Sergey Nivens - Fotolia

ExtraHop 6.0 adds new packet search to IT analytics platform

ExtraHop introduces a new IT analytics appliance that lets IT search and download packets associated with a particular transaction.

ExtraHop Networks is adding new firepower to its IT operations analytics platform, with a device that lets IT managers rapidly find and collect the individual packets that comprise a specific transaction.

ExtraHop 6.0, which is available now, introduces a new appliance, called Trace, which illuminates the specific details of each transaction in real-time -- including the user, device, type of packet and whether the packet was delivered as intended, according to Isaac Roybal, director of product marketing at Seattle-based ExtraHop.

"We're trying to exploit the value of packet capture data and then put that information into context," so IT analytics and operations teams can use it to gauge application performance, he said.

Trace works in conjunction with ExtraHop's existing Discover and Explore packet capture appliances. Discover provides real-time wire data analytics of all the data traversing across a network. Explore, which ExtraHop introduced late last year, gives customers a historical view of network data.

Trace lets IT analytics teams search and download the raw packets associated with a specific device, application or transaction record, providing additional visibility into network performance, Roybal said. It uses wire data -- instead of just log and agent data -- to gather the information. All of the packet capture data gathered by the Trace, Discover and Explore appliances is accessed through a single user interface.

Rapid diagnosis of performance problems for IT analytics

George Beech, a New York-based site reliability engineer at Stack Overflow, an online community for programmers to share knowledge, said the features within ExtraHop 6.0 allow him to diagnose issues within minutes, rather than the hours it formerly took.

"Packet capture is very important to us," he said. "Before, I'd see a problem and wish there were a way to find the packets in question to verify what was going on. What absolutely blew me away is how quickly we are now able to [capture] the packets we need. It took less than a minute to get the packet conversations we need."

Beech said cost savings associated with the rapid diagnosis of website problems will benefit Stack Overflow, which uses fewer than 30 servers to handle hundreds of millions of user requests per month.

"We have to make sure we are efficient -- from the network to the application -- so having that [packet review] capability is important," he said.

In addition to the introduction of Trace, other new features within ExtraHop 6.0 include support for the Secure Socket Shell protocol and better analysis of NetFlow traffic via the Internet Protocol Flow Information Export standard.

The Trace appliance, which is available now, can offer up real-time wire data analytics over a sustained rate of 10 Gbps. A virtual appliance -- suitable for cloud deployment -- is under development, ExtraHop said.

Next Steps

What you need from packet capture tools

Boosting visibility with packet capture

The biggest causes of network glitches

Dig Deeper on Network management and monitoring