4 Replies Latest reply on Nov 13, 2014 3:37 PM by glenkemp

    ExtraHop AND SolarWinds

    alexslv

      Guys, I need your help

       

      Are there any of you who have had an experience, or knows someone who had it, in working with ExtraHop Monitoring Software. My colleagues here have recently attended IT Expo and apparently there was this product, which they got really excited about. My initial research was that it does exactly same thing as SolarWinds + it is also capable of real-time packet capturing and analysis and offers feature, called Full-Stream Reassembly ...

       

      There is no way we are going to replace SW - we love it, it is the core of our monitoring, workflow processes, alerting, fun, etc... and if this ExtraHop can complement in some useful ways to what SW is already providing - I would love to hear from those who had an experience

       

      Coincidentally, I have found also that there is new NPM v.11 available with new feature, called Deep Packet Inspection & Analysis. Looks like this is exactly what will make NPM totally bullet proof

       

      Thank you for your advise,

      Alex

        • Re: ExtraHop AND SolarWinds
          fcaron

          Alex SLV,

           

          Great post. Can you elaborate more on what feature got your team excited in ExtraHop? As you noticed, the very recently released NPM v11 marks our entry in this market (Application Aware NPM) and this type of input is critical to us.

           

          As far as "ExtraHop doing exactly what SolarWinds is doing", that's not really how I view them. They don't seem to have a robust SNMP&WMI-based infrastructure management platform, but rather focus on analyzing traffic based on their deep packet inspection technology (DPI).

          They actually position themselves as a good complement to what they call "Traditional NPM tools": "The ExtraHop Platform complements traditional NPM tools that monitor NetFlow and analyze packet captures offline"


          At the end of the day, our view, illustrated by our recent introduction of DPI in NPM v11, is that you need both capabilities: infrastructure AND traffic analysis, to provide network and app admins with the complete set of troubleshooting tools.

          Of course, delivering both integrated in the same pane of glass is and will continue to be our strategy.

           

          Alex SLV and thwack users, we would love to have your thoughts on the above, on what you think about NPM V11 and its DPI-based QoE dashboard (Quality of Experience) and how you think the next versions of NPM should evolve, in this area:

          What DPI-related features would you need in the future, and to fix what problems?

            • Re: ExtraHop AND SolarWinds
              alexslv

              Thanks fcaron for your kind reply,

               

              I am waiting for NPM 11 to be approved for roll-out next week (internally) and I will be getting my hands on it pretty soon, in production. Very, very excited. I will let you know how I will get on.

               

              With regards to ExtraHop - I have never seen them, spoke with them, dealt with them...or whatever else - hence my question above. From what I understood so far - new feature of NPM in v.11 (live DPI) + NetFlow (offline analyses) will basically do The Magic.

               

              Thanks,

              Alex

            • Re: ExtraHop AND SolarWinds
              tsupasat

              Hi there, Alex!

               

              I can provide ExtraHop's perspective. I've been in one major customer's NOC and seen large monitors with SolarWinds dashboards along other large monitors with ExtraHop dashboards. I asked about it and was told that SolarWinds provides the "heartbeat" metrics for the network and infrastructure, and that SolarWinds and ExtraHop provided complementary views of what was going on.

               

              You could think of ExtraHop a listening/translation device, deciphering the content of the communications between machines. We don't do WMI/SNMP or any type of flow monitoring. We're not even inspecting individual packets. Instead, we're reconstructing entire flows and streams and then extracting 2,900+ metrics from the full, bi-directional transaction payload. You can see things like processing time per database method used, which clients accessed a particular shared file, or which Citrix XenApp server is causing slow Citrix login times.

               

              Geek Speak contributor Glen Kemp (glenkemp) has some experience with ExtraHop and may be able to clarify the complementary nature of the two products.

               

              Hope that helps!

               

              Tyson

                • Re: ExtraHop AND SolarWinds
                  glenkemp

                  Hi Tyson/Alex

                   

                  To be honest it's been a while since I've been involved with Extrahop; but certainly I'd consider them to be complementary products. To steal a metaphor from Tom Clancy; Solarwinds remembers; Extrahop thinks. The "Network Brain" needs to do both. In my previous life we had a service and platform monitoring service (not Solarwinds), our use-case for Extrahop was digging *really* deep into the applications and gives us fast answers on why stuff was breaking (specifically, SQL). It's been +1 year since I've used either product, so I've not doubt stuff will have changed!

                   

                  For FWIW, both great products..