IT Operations AnalyticsEnterprise Packet Capture

“The Packet Don’t Lie”

Corvil Enterprise Packet Capture

A distributed network packet capture solution that delivers fast, intuitive access to packet captures for use by global network operations and engineering teams.

NPC Solution Demo

 

Outcomes

  • Reduce MTTR for complex problems by providing easy access to packet captures across multiple teams
  • Central, one-click access to distributed packet captures
  • No training required - industry standard packet capture export and filtering language delivered in an intuitive browser based GUI
  • Cost effective packet capture on remote network segments for uses such as VoIP replay, troubleshooting network issues
  • 100% investment protections, packet capture device upgradeable to real-time IT operational analytics

“The reduction in support man hours consumed in low level packet capture analysis is equivalent to 10 to 20 hours per week."

Problem Overview

“The Packet don’t lie” is a phrase you will hear from many teams. The challenge is guaranteeing access to packets at critical junctions in the IT infrastructure while balancing costs and requirements across teams.

Packets can generate huge volumes of data and extraction of the packets of interest must be quick. The filter and extraction of packets must be easy and intuitive from day one to achieve reduced MTTR’s so your packet capture solutions must guarantee no dropped packets for advertised rates.

Challenges

  • The desire is to deploy packet capture in every location possible but the cost of packet capture is difficult to justify
  • Packet capture solutions are perceived as a siloed solutions that offer no other value

“Analysis offered by packet-based technology is packet-timing-based, allowing vendors to identify sources of delay, measure user response time and ultimately pinpoint the root cause of performance problems.”

Magic Quadrant for Network Performance Monitoring and Diagnostics

Solution Overview

The Corvil enterprise packet capture solution is a fully distributed architecture that scales linearly as the packet capture deployment grows. A single point of access is provided for the filtering and extraction of packets from any device globally. The platform offers deployment options ranging in storage from 3 TB’s to 100’s of TB’s of effective capture storage on a single device. This delivers a single packet data system containing potentially petabytes of packets that can be queried from a single interface.

Features

  • Immediate access to global captures from a single UI with one click export to download pcap to your desktop
  • Drilldown, explore, filter and visualize packets within the Corvil UI before choosing a subset for export
  • Intuitive UI access to global packets using generally familiar query and filter syntax (ex: tshark, BPF)
  • Support for all leading network packet brokers port tagging and time-stamping capabilities
  • Programmatic API for packet capture filtering and export
  • Easy software upgrade path to full IT Operational Analytics
  • Streaming compression of all packets to maximize disk capacity and historical access to packets

Central Management

  • One click access to global network packet capture
  • Delivers petabytes of capture storage globally
  • Manage software updates and physical appliances

Distributed, Scalable Capture

  • Solution scales linearly with each capture appliance added
  • From 3TB to 100’s of TB in a single appliance
  • Cost effect options for a range of sites and capture requirements
  • Class leading capture rates

Intuitive Packet Extraction

  • No training required – familiar filter and query language
  • Visualize, filter and explore packets in-situ server side before extraction to client

Network Capture Analytics

TCP Metrics

TCP metrics calculated per flow including zero window size, resets, terminated flows, concurrent connections.

DPI Application Recognition

Automatically detect and report applications per flow using deep packet application signature engine.

Microburst

Report the true bandwidth utilization of flows or groups of flows.

Top Conversations

Visualize top conversations based on any query.

Bandwidth Utilization

Show average packet rate and bitrate for any query.

Filter and Visualize

Query the packets by traffic subnets, ports, TOS bits, application and TCP flag and report all analytics.

Filter and Zoom

Apply traffic and quality filters, zoom down to any arbitrary time period for interactive visualizations.

Top Talkers/Listeners

Apply filters, zoom to arbitrary time periods and immediately identify top talkers and listeners.