Sniffer Analysis to Get More Acute

By Paula Musich  |  Posted 2004-05-17 Print this article Print

Network General aims to advance the popular product line's analytic perspective after its sale by Network Associates.

Network General plans to re-emerge this summer with a significant refresh of the popular Sniffer product line and a new focus on managing application workflows across enterprise networks.

Network General Corp., which will be officially spun off from Network Associates Inc. in July, will embark this week on an 18-month product rollout designed to give enterprises a broader perspective on the network, helping them to pinpoint where packet analysis is required and alert users when applications deviate from normal behavior.

This broader view should help companies take fewer wasted steps in troubleshooting and bring Sniffer—which, according to NAI, has 200,000 system installations—into new areas, observers said.

"A strong percentage of our troubleshooting is how an application is responding on the network," said Distributed Sniffer user Patrick Bellor, network operations manager at Midwest Generation LLC, in Chicago. "Before, wed go through several steps to get the necessary data. We will see productivity gains there alone."

The product enhancements will begin this week with the launch of Appera Application Manager, an extension of Distributed Sniffer software that provides real-time, flow-based application traffic monitoring and analysis. The tool checks traffic flows over time, rather than just analyzing packets at a moment in time, the way Sniffer Expert does, said officials.

For insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog. Appera will include a Hyper Lock feature that lets users select the type of traffic to investigate. Other analysis functions adapt to that selection, officials said. Hyper Locks can be created for applications for real-time monitoring. Appera can discover a range of well-known applications from vendors such as Siebel Systems Inc., SAP AG, PeopleSoft Inc. and Oracle Corp., and users can define and identify homegrown applications by TCP/UDP (User Datagram Protocol) port ranges or IP addresses.

In addition to Appera, all elements of the Distributed Sniffer line will be updated in release 4.5 to support Appera functionality. Those include new releases of NPO Manager and the MultiTrace component of NPO Manager, NPO Visualizer, Sniffer Voice and more.

For example, NPO Managers MultiTrace 3.0, which provides multisegment flow analysis, will add the ability to analyze traffic flows across multitier Web application infrastructures and decode SSL (Secure Sockets Layer)-encrypted traffic for analysis.

eWEEKs Cameron Sturdevant says Network General needs to bring Sniffer up to snuff for it to make a comeback. Click here to read more. The "grand old man of network troubleshooting tools" should compete well with its peers, as long as Network General makes it clear its not an applications performance management competitor to the likes of BMC [Software Inc.], said Debra Curtis, an analyst at Gartner Inc., in Amherst, N.H.

"They will clearly compete with other network protocol analyzers and with the network performance monitoring tools like NetScout [Systems Inc.]s NGenius," Curtis said. "This will stretch into some application profiling tools like Opnet [Technology Inc.]s tool that uses Sniffer packet capture to profile applications traffic."

Last month, Network Associates, of Santa Clara, Calif., unveiled plans to sell Network General, its Sniffer Technologies group, to Silver Lake Partners and Texas Pacific Group for $275 million.

Check out eWEEK.coms Security Center at for security news, views and analysis. Be sure to add our security news feed to your RSS newsreader or My Yahoo page:  

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel