Skip navigation

Well, it's been a great show thus far. The things are starting slowly this morning as Cisco threw a heckuva customer appreciation event last night and it seems that most of the attendees had a great time and enjoyed the free beverages (maybe we should be handing out aspirin instead of t-shirts today?)...

The coolest thing I've heard thus far came from talking with my buddies at Cisco about some of the new features going into NetFlow v9 this year. I can't talk much about it yet, but I'm pretty darn excited. More on this to come within the next bit...


Flame on...
Josh

You know, most times, going "green" is  painful process. For Bruce Banner it involves a lot of pain, stretched bones, skin, and cartilage, and an entire new wardrobe. For us geeks it usually involves making some serious compromises to our lifestyles and work habits and nobody likes doing those things.


Honestly, I may not be the greenest guy in world. I did consider buying a Prius, but there really wasn't room for both dogs in the back let alone decoys and coolers so I decided to pass. I did have a chance to play with the Prius control panel and it's super geeky (just my style) but I don't think they offer it for the twin-turbo diesel powered F-250 I drive so I'll have to wait...


Some companies though are making it easy for us geeks to go green. For instance, Cisco has a totally new program called "EnergyWise". For the past few weeks I've had the chance to work with their development teams on this new technology and it's pretty flippin' sweet. They had me under some kind of a super-secret, pinky-swear type NDA until now but I can finally talk about it.


They'll be lots of news about the EnergyWise program in the oncoming weeks but I can tell you that it's a great way to significantly reduce your company's carbon footprint and it comes without the pain that most green initiatives imply. We're partnering with Cisco to help deliver this technology and so you can rest assured that Orion will be there to help you to monitor your effectiveness with EnergyWise.


 


 


Flame on...


Josh
Follow me on Twitter

As I sit here in the Newark airport, enjoying the free beverages in the President's Club and trying to stay awake long enough to board the flight to Spain, it occurs to me that maybe some of you have been to or are going to Barcelona this week. A group of us from SolarWinds are heading over to attend Cisco Networkers. It's looking like a great trip and we're even going to have some free time to see the sights which is always a plus.

So, if you're going to be there this week ping me and I'll buy you a drink or two. Also, if you have any restaurant/bar recommendations I'm all eyes...


Flame on...
Josh
Follow me on Twitter

Today I was sitting in a room with some colleagues and a debate started about which one is better - NetFlow vs. sFlow. Part of the people believed that NetFlow is better because it doesn't just sample the data (by default anyway) and sends all of the details. Part of the people liked sFlow better because it automatically samples the data and keeps the database size more manageable. Some of the people claimed that sFlow is better because it's processed at a hardware level and some of the people claimed that this was also true of some NetFlow devices. Some of the folks claimed that NetFlow was better at analyzing layer 3 traffic and some of the people claimed that sFlow was better for analyzing layer 2 traffic.

So, as the resident expert, I have decided to go out on a limb and end this debate once and for all.

It just plain doesn't matter.

Sure, I could debate the facts above but when you really think about it, none of it really matters. Stop worrying about whether NetFlow or sFlow is better - just use them. Most devices will only support one or the other - NetFlow or sFlow - so unless you're planning to replace your gear you probably don't have a choice. Likewise, if you're looking to purchase new networking hardware ask simply that it supports flow-based traffic analysis - Netflow, sFlow, or ipFix - and then move on to other features.

When it comes to Network Management Systems (NMSs), ensure the system you choose has an integrated flow collector and that it supports both NetFlow and sFlow. The Orion NetFlow Traffic Analyzer is a great example of this and of course there are many more out there. The real key is that it should integrate seamlessly into the rest of your NMS so that you can see the impact that the traffic is having upon other factors like CPU load, memory, buffer performance, and application responsiveness.

Keep in mind, no matter what flow protocol you use you're going to be collecting A LOT OF DATA. How you manage that data is the real key to successful traffic analysis.


Flame on...
Josh
Follow me on Twitter

Many of us have now realized that more bandwidth doesn't necessarily mean faster applications. Add that to the fact that bandwidth doesn't come for free and suddenly we're talking about way to optimize our networks...

There are many, many ways tweak our networks for better application performance. As a matter of fact, I think I'll write a more detailed blog post on that next week as it's a cool topic and one that is near and dear to my heart. That said, one of the ways that many people are now accelerating applications on the WAN is to implement WAN optimzation appliances. The two that I'm most familiar with are Riverbed's Steelhead appliances and Cisco's WaaS devices. IMO you can't go wrong with either one. It's great technology and there's a lot of headroom for technical advancement over the next few years.

Once you've decided to evaluate and/or implement a WAN optimization device the next question is usually "How do I monitor it?" or "How do I measure it's effectiveness?". Both are great questions and fortunately the answers are fairly straight forward if you understand how WAN optimization technology works.

I won't go into a lot of detail because you can find some great tutorials on WAN optimzation on both the Cisco and Riverbed websites. In a nutshell, you put a pair of these puppies inline between the user and the application server (one at each end). When the conversation (TCP conversation I mean) reaches the first appliance it's broken down and restructured and the appliance makes decisions on where to get the data (most of them do some caching), in what order to send/request data, and via how many round trips. Then, the WAN optimizer at the other end reconstructs the conversation and sends it on it's way. The whole thing is transparent to the user and the application server.

When it comes to monitoring these devices you of course want to be able to monitor the appliance's health (up/down, CPU load, memory, etc) but most importantly you want to be able to monitor the traffic going through the applicance and the devices effectiveness at optimizing traffc. Each system offers both an element manager and a web inteface for the device itself where you can get a lot of this data. If you only have a pair or two of these devices and assuming you don't have a need for historical data collection for trending then the built-in management interface may be enough for you.

Monitoring these devices in the enterprise offers additional requirements as you'll most likely want to be able to manage them within your NMS and you'll need to be able to setup alerting, reporting, trend analysis, and etc. The device health data is available via SNMP and so assuming that your NMS either a) monitors them out of the box or b) has a flexible polling engine that can be easily extended to monitor them you should be good to do. Here at SolarWinds we offer Orion NPM which both monitors these devices out of the box and offers an easy way to extend that monitoring through it's Universal Device Poller (UnDP).

To monitor the traffic going through the applicance most people turn to NetFlow. In the case of the Steelhead devices, they themselves support NetFlow and it's likely that the network devices adjacent to them will as well so you can get some great data on the network traffic. Keep in mind that because the application conversations are quite literally terminated, restructured, and then reformed on the other end that in many cases the TCP port numbers will change which makes analyzing this traffic with NetFlow impossible. Riverbed recently added a feature called "Port Transparency" which solves this problem. So, if you're planning to analyze the traffic using NetFlow you'll want to enable that.

Some network management systems, like Orion NPM, also include some built-in reports specifically geared toward managing WAN optimization devices.

Ping me back if you'd like more information on this subject or if you have any cool stories to share wrt your implementation of this technology.


Flame on...
Josh
Follow me on Twitter

CES - the mack daddy of all geeky tradeshows here in the US - was held in Las Vegas last week and from what I hear it was AWESOME. Unfortunately, I didn't get to attend personally but my good buddy greg@solarwinds.net did. Greg is the main dude when it comes to the Engineer's Toolset here at SolarWinds and knows more about SNMP than anyone else I know. Not only did Greg attend, but he actually helped to manage the network during the show.

You see, there's this really cool company called Smart City Networks and they provide and manage the networks at most of the largest trade shows in the US. The folks over at Smart City are super cool and I've had the pleasure of working with them for years. They use SolarWinds applications like Orion and the Toolset to monitor/manage their networks and so Greg was onsite in their NOC during the show.

Greg says he had a great time and of course the folks from Smart City had everything well in check so he was actually able to break away and spend some time at the show as well as spend some time testing the new The specified item was not found. within the Smart City NOC.

Here are some cool pics of some of the engineers at Smart City and Greg managing the network during the show. I gotta get out there next year!!!


Flame on...
Josh
Follow me on Twitter

denny.lecompte is running a limited beta of the new Orion APM version 2.5. There's still time to get in and I highly recommend it as there are a ton of cool changes to this new version. You can sign-up for the beta and download from The specified item was not found..

For those of you that aren't familiar with Orion APM, if you manage or want to monitor server or application status and performance this is the application for you. You can of course read more about it at SolarWinds.Com.


Flame on...
Josh
Follow me on Twitter

How could would it be to have a job where you get paid to research, analyze, and hack network technologies? Well, these folks have that job and their latest feat is that they've hacked SSL. You can read more about it here.

Cool stuff. Sure, I'd still rather be an operator within the special forces community (think Splinter Cell), but this job would be pretty darn cool, too.


Flame on...
Josh
Follow me on Twitter

For years I've been a big fan of Kiwi's tools. Their syslog server and router config tools are quick, powerful, and super geeky - right up my alley. Well, as of now, I can use them for free which is sort of like getting a second Christmas except the presents are way cooler... You can read the full story here.

If you're not familar with these tools I highly suggest that you download them and try them out. There are free versions and licensed versions (you can download a free eval for the licensed versions) of both of the tools available and a description of the differences.

Also, now that SolarWinds users and Kiwi users are one and the same, we've expanded Thwack.com to support users of the Kiwi applications. You can read more about this in Welcome Kiwi Folks.

Long story short, if you need a cool syslog server or if you're doing router, switch, and firewall config backups by hand - Kiwi tools are the tools for you...


Flame on...
Josh
Follow me on Twitter

Filter Blog

By date: By tag: