Q

Application performance management should include packet capture

Expert Jesse Rothstein explains the importance and challenges of packet capture abilities in application performance management (APM) solutions.

Why should application performance management (APM) solutions include packet capture abilities?

Do you have a question for Jesse?

Submit your question directly to our editors at editor@searchnetworking.com

Packet capture is a critical part of any application performance management solution because it provides a definitive record of application and user activity. As network engineers are fond of saying, “Packets don’t lie.”

The challenge is that traditional packet capture requires network teams to guess which packets to capture and when to do so. The alternative is to perform continuous packet capture, which is increasingly expensive and cumbersome as the amount of network traffic grows. When networks ran at 10 Mbps, traditional packet capture worked fairly well. Today, a fully saturated 10 Gbps network link can fill 100 TB worth of packet data in 24 hours. This approach may still be required for forensics and compliance purposes, but it is not suitable for real-time troubleshooting.

Read more of Jesse's advice

What IT organizations benefit from application performance management?

The benefits of non-agent-based application performance management tools

How application performance management aids network health

New techniques for performing packet capture eliminate the need for guesswork and expensive storage. By reconstructing application flows and analyzing transactions in real-time, network-based APM solutions can precisely capture the packets of interest according to a policy-driven rules engine -- essentially giving IT organizations an "instant replay" capability. If the traditional packet capture method is like searching for a needle in a haystack, the new method of packet capture is like using a magnet to extract the needle from the haystack.

Packet capture is essential to APM solutions because it allows companies to identify and solve difficult problems, but the choice of which approach to take really depends on the industry and needs of each company. Generally speaking, the faster and easier it is to find the relevant packet capture the better.

This was first published in December 2012

Dig deeper on Network Performance Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close