Hidden in the packet streams that traverse enterprise networks are clues that can help networking professionals to optimize networks. The traditional approach to getting network visibility has been to capture all the packets and then try and figure out what it all means.
Application Performance Management vendor ExtraHop Network is now breaking the mold of that traditional approach with a policy based approach to packet capture and network visibility.
Erik Giesa, Senior VP of Marketing at ExtraHop told EnterpriseNetworkingPlanetthat the traditional approach to packet capture produces a lot of data and a lot of noise. The ExtraHop approach is an attempt to be more targeted and specific.
“We have created a dynamic ring buffer that in essence can replay traffic,” Giesa said. “So all the traffic comes in and we store in the ring buffer continuously, the last one million packets.”
From a policy perspective, when an error occurs a targeted packet capture can be triggered to help figure out what went wrong. Giesa explained that when the error trigger occurs, the ExtraHop system goes back into the previous million packets to find the specific offending packets from the application flow that caused the error event.
“It’s like finding a snowflake in an avalanche,” Giesa said.