back caretBlog

Network Timeout, a free web service from ExtraHop Networks, leverages AWS

logo_awsIn case you haven't checked out Network Timeout yet, here's the scoop: NetworkTimeout.com is a community-driven effort that aims to improve access to network- and application-analysis solutions and build a broad technical knowledge base among IT professionals. Traditional network- and application-monitoring tools cost tens of thousands of dollars and are difficult to set-up, tune, and maintain. Network Timeout is free and enables IT professionals to easily troubleshoot their networks and applications using a sophisticated offline packet-analysis engine that can be shared with a community of experts.

In an effort to make this offering as ubiquitous and available as possible, we built it on top of Amazon Web Services (AWS).

The biggest technical challenge was adapting the technology in our real-time network appliance to work in the cloud. We built the ExtraHop system to run a single software instance on a single device, but we didn't want to spin up an EC2 instance for each analysis because of cost. Instead, we modified our code to enable multiple copies of our product to run side by side on the same server. We now can spin up additional EC2 instances when needed, enabling us to easily scale up (and down) as user demand changes.

Overall, our experience with AWS has been great. Here are some additional details of our set-up:

  • Users' packet captures are securely stored to S3 so they can re-run analysis on any of their previously uploaded packet captures
  • We have one director instance that serves up the NetworkTimeout.com homepage and the forums
  • The director instance proxies requests to the appropriate service instance when users are interacting with the ExtraHop product
  • We opted to run our own database and store the data on an EBS volume
  • The forum uses phpBB
  • We participated in an Amazon beta program to set-up reverse DNS on our elastic IP, which made it less likely for our registration emails to be marked as spam (even though we relay through another email server)
ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed