Great post. Can you elaborate more on what feature got your team excited in ExtraHop? As you noticed, the very recently released NPM v11 marks our entry in this market (Application Aware NPM) and this type of input is critical to us.
As far as "ExtraHop doing exactly what SolarWinds is doing", that's not really how I view them. They don't seem to have a robust SNMP&WMI-based infrastructure management platform, but rather focus on analyzing traffic based on their deep packet inspection technology (DPI).
They actually position themselves as a good complement to what they call "Traditional NPM tools": "The ExtraHop Platform complements traditional NPM tools that monitor NetFlow and analyze packet captures offline"
At the end of the day, our view, illustrated by our recent introduction of DPI in NPM v11, is that you need both capabilities: infrastructure AND traffic analysis, to provide network and app admins with the complete set of troubleshooting tools.
Of course, delivering both integrated in the same pane of glass is and will continue to be our strategy.
Alex SLV and thwack users, we would love to have your thoughts on the above, on what you think about NPM V11 and its DPI-based QoE dashboard (Quality of Experience) and how you think the next versions of NPM should evolve, in this area:
What DPI-related features would you need in the future, and to fix what problems?
Thanks fcaron for your kind reply,
I am waiting for NPM 11 to be approved for roll-out next week (internally) and I will be getting my hands on it pretty soon, in production. Very, very excited. I will let you know how I will get on.
With regards to ExtraHop - I have never seen them, spoke with them, dealt with them...or whatever else - hence my question above. From what I understood so far - new feature of NPM in v.11 (live DPI) + NetFlow (offline analyses) will basically do The Magic.
Hi there, Alex!
I can provide ExtraHop's perspective. I've been in one major customer's NOC and seen large monitors with SolarWinds dashboards along other large monitors with ExtraHop dashboards. I asked about it and was told that SolarWinds provides the "heartbeat" metrics for the network and infrastructure, and that SolarWinds and ExtraHop provided complementary views of what was going on.
You could think of ExtraHop a listening/translation device, deciphering the content of the communications between machines. We don't do WMI/SNMP or any type of flow monitoring. We're not even inspecting individual packets. Instead, we're reconstructing entire flows and streams and then extracting 2,900+ metrics from the full, bi-directional transaction payload. You can see things like processing time per database method used, which clients accessed a particular shared file, or which Citrix XenApp server is causing slow Citrix login times.
Geek Speak contributor Glen Kemp (glenkemp) has some experience with ExtraHop and may be able to clarify the complementary nature of the two products.
Hope that helps!
To be honest it's been a while since I've been involved with Extrahop; but certainly I'd consider them to be complementary products. To steal a metaphor from Tom Clancy; Solarwinds remembers; Extrahop thinks. The "Network Brain" needs to do both. In my previous life we had a service and platform monitoring service (not Solarwinds), our use-case for Extrahop was digging *really* deep into the applications and gives us fast answers on why stuff was breaking (specifically, SQL). It's been +1 year since I've used either product, so I've not doubt stuff will have changed!
For FWIW, both great products..