Network General Automates Troubleshooting

The makers of Sniffer offer a Network Intelligence Suite that combines reporting with performance monitoring.

Network General, in conjunction with its 20th anniversary celebration, is preparing to launch new products and an architecture at Interop on Sept. 18 in an effort to prove that its Sniffer platform has been updated for todays IT challenges.

Network General, with its new Network Intelligence Suite and Network Intelligence Architecture, hopes to move out of the trenches as a tool supplier for the network engineer looking to troubleshoot thorny packet-level problems, and into the IT executive suite.

"Performance data remains fragmented across the different departmental silos in IT. I was in a meeting where I saw different directors—the applications, network operations and infrastructure guys—all get on the phone to talk about what they could see. Visibility is still nonexistent," said Rick Fitz, vice president of product management at Network General, in San Jose, Calif.

The new Network Intelligence Suite combines Network Generals Visualizer dashboard and reporting software with the NetVigil integrated performance, fault and business service monitoring technology the company acquired earlier in 2006 with Fidelia.

The integration of the two allows network flow information to be correlated with event data related to a specific grouping of infrastructure elements that support an individual business service. It combines detailed drill-down capability with high-level business services affected by a performance problem.

/zimages/3/28571.gifTo read more about Network Generals Fidelia acquisition, click here.

For example, if a router notifies a technician of a threshold violation, such as CPU utilization at 100 percent, the combination allows the technician to "drill down into the threshold violation itself to see if it happened before, then look at the flow traffic going over the router to see what applications are traversing the router. If he sees Oracle traffic consuming 80 percent of the bandwidth, he can find the client/server pair causing that spike. You get that level of insight into whats occurring over that router," Fitz said.

At least one long-time Sniffer user was encouraged by the potential labor savings promised by the new offerings. "In the lean environment were in, any type of automation in troubleshooting and reporting is imperative and invaluable," said John Vogt-Nilsen, director of Information Services at Orbital Sciences, in Chandler, Ariz.

Although the proof of the suites value will be in actual deployments, Network General appears to be making all the right moves, said industry analyst Dennis Drogseth at Enterprise Management Associates, in Portsmouth, N.H.

"The flow-based and packet insight is becoming more, not less relevant. They needed to get up into a more advanced plain," he said.

The suite, which leverages the NetVigil business container technology, which stores the relationship of the components that make up a business service, provides the foundation for a planned series of more focused Business Forensics applications. The first to debut is the VOIP Forensics offering, which provides real-time monitoring of voice-over-IP performance, reporting on performance metrics and giving alarms for VOIP metrics. It leverages Sniffer Voice Experts and decodes to provide troubleshooting of VOIP problems.

/zimages/3/28571.gifClick here to read more about Network Generals moves to beef up the Sniffer architecture.

"With this offering we will provide the truth about VOIP through preconfigured [Management Information Bases] focused on Ciscos Call Manager and IP SLA and do reporting for trends. You can drill into instrumentation to get information on whats flowing over those devices," Fitz said.

VOIP Forensics is the first of several planned pre-configured applications to be delivered through the NetVigil Business Container technology. Others planned include Application Performance Forensics, Virtualized Environment Forensics, Service Level Reporting Forensics and Troubleshooting Forensics.

Beyond its near-term products, due Sept. 22, Network General also intends to open its technology architecture to provide customers, partners and third-party developers with access to the IT metrics it gathers, classifies, indexes and aggregates, the company said.

As a part of its NetworkDNA architecture, Network General will release its PMDB (performance management database), which officials characterized as a single source of truth about the network.

"Its a repository of key performance metrics that we will expose to the outside world so customers or ISVs or partners can use it to build applications," Fitz said.

The database, which Network General will deliver over the next 12 months, will also provide performance-oriented data that can be referenced by a configuration management database. Rather than be a database of raw instrumentation data, the PMDB will act as a "metadata store of contextual information about the health of a given [set of] business services," Fitz said. "We believe it can be referenced and used to create new value in IT."

It will gather instrumentation data from a range of sources, including third-party probes, Network General probes, Netflow data from network switches and Sflow data from routers. That data will be classified, aggregated, indexed and stored.

"It is business intelligence for the net," CEO Bill Gibson said. "The analytics we developed in InfiniStream and Visualizer enrich the data. Its how the data is correlated, cross-tabbed and archived, such that you can ask questions of the data and get answers," he said.

Gibson envisions ISVs using the PMDB to certify the performance of their applications in real-world environments. "The PMDB can be a central clearinghouse of data from any probe, and application writers can extract data on their application through our PMDB. We think the application developer will want to certify the performance of his application on the network. Its like a Good Housekeeping seal of approval for his application," he said.

Toward that end, Network General will open up application program interfaces to OEMs, and to VARs and distributors that want to create custom applications that exploit the analytics.

Whether Network General will succeed in attracting those developers is an open question. "To what degree they can create a whole developer ecosystem around that is unclear. Its a good objective and a plausible thing they could do," Drogseth said.

Long time user Vogt-Nilsen is more confident. "Anybody can provide an aggregate database. As long as they can work with the raw data and provide intelligence in their new product lines, theyll be a shoo-in," he said.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.