Why should application performance management (APM) solutions include packet capture abilities?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Do you have a question for Jesse?
Submit your question directly to our editors at firstname.lastname@example.org
Packet capture is a critical part of any application performance management solution because it provides a definitive record of application and user activity. As network engineers are fond of saying, “Packets don’t lie.”
The challenge is that traditional packet capture requires network teams to guess which packets to capture and when to do so. The alternative is to perform continuous packet capture, which is increasingly expensive and cumbersome as the amount of network traffic grows. When networks ran at 10 Mbps, traditional packet capture worked fairly well. Today, a fully saturated 10 Gbps network link can fill 100 TB worth of packet data in 24 hours. This approach may still be required for forensics and compliance purposes, but it is not suitable for real-time troubleshooting.
Read more of Jesse's advice
What IT organizations benefit from application performance management?
The benefits of non-agent-based application performance management tools
How application performance management aids network health
New techniques for performing packet capture eliminate the need for guesswork and expensive storage. By reconstructing application flows and analyzing transactions in real-time, network-based APM solutions can precisely capture the packets of interest according to a policy-driven rules engine -- essentially giving IT organizations an "instant replay" capability. If the traditional packet capture method is like searching for a needle in a haystack, the new method of packet capture is like using a magnet to extract the needle from the haystack.
Packet capture is essential to APM solutions because it allows companies to identify and solve difficult problems, but the choice of which approach to take really depends on the industry and needs of each company. Generally speaking, the faster and easier it is to find the relevant packet capture the better.
Related Q&A from Jesse Rothstein
Network management expert Jesse Rothstein explains the concept of full-stream reassembly and why it's necessary for network performance monitoring.continue reading
Expert Jesse Rothstein says IT organizations accountable for the uptime and performance of core applications can benefit from application performance...continue reading
ExtraHop’s application performance management tools offer a simple and non-disruptive deployment on the systems being monitored, saving IT ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.