alex_aldo - Fotolia
Performance management vendor ExtraHop updated its platform to make it accessible to all parts of an IT organization. The company is also offering customers longer-term trending capabilities and more customization.
ExtraHop's platform collects and analyzes all data that crosses the wire, which means it has the potential to offer insight on any aspect of an IT organization's operations. With its 4.0 release, the company has revamped its user interface to make it easier for new users to create customized views and reports tailored to the technology they are responsible for managing.
"The data set that [ExtraHop has] -- wire data -- is all the data that flows over the network," said Bernd Harzog, CEO of APM Experts LLC. "It's the single most comprehensive set of data in the IT industry regarding what's going on in your environment. If you're a security person you can see your security events in that data. If you own a particular application, like a clinical application in a healthcare organization, you can see the performance of that application in that data."
With ExtraHop 4.0, users can create role-based views that can also be pivoted on time-based comparisons across the 2,500 metrics that the platform supports out of the box, said Erik Giesa, ExtraHop's senior vice president of marketing and business development. For the first time, users can look at real-time and past data within the same report for trending and analysis.
The company has also built a new searchable catalog of those metrics so that users can find data points that are relevant to their job function. For instance, a storage administrator can type "NAS" [network-attached storage] into the catalog search and find every metric related to that technology. Then the admin can put together a customized dashboard that can answer some simple questions.
"In the storage use case, what is the most frequently accessed file in my storage environment today compared to yesterday?" Giesa said. "Do I see any anomalies? What are the best and worst performing storage systems today versus a month ago?"
"If you're an engineer and you understand how [ExtraHop's] product works in a level of detail, you've always been able to get these insights," Harzog said. "Now they've surfaced this up so if you are a security person, here are the security insights. They've made it easy and obvious for customers."
ExtraHop 4.0 connects to external storage for long-term trending
ExtraHop's all-in-one appliances have always been able to store a minimum of 30 days of wire data for forensics and trending, Giesa said. With ExtraHop 4.0, the company will allow engineers to store excess data on their own storage arrays for longer-term analytics.
"Thirty days [wasn't sufficient] for customers who want to use this for security forensics or base-lining or for new data center rollouts and trending for long periods of time," Giesa said.
When connected to external storage, ExtraHop will keep only the newest data on the appliance. The appliance is engineered to pull data from external storage without any end user involvement.
"When doing time-based comparisons you don't have to tell the user interface where to get the data. If I want to see today versus 12 months ago, ExtraHop will know to get today's data from the local appliance and the 12-months-ago data from your storage," Giesa said.
More customization, ingestion of third-party data in ExtraHop 4.0
Whether homegrown or commercial, when a new application hits an engineer's network, he or she has to wait for ExtraHop to add support for it before the platform can track it. With ExtraHop 4.0, that's no longer the case. The company added Universal Payload Analysis, a feature which can decode and extract data from any TCP- or UDP-based application. Now, if a bank has a proprietary protocol for financial trading, the engineer can add support himself with a little customization. This feature also allows ExtraHop channel partners to do that work if customers don't have the requisite skills.
Finally, ExtraHop introduced an Open Data Context API, which allows engineers to point third-party data feeds into the ExtraHop platform, Giesa said. For instance, a user can tell the Active Directory server to feed data into ExtraHop so that the performance management platform can correlate activity to user IDs, he said.
"What [ExtraHop] customers need at the end of the day is to solve end-to-end problems," Harzog said. "Often something is not working right and it's affecting users and applications and right now the data to solve these problems is scattered across hundreds of different databases and hundreds of tools. Now you have the data together. If you had an Active Directory problem that caused a slowdown, now it's in the same place [as your performance management analytics]."
ExtraHop recently allowed users to send its analytics stream to big data stores
Our expert Glen Kemp guides you through the common culprits of application performance problems