Today’s hybrid networks challenge complete network visibility. Traditional data centers, virtual machines, and the Cloud serve to obscure and leave networks vulnerable to operational inefficiency and security risks. The critical triad of tools for network visibility are: Packet Capture & Processing, Metadata Capture, and Streaming Analytics. These tools provide a holistic understanding of all the network activities of an organization, whether it is a communications service provider or enterprise, while retaining forensic evidence for performance or security investigations.
The most fundamental element of data capture is raw packet capture, providing the most complete source of understanding. Packet capture enables comprehensive forensic investigation with the ability to drill through layers 2 -- 7 of each packet. This data can be stored for examination and analysis to solve application/network performance issues and security breaches. Using physical or virtual TAPs to access this rich source of data, combined with the efforts of analysts armed with tools like Wireshark/Cirries PacketViewer gives a forensic view of network activity. The ability to pinpoint cause and trace the activity of bad actors is revealed in packet capture. This does not always meet the immediate need to address on-going issues and can extend MTTR of network failure or security breaches.
A more immediate solution to achieve faster discovery and resolution in real time is provided through metadata. Metadata can be generated from packets or collected from network elements in the form of NetFlow, IPFIX, SNMP or Syslog records and then fed into real time Streaming Analytics engines. Metadata has been used for years to provide network monitoring tools the necessary information data for Performance Monitoring, Security, Compliance and Business Analytics. Today one of the primary forces behind its rise in popularity is the ability to do real time streaming analysis on the network to identify a performance issue or security breach. Advancements in machine learning are now providing promise in the ability to predict performance issues or security breaches.
It is the combination of raw packet data and metadata that provides the value of real-time anomaly detection combined with the ability to view the payload and being able to identify the root cause of an issue. When used with a streaming analytics application that provides real time automated anomaly detection and response, network MTTR is reduced significantly. Cirries Technologies works with Garland Technology to empower networks for their full potential, letting Cirries Network Visibility Tools see every bit, byte, and packet.® Cirries PacketPoint, MetaPoint and PMC Streaming Analytics give networks the power of visibility put to action, enabling optimal network security, performance, compliance and analytics. Cirries Technologies provides near real-time visualization of the network with customized workflows to automate detection and response fueled by Garland Technology suite of products.
[Want to learn more about how Cirries Technologies partners with Garland Technology to provide complete network visibility to service providers and enterprises? Contact us to get a deeper dive into the joint solution.]