The network and supporting infrastructure have so much to tell you—if only you knew how to ask: What’s connected? Who is talking? What are they saying? The growing number and variety of devices and applications across today’s hybrid IT environment are becoming increasingly difficult to manage — whether related to IoT, SD-WAN, cloud migrations, or remote users at the network edge making answering these questions more urgent.
Observer GigaFlow to the rescue by combining network, infrastructure, and user data into a single enriched flow record captured and retained over time. Combining mountains of unstructured data provides in-depth details on network device types, connectivity, traffic control, and usage patterns. This information is maintained at the individual user/host, over time across all communication traversing the environment from any point of view making it particularly valuable for NetOps and SecOps teams when they are investigating anomalies activity.
With the release of Observer v18.3, enriched flow data from GigaFlow and packet-level wire data from GigaStor now coexist in Observer Apex. This means all levels of expertise have access to comprehensive views of performance and threat landscapes across their environments, using preferred data sources for QoS measurements, baselining, capacity planning, and more. This single, integrated interface improves operational efficiencies through boosted data quality, intuitive visualizations, and simplified workflows for any level of IT user.
Feature and Benefit Summary:
- End-user experience and infrastructure insights provide situational awareness for stakeholders driving better decisions for tuning service delivery and assessing security challenges
- High-fidelity forensic visibility into network conversations over time supporting investigations reduces mean time to resolution
- Advanced service path visibility ensures immediate problem domain isolation across hybrid IT environments
- Cloud and virtual device insight deliver real-time understanding of performance in virtual, cloud, and remote environments
- An interactive IP Viewer that visualizes relationships between User, IP, MAC, and application usage in the network.
- Intuitive capacity planning reporting to help with proactive assessments of WAN utilization
- New workflows detailing utilization at any given site or device interface with easy drill-down into forensic level data
Intuitive Visualizations with IP Viewer
By compiling Layer 2 to Layer 3 insights into a single enriched flow record, Observer can produce unique, interactive visualizations that illustrate the relationships between User, IP, MAC, and application usage in the network. A NetOps or SecOps user can simply enter a name enter in a username and immediately find all devices, interfaces, and applications associated with it. Finding out what is connected and who is communicating across your network has never been easier.
Enriched Flow Forensics
GigaFlow offers real-time and long-term historical perspectives of end-user status and device as a function of underlying service health at every network traffic interface. The enriched flow records of GigaFlow dynamically capture all relevant data including timestamp and location continuously over extended periods. Because of this, IT teams can navigate to a specific event or anomaly in the past to troubleshoot and solve the problem by answering who it impacted and when, where, and how the incident occurred.
Network Capacity Planning Reports
With intuitive capacity planning reporting, GigaFlow lets IT teams conduct proactive assessments for WAN spending as well as reactive resolution of capacity-related issues. A simple, color coded dashboard highlights interfaces that are highly utilized for the most amount of time. If any congested sites are growing at any rate, more red areas will be reflected in the utilization report, suggesting that those sites may be need of upgrade. Application summary graphs can help IT teams discern which application is responsible for any growth. Drilldown into the forensic-level data is also available from the capacity planning reports.
Device-Based and Site-Based Workflows
GigaFlow grants usage and utilization insights on a per interface basis down to the layer 2 switch, with graphical summaries of the busiest sites or devices and further drilldown into individual WAN links. This is ideal for general assessments of end-user experience at points anywhere along the conversation route, and valuable for quantifying asset cost/benefit efficiencies, such as when deciding where new enhancements should be made.
Deployment
GigaFlow offers an extensible, easy deployment clustered architecture with carrier grade scalability and a “pay-as-you-grow” pricing model. Options are available as an appliance and in various software capacities based on number of flows supported and emitting sources to satisfy the needs of any size organization.
It integrates with Apex and GigaStor via workflows providing enriched flow record data for fast end-user experience troubleshooting and forensic security analysis.
Datasheet