11.8.12

ExtraHop Brings Packet Capture into the Modern Era, Makes Traditional Tools Obsolete

Surgical Packet Capture Pinpoints Exact Source of Problems, Saving IT Organizations Massive Amounts of Time, Effort, and Cost

 

SEATTLE, WA — November 8, 2012 ExtraHop Networks, the leading provider of network-based application performance management (APM) solutions, today announced a new policy-based, precision packet-capture method that renders traditional packet-capture methods obsolete. With the new solution, IT operations teams can identify root causes of errors and suspicious activity much faster with a concise and relevant packet capture of the exact offending application flow, while avoiding the storage requirements, complex identification, and high costs that characterize legacy packet capture techniques.

"Packet capture is a tried-and-true method of analyzing the root cause of network and application issues," said Will Cappelli, Gartner Research Vice President. "However, traditional packet-capture tools are simply too cumbersome and expensive to handle the growing volume and speed of data center networks. For packet capture to remain a viable solution for IT operations, performance monitoring vendors need to enable a new, different approach that is more precise and intelligent."

Although traditional packet capture products that store multiple terabytes of data are sometimes required for compliance, this legacy approach should not be used for diagnostics for the following reasons:

  1. Burdensome guesswork and wait-and-see delays. Legacy packet captures rely on educated guesses of where to look. IT teams often must wait for the problem to occur again before they can capture the packets needed to pinpoint the problem.
  2. Excessive storage demands. The alternative is to constantly store all packets, and at rates such as 10Gbps, this approach will fill more than 100TB of storage in one day—an extremely expensive proposition.
  3. Inefficient and personnel-intensive analysis. If the correct traffic can be captured, skilled network engineers must spend hours if not days digging through gigabytes of data to find the problem.
The ExtraHop method of policy-based, precision packet capture is unique and made possible by the full-stream reassembly and high-speed, real-time processing of the ExtraHop system. With ExtraHop, IT Operations teams, for the first time, can surgically capture the right packets at the right time:
  1. Passive, real-time approach. The ExtraHop system passively processes application and network traffic in real-time, performing full-stream reassembly for millions of flows.
  2. Customizable for every environment with AI Triggers. Using Application Inspection Triggers (AI Triggers) technology, IT teams can set a policy for anomalous or suspicious events they would like to capture.
  3. Surgical precision for accurate analysis. When an event such as an application error, a malformed request, or suspicious file access occurs, ExtraHop automatically records the packets for the application and network flow that preceded and caused that event.
  4. Instant replay to save money and time. For the first time, IT operations teams have an exact replay of what caused a particular error or slowdown immediately after an event, saving considerable money and time.
"Finding a problem in a small packet capture is hard. Finding a problem in a large packet capture is like looking for a snowflake in an avalanche," said Jesse Rothstein, ExtraHop CEO. "Using Application Inspection Triggers and precision packet capture, IT teams can detect an event and go back in time to record just the packets that are of interest. Much like the flux capacitor, our packet buffer is what makes time travel possible, enabling ExtraHop to provide the operational intelligence that IT teams need to drive down costs, increase productivity, and keep services running smoothly."

To learn more about ExtraHop's new policy-based precision packet capture technology, please visit http://www.extrahop.com/products/features/packet-capture.

About ExtraHop

ExtraHop is the leading provider of cloud-native network detection and response for the hybrid enterprise. With complete visibility, real-time threat detections, and automated investigation powered by cloud-scale machine learning, ExtraHop enables security teams at leading enterprises including Credit Suisse, The Home Depot, Caesars Entertainment, and Liberty Global to rise above the noise of alerts, organizational silos, and runaway technology in order to accelerate investigations, unify policies across hybrid environments, and build their security the way they're building their business: cloud-first. To experience the power of ExtraHop, explore our interactive online demo or connect with us on LinkedIn and Twitter.

© 2019 ExtraHop Networks, Inc., Reveal(x), and ExtraHop are registered trademarks or marks of ExtraHop Networks, Inc.

Press Contact

Mentha Benek

ExtraHop Networks

206-787-8417

pr@extrahop.com