back caretBlog

NetOps Meets the 21st Century

ExtraHop's NetOps Bundle enables you to build a picture of your network by analyzing ExtraHop's wire data and flow data.

Network teams have traditionally focused on exonerating the network when people complain about application performance or VoIP call quality. Bandwidth utilization and network health metrics are among the metrics that these teams go to first. ExtraHop's new NetOps bundle consolidates key network metrics to give network engineers a starting-point for network analysis and troubleshooting, with the ability to drill into the Layer 7 application details that other teams need to fix problems on their side.

We've used our customer feedback to create the dashboards shown below, utilizing both NetFlow and wire data metrics to provide the network performance monitoring (NPM) that network operations teams are familiar with. In addition to visibility into the health and activity of your network, the ExtraHop platform also provides real-time TCP and application-level details that network operations teams need to understand how well applications are using the network. This elevates their role from packet pushers (no offense to Greg Ferro and Ethan Banks) to the "watchers on the wall" who can provide early warning and visibility for the rest of the IT realm.

Read on for more, or just watch the walkthrough video below.


Bundle Overview

Network Performance

The Performance dashboard in this bundle focuses on Layer 4 (TCP) data and Layer 2 and Layer 3 network-level metrics to reveal issues as they occur. For TCP, the dashboard includes high-level TCP connection information as well as critical indicators such as round trip time, retransmission timeouts (RTOs), and zero windows, which can be drilled into by device to pinpoint exactly where a problem is. The dashboard also includes overall network throughput, connections by client and server, and processing times by server and protocol.

It's worth explaining how ExtraHop derives these TCP metrics: the platform is performing full-stream reassembly, reconstructing the TCP state machines for each client and server on the network to fully understand the entire conversation between systems including Layer 2 through Layer 7 details.

NetOps Perf-TCP Click image to zoom

Network Activity

The Activity dashboard provides valuable insight into who is using the network and how, from flow interface utilization to top conversations and L7 protocol usage. You can easily determine if a router is at risk of dropping packets due to high utilization or check which devices and protocols are responsible for the most traffic volume. So if someone is running a storage backup during the middle of the day, you'll be able to identify that here and then drill down to see the details of the activity and exactly who is responsible.

NetOps Activity Click image to zoom


The VoIP dashboard makes use of ExtraHop's built-in Real-time Transport Protocol (RTP) and Session Initiation Protocol (SIP) metrics, as well as a custom trigger that tracks call state through SIP requests and responses. It displays both high-level and device-level details about common indicators of call quality issues, including MOS, drops, jitter, and out-of-order messages. In addition to these RTP metrics, the dashboard also includes details about successful calls, failed calls, currently ongoing calls, and call duration.

NetOps RTP Click image to zoom

NetOps Calls Click image to zoom

Ready to get started? If you're already an ExtraHop customer, you can downloaded it today from the bundle gallery.

ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed