ExtraHop Brings Packet Capture into the Modern Era, Makes Traditional Tools Obsolete

November 8, 2012

Surgical Packet Capture Pinpoints Exact Source of Problems, Saving IT Organizations Massive Amounts of Time, Effort, and Cost


SEATTLE, WA — November 8, 2012 ExtraHop Networks, the leading provider of network-based application performance management (APM) solutions, today announced a new policy-based, precision packet-capture method that renders traditional packet-capture methods obsolete. With the new solution, IT operations teams can identify root causes of errors and suspicious activity much faster with a concise and relevant packet capture of the exact offending application flow, while avoiding the storage requirements, complex identification, and high costs that characterize legacy packet capture techniques.

"Packet capture is a tried-and-true method of analyzing the root cause of network and application issues," said Will Cappelli, Gartner Research Vice President. "However, traditional packet-capture tools are simply too cumbersome and expensive to handle the growing volume and speed of data center networks. For packet capture to remain a viable solution for IT operations, performance monitoring vendors need to enable a new, different approach that is more precise and intelligent."

Although traditional packet capture products that store multiple terabytes of data are sometimes required for compliance, this legacy approach should not be used for diagnostics for the following reasons:

  1. Burdensome guesswork and wait-and-see delays. Legacy packet captures rely on educated guesses of where to look. IT teams often must wait for the problem to occur again before they can capture the packets needed to pinpoint the problem.
  2. Excessive storage demands. The alternative is to constantly store all packets, and at rates such as 10Gbps, this approach will fill more than 100TB of storage in one day—an extremely expensive proposition.
  3. Inefficient and personnel-intensive analysis. If the correct traffic can be captured, skilled network engineers must spend hours if not days digging through gigabytes of data to find the problem.
The ExtraHop method of policy-based, precision packet capture is unique and made possible by the full-stream reassembly and high-speed, real-time processing of the ExtraHop system. With ExtraHop, IT Operations teams, for the first time, can surgically capture the right packets at the right time:

  1. Passive, real-time approach. The ExtraHop system passively processes application and network traffic in real-time, performing full-stream reassembly for millions of flows.
  2. Customizable for every environment with AI Triggers. Using Application Inspection Triggers (AI Triggers) technology, IT teams can set a policy for anomalous or suspicious events they would like to capture.
  3. Surgical precision for accurate analysis. When an event such as an application error, a malformed request, or suspicious file access occurs, ExtraHop automatically records the packets for the application and network flow that preceded and caused that event.
  4. Instant replay to save money and time. For the first time, IT operations teams have an exact replay of what caused a particular error or slowdown immediately after an event, saving considerable money and time.
"Finding a problem in a small packet capture is hard. Finding a problem in a large packet capture is like looking for a snowflake in an avalanche," said Jesse Rothstein, ExtraHop CEO. "Using Application Inspection Triggers and precision packet capture, IT teams can detect an event and go back in time to record just the packets that are of interest. Much like the flux capacitor, our packet buffer is what makes time travel possible, enabling ExtraHop to provide the operational intelligence that IT teams need to drive down costs, increase productivity, and keep services running smoothly."

To learn more about ExtraHop's new policy-based precision packet capture technology, please visit http://www.extrahop.com/products/features/packet-capture.

About ExtraHop Networks

ExtraHop Networks is the leading provider of network-based application performance management (APM) solutions. The ExtraHop Application Delivery Assurance system performs the fastest and deepest analysis in the industry, achieving real-time transaction monitoring at speeds up to a sustained 10Gbps in a single appliance and application-level visibility with no agents, configuration, or overhead. The ExtraHop system quickly auto-discovers and auto-classifies applications and devices, delivering immediate value out of the box. ExtraHop Networks provides award-winning solutions to companies across a wide range of industries, including ecommerce, communications, and financial services. The privately held company was founded in 2007 by Jesse Rothstein and Raja Mukerji, engineering veterans from F5 Networks and architects of the BIG-IP v9 product. Follow us on Twitter @ExtraHop. For more information, visit www.extrahop.com.

Press Contacts

Rachel Pepple

ExtraHop Networks