Network visibility, whether it's for the purposes of detecting threats or troubleshooting performance issues, has been an elusive goal for IT teams. Increasingly complex infrastructures, ephemeral cloud workloads, and the addition of encryption make network traffic visibility too cumbersome, too difficult, or both.
In an honest, unbiased review, Senior Network Engineer Steve Bamford, and ExtraHop Reveal(x) user explained the challenge, "As we all know, with the increasing throughput of network infrastructure and the hybrid environment the ability to spend many (un)happy hours running packet captures on devices via [network] tap or aggregate solutions can sometimes be challenging and unfruitful."
Time-Saving User Interface
While many organizations struggle with the challenge outlined by Bamford, he has found a solution, saying, "by utilizing a solution such as Extrahop, which not only has the capabilities to gather this data in real time and present it in an easy-to-consume fashion, without a doubt has saved me days of troubleshooting."
For Bamford, reducing mean-time-to-respond for network performance was the primary goal for adopting ExtraHop Reveal(x). The result was a dramatic reduction in mean-time-to-resolution—from days or weeks to mere hours. "The solution itself is one that is simple to deploy and easy to navigate with an intuitive user interface, meaning we can very quickly demonstrate issues or the lack of between services in a matter of minutes." Bamford achieves this in part, by using custom dashboards in Reveal(x), which allows him to create device groups for data analysis, getting a better picture of network performance.
Data Sharing Across Teams
A 2022 survey found that 43% of IT and security leaders in the U.S. and Europe reported that lack of cooperation between network, security, and cloud departments is a top challenge. To boost team cooperation, Bamford reports that data from Reveal(x) is shared among network engineers and beyond which enables the necessary experts to "review the data in an easy-to-consume manner, or at the very least take those dashboards and share them quickly and efficiently to those who need them."
While his use of Reveal(x) is performance-focused, he also sees the value that Reveal(x) provides security teams: "In terms of security, it is an incredibly powerful tool in relation to network detection and response (NDR), but it was not our focus." He does, however, share relevant data to help secure his organization, adding that "the information that it does supply has enabled me to identify some areas of concern and highlight them to appropriate teams."
For a deeper dive into Bamford's experience with the deployment process, support overhead, and experience with ExtraHop Customer Success, you can read Bamford’s full review on LinkedIn.