In the effort to tackle troubleshooting of complex, n-tier applications, the lines are blurring between niche packet analyzers and mainstream enterprise monitoring tools. As a result, customers with critical data at stake are finding more solutions with better integration of packet diagnostics and enterprise management, experts say.
At the intersection of this convergence trend are vendors such as NetScout Systems Inc., which is adding a new Flow Recorder option to its nGenius performance management suite. The nGenius Flow Recorder is a Linux-based appliance capable of capturing all packets flowing across specific network links and providing streamlined analysis.
The new tool provides a level of troubleshooting detail required by IT staffs that handle time-sensitive ordering or financial transactions, bank approvals, or stock transactions, according to NetScout officials in Westford, Mass.
"The two heritages are moving to a common middle ground. What NetScout is doing is integrating a requirement for detailed packet diagnostics into enterprise management," said Dennis Drogseth, an analyst at Enterprise Management Associates Inc., in Portsmouth, N.H.
Portable packet analyzer vendor Fluke Networks Inc., for example, recently created the OptiView distributed network analysis product family. At the same time, Network General Corp., with its well-known Sniffer portable packet analyzer, has put a lot of emphasis on an enterprisewide solution to compete with NetScout.
The worldwide market for performance and availability management software in 2003 was $2.3 billion, with complex, multitiered application management the fastest-growing segment of that market, according to analysts.
The nGenius Flow Recorder, in conjunction with NetScouts nGenius Probes, can connect to multiple switch ports or network links to record and store voice and data traffic across those links. The Flow Recorder exports copies of flows from the nGenius Probes to allow for faster analysis at the network and application layers.
The Flow Recorder can be placed in front of specific servers to provide application reconstruction and playback on server traffic. It can scan traffic using signature analysis, protocol semantic analysis or traffic pattern analysis to identify virus attacks or hacking attempts.
The appliance, available now, can store up to 2.4TB of trace file data and can attach to a SAN (storage area network) for additional capacity. Pricing starts at $35,000.