. Network troubleshooting • Network and Application response times as key troubleshooting method of current issues. • Periodical long response times at storage showed issues with backups of PACS. • Virtualization groups were wrong configured = one backend server was migrated to different DC.

  8. Network troubleshooting • The server got to the state when CRL update consumed all uplink bandwidth (port 443). • Internet traffic at the customer demonstration event (over 50 people) was heavily impacted by slow DNS response times.

  9. How it works

  10. Architecture - components Management Center Sensor / switch / AP NetFlow FirstN Mirror Aggregated Flow Data Analytics Engine

  11. Network & Application Response Time Syn Network ResponseTime Drivers / OS Server Syn+Ack Client Ack request Application ResponseTime Application is involved response

  12. Demonstration

  13. ExtremeAnalytics in VM world NetFlow FirstN Mirror Mirroringto GRE Analytics Engine Ixia – TAP-VM

  14. The ExtremeAnalytics Difference • Contextual information beyond the application • user, role, location, time, device & more • Application and network performance tracking • Open & customizable fingerprints • Over 13,000 fingerprints for over 7,000 applications • Pervasive across the entire network infrastructure • Port independent application decoding – true DPI at scale • Single architecture for edge, distribution, core, data center, perimeter • Tbit/s speeds with no switch performance impact with scalability to millions of flows

  15. Спасибо

More Related