ExtraHop has released its first packet capture-based monitoring appliance that can offer up real-time wire data analytics over a sustained rate of 40 Gbps, up from the traditional transaction rate of 10 Gbps.
Many enterprises have already deployed 10 Gb Ethernet (GbE) switches within the data center, with large, rapidly growing enterprises using 40 GbE switches to address increasing data requirements. However, packet capture-based monitoring technologies can't scale to capture the sheer amount of increasingly complex traffic at rates higher than 10 Gbps.
The EH9100 appliance can capture wire data analytics at a sustained 40 Gbps in real-time, approximately 422 terabytes of data per day. The platform also provides SSL traffic analysis at a decryption rate of 40 Gbps, said Jesse Rothstein, CEO of ExtraHop.
"The EH9100 allows enterprises to capture traffic at higher speeds out of the box, and [IT teams] can put the platform at a point in the network where [they] can see more traffic between applications," said Shamus McGillicuddy, analyst for Enterprise Management Associates.
After capturing 40 Gbps data streams, the EH9100 then structures packets into smaller data sets on a dashboard so IT teams can visualize the transactions and evaluate performance, availability and security in real-time using the ExtraHop real-time stream processor, Rothstein said.
"It's not just about having 40 GbE ports on the back of the [appliance] that 40 GbE connections can be plugged into, it's about being able to provide analytics with that 40 GbE worth of data," he said.
Challenges with wire data analytics at faster speeds
Network monitoring at sustained rates of 40 Gbps is challenging because the higher the throughput rate, the harder it is for IT teams to diagnose network issues. Packets often slip through the cracks. To gain viability into 40 GbE links, enterprises have had to purchase and deploy four separate 10 GbE appliances and load balance 40 GbE flows over the four boxes to achieve wire data analysis over 10 Gbps, McGillicuddy said.
The EH9100 appliance scales up to 40 Gbps in a single appliance, which saves enterprises money and allows for server-to-server or east-west traffic to be captured more easily, he said.
For enterprises limited to monitoring tools at 10 Gbps, traffic is captured at the data center ingress or egress, or at strategic points in which the most traffic could be captured. But for 40 Gbps monitoring tools, location doesn't matter, McGillicuddy said.
"40Gbps is where almost all the traffic is going east to west, so it will be in the middle of everything and be able to capture everything," he said.
ExtraHop updates provides wire data analytics to all IT job functions
SaaS provider relies on ExtraHop for application performance management
ExtraHop connects big data to IT operations