While other products only inspect L4 headers, the ExtraHop system performs full-stream reassembly. This advanced approach combines multiple packets into a stream and reconstructs traffic flows to analyze the payload from L2 to L7. This capability is unique to the ExtraHop system, providing IT teams with comprehensive transaction analysis including both network-level metrics and critical application-level details contained at L7. The ExtraHop system is purpose-built for production enterprise environments, supporting real-world traffic patterns such as IP fragments, out-of-order segments, and microbursts. When packet loss occurs on the monitoring link, the ExtraHop system resynchronizes and recovers.
Through full-stream reassembly, the ExtraHop system can read application wire protocols at the transaction level in real time. The ExtraHop system offers protocol modules for web applications, enterprise databases, network-attached storage (NAS) and storage-area networks (SANs), directory services, and industry-specific protocols for financial and telecommunications verticals. This specificity equips IT teams with the details needed to quickly discover the precursor or root cause of an issue, such as the specific URI included in a HTTP 500 Error or slow stored procedures in a database.
The new Application Inspection Triggers technology introduces a framework for real-time analysis based on scriptable event processing at the application-protocol level. Application Inspection Triggers provide the flexibility to perform sophisticated analysis and define additional metrics for specific environments without the overhead and deployment headaches of static configurations and agent-based technologies. With hundreds of customer use cases including HTTP client segregation, benign error exclusion, security-policy auditing, and multi-tier correlation, Application Inspection Triggers offer the flexibility needed to achieve visibility into even the most challenging environments.
ExtraHop helps both network and application teams navigate and pinpoint their most difficult performance issues by harnessing the wealth of data that flows through the network in a simple non-intrusive manner with incredible scale. At its core is a complete application-fluent engine with intuitive diagnostics that turn data into something meaningful and actionable.
- Erik Giesa,
VP of Product Management, F5 Networks