SlideShare ist ein Scribd-Unternehmen logo

Performance vision Version 2.15 news

Als PPTX, PDF herunterladen
PerformanceVision (previously SecurActive)
PerformanceVision (previously SecurActive)
Technologie
1 von 64
© SecurActive 2013 WHAT’S NEW IN VERSION 2.15?
© SecurActive 2013 2 PERFORMANCE VISION VERSION 2.15 Http Application Performance BCNWorkflow Network Analysis Configuration & Usability
© SecurActive 2013 3 HTTP APPLICATION PERFORMANCE
© SecurActive 2013 4 HTTP APPLICATION PERFORMANCE 500 - Internal Server Error,ServiceTemporarilyUnavailable  Deal with End User complaints  Track Page / Hit load time  Identify Slow / Faulty transactions
© SecurActive 2013 HTTP APPLICATION PERFORMANCE  Response Status Code over Time  Response Times & Volumetry over Time  Flows grouped by Server IP  Flows grouped by Client IP  Flows grouped by Host  Flows grouped by User Agent  Web Pages Performance & Timeline Chart  Hits Performance & Inspection 5
© SecurActive 2013 6 HTTP STATUS Response Status Code over Time
© SecurActive 2013 7 ARE THERE ERRORS?
© SecurActive 2013 8 ARE THERE ERRORS?
© SecurActive 2013 9 WHAT CAUSED THE ERRORS? Hits Performance & Inspection One-click Drilldown
© SecurActive 2013 10 WHAT CAUSED THE ERRORS? Look at what happened:  Who is impacted (Client or Servers)?  What are the related resources?
© SecurActive 2013 11 PERFORMANCE OVER TIME Response Times & Volumetry over Time
© SecurActive 2013 12 ARE THERE SLOW DOWNS? Check Performance over time for:  Average Page Load Time  Average Hit Response Time
© SecurActive 2013 13 #HOW MANY RESOURCES ARE PROCESSED? Evolution over time:  Number of Hits  Number of Pages  Number of Hits in Error (4xx & 5xx)
© SecurActive 2013 14 HTTP TOPS Server IP Client IP Host User Agent Group HTTP Flows by:
© SecurActive 2013 15 WHAT ARE THE SLOWEST PAGES?
© SecurActive 2013 16 INTEREST OF STANDARD DEVIATION? 11 9 11 9 11 9 11 9 11 9 0 2 4 6 8 10 12 14 16 18 20 1 2 3 4 5 6 7 8 9 10 18 2 18 2 18 2 18 2 18 2 0 2 4 6 8 10 12 14 16 18 20 1 2 3 4 5 6 7 8 9 10 Page Load Average: 10 Standard Deviation: 1 Page Load Average: 10 Standard Deviation: 8
© SecurActive 2013 17 PAGE LEVEL ANALYSIS Web Pages Performance & Timeline Chart
© SecurActive 2013 18 WHAT ARE THE SLOWEST PAGES? Check performance indicators on:  Number of Elements composing a page  Page Load Time  Response Payload
© SecurActive 2013 19 SEE ISSUES AT A GLANCE: TIMELINE CHART
© SecurActive 2013 FULL QUERY / RESPONSE RETENTION Inspection details of transaction:  Client Query  Server Response 20
© SecurActive 2013 FULL QUERY / RESPONSE RETENTION Inspection details of transaction:  Client Query  Server Response 21
© SecurActive 2013 22 HIT LEVEL ANALYSIS HTTP Hits Performance Analysis
© SecurActive 2013 23 LIST OF HTTP HITS Detailed list of HTTP hits:  Data Transfer Time  Server Response Time  Payload  User Agent, Method, Status, Category, Flags, URL
© SecurActive 2013 24 HTTP SPECIFIC FILTERS Refine your search with HTTP analysis dedicated Filters  Method GET, HEAD, POST…  Status Success, Redirection, Error…  Host www.google.fr, pypi.rd.securactive.lan  URL Path /application1*, /intranet*/*app*…  User Agent Mozilla*, *Gecko*, *MSIE*…  Server Software Apache*, *nginx*, AmazonS3*…  HTTP Category HTML, Scripts, Style… Be careful when using regular expressions, it can be Highly resource consuming
© SecurActive 2013 25 HTTP ANALYSIS FOR NPS/APS NPS APS  Flow metrics for both NPS & APS  HTTP Performance for APS Only
© SecurActive 2013 26 FORMER WEB BROWSING  Marked as Deprecated  Works like before Should be Removed in an Upcoming Version
© SecurActive 2013 27 BCN WORKFLOW
Updated for drilldown New © SecurActive 2013 28 BCN WORKFLOW BCN Workflow with Easy Drilldown
© SecurActive 2013 29 BUSINESS CRITICAL NETWORK DRILLDOWN V2.12 V2.15  Link to Performance from the first zone to the second zone  Link to the Bandwidth chart between the two zones  Link to Oriented Conversations from the first zone to the second zone  Link to BCN Edition  Link to the Bandwidth chart between the two zones
© SecurActive 2013 30 SOURCE/DESTINATION PERFORMANCE Display Source/Destination performance over time:  Data Transfer Time (DTT), Network Latency (RTT) Retransmission Delay (RD)  Retransmission Rate (RR)  Number of Packets
© SecurActive 2013 31 ORIENTED FLOW DETAIL Display more Information on Source/Destination flows: OS Fingerprint, MAC Addresses, Port, QoS Field…
© SecurActive 2013 32 SOURCE/DESTINATION ADVANCED FILTERS V2.12 V2.15 Source/Destination Advanced Filters have been Completed. They now Work like in Client/Server Mode.
© SecurActive 2013 33 NETWORK ANALYSIS
© SecurActive 2013 34 NETWORK ANALYSIS NewUpdated
© SecurActive 2013 CHECK QOS CLASS 35 DiffServ Field Client/Server Source/Destination
© SecurActive 2013 36 DISPLAY MAC ADDRESSES MAC Addresses Client/Server Source/Destination
© SecurActive 2013 37 OPERATING SYSTEM FINGERPRINTING OS Fingerprinting Client/Server Source/Destination For TCP Only!
© SecurActive 2013 38 ETHERNET PROTOCOL / MAC VENDOR  Improved Display of Ethernet Protocol  Improved Display of MAC Address Vendor
© SecurActive 2013 39 CONFIGURATION & USABILITY
© SecurActive 2013 40 BETTER PERFORMANCE Better performance for:  Network Sniffing  Data Dumping
© SecurActive 2013 41 IMPROVED SRT & DTT COMPUTATION In presence of lost TCP segments, more accurate:  Server Response Time (SRT)  Data Transfer Time (DTT)
© SecurActive 2013 42 ZONE RULES CHECKER Find the first Matching Rule for a Zone.
© SecurActive 2013 43 HTTP PERFORMANCE ANALYSIS CONFIGURATION For performance reasons it is recommended to Restrict HTTP performance analysis only to appropriate traffic.  Select Zones on which HTTP performance analysis will be performed, by default: None!  Child zones will be automatically selected.
© SecurActive 2013 44 HTTP PERFORMANCE ANALYSIS IMPACT HTTP performance analysis Impacts:  System workload Check CPU, RAM, Disk…  Database workload Check License limit (Virtual appliances)
© SecurActive 2013 HTTP PORT SIGNATURES 45 By default, HTTP performance analysis is performed on these ports.  Add more ports to Extend analysis scope,  This is Global parameter (for all selected zones). The more ports are added, the more CPU power is required!
© SecurActive 2013 46 AUTOPCAP CONFIGURATION For Performance Reasons it is Recommended to Restrict AutoPCAP File Generation only to Appropriate Traffic.  Select Zones on which AutoPCAP files will be captured and generated.  Child Zones will be Automatically Selected.
© SecurActive 2013 47 CUSTOM FILTERS (BETA) Available fields:  app,  capture.begin, capture.end,  device,  diffserv, diffserv.clt, diffserv.srv,  domain,  ip, ip.clt, ip.dst, ip.src, ip.srv,  mac, mac.clt, mac.dst, mac.src, mac.srv,  os, os.clt, os.srv,  port.srv,  proto,  vlan,  zone, zone.clt, zone.dst, zone.src, zone.srv  Combine filters with logical operators: (or, and, not)  Order sub expressions using Parentheses Examples:  (ip=10.10.*.* or ip.srv=10.20.30.*) and os.clt=‘linux’  zone in ‘/Private/Servers’ or port.srv < 1024  (proto=udp and port.srv=53) or zone in ‘/Private/DNS’  domain=‘~^www.google.(fr|com)$’  app=’http’ or app=’https’
© SecurActive 2013 48 BCN WITH < 1 MIBPS LINKS  Business Critical Networks now supports links which available bandwidth is < 1 Mibps
© SecurActive 2013 49 DATA MERGING Configure when to merge Data
© SecurActive 2013 DATA MERGING 50 Increasing levels can generate huge performance issues. In case of slowdowns, consider reducing merging levels.  Configure Merging Level
BeginTime EndTime Zone IP Payload EURT 08:00 08:01 Internet 76.20.80.201 10 MB 100 ms 08:05 08:06 Internet 76.20.80.201 3 MB 200 ms 08:10 08:11 Internet 183.28.100.2 6 MB 150 ms 08:10 08:11 Internet 76.20.80.201 3 MB 200 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms Example © SecurActive 2013 DATA MERGING 51 BeginTime EndTime Zone IP Payload EURT 08:00 08:11:00 Internet 76.20.80.201 16 MB 166 ms 08:10 08:11:00 Internet 183.28.100.2 6 MB 150 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms BeginTime EndTime Zone IP Payload EURT 08:00 08:11:00 Internet - 22 MB 158 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms  Data Aggregation  Data Merging
© SecurActive 2013 52 APPLICATIVE LOGS Keep track of events
© SecurActive 2013 53 APPLICATIVE LOGS Keep track of events on the probe.  Up to 7 days for internal processes  Up to 31 days for other events (ex: Errors)
© SecurActive 2013 54 ADVANCED SNIFFER CONFIGURATION Advanced Sniffer Configuration
© SecurActive 2013 55 ADVANCED SNIFFER CONFIGURATION Fine-tuning of the Sniffer’s parameters
© SecurActive 2013 SET THE MTU OF A POLLER 56 Set the MTU of a Poller.  It is a per poller setting  Default is 1800  Over 9000 is not recommended  Reboot is required! MTU
© SecurActive 2013 SNIFFER’S CAPTURE LENGTH 57 Defines the “Capture Length” used by the sniffer to analyze the traffic  For best accuracy it should be Equal to the highest poller’s MTU.  However high values are highly CPU Consuming  Smaller values will Save CPU processing power.  Sniffer Restart is required! CAPTURE LENGTH
© SecurActive 2013 58 UPDATE LOG Upgrade logs have now their own file:  log nova/install.log
© SecurActive 2013 59 DEFAULT SCREEN New welcome screen during:  Updates  Services turned Off
© SecurActive 2013  Version 2.15  User Guide  Release Notes DOCUMENTATION UPDATE 60 Documentation update:  One-click access in the interface  Available on SecurActive web site  User guide and release notes http://www.securactive.net/en/resource-library/usersguide
© SecurActive 2013 61 VERSION 2.15 IMPACTS Impacts on existing metrics:  SRT, DTT, EURT…  Main Impacts compared to 2.12:  Database MigrationTime: Small  Metrics Impact on database is small.  Update should take few minutes.
© SecurActive 2013 62 REBOOT AFTER UPDATE After the update is completed
© SecurActive 2013 63 YOU’RE READY TO GO, ENJOY!
What’s New in Version 2.15? © SecurActive 2013 THANK YOU! 64 For any Question sales@securactive.net support@securactive.net Follow Us on @SecurActivePV www.securactive.net blog.securactive.net

Empfohlen

Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
Aruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-SecurityEMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
Jimmy Saigon
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
Aruba, a Hewlett Packard Enterprise company
 
ClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release NotesClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release Notes
Aruba, a Hewlett Packard Enterprise company
 

Empfohlen

Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
Aruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-SecurityEMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
Jimmy Saigon
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
Aruba, a Hewlett Packard Enterprise company
 
ClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release NotesClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release Notes
Aruba, a Hewlett Packard Enterprise company
 
Informix HA Best Practices
Informix HA Best Practices Informix HA Best Practices
Informix HA Best Practices
Scott Lashley
 
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joiningEMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
Aruba, a Hewlett Packard Enterprise company
 
AWS re:Invent 2016: Making Every Packet Count (NET404)
AWS re:Invent 2016: Making Every Packet Count (NET404)AWS re:Invent 2016: Making Every Packet Count (NET404)
AWS re:Invent 2016: Making Every Packet Count (NET404)
Amazon Web Services
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster Manager
Aruba, a Hewlett Packard Enterprise company
 
ONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデート
Juniper Networks (日本)
 
Big ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsBig ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methods
Utpal Sinha
 
Development of a Cisco ACI device package for NGINX as a Load-Balancer
Development of a Cisco ACI device package for NGINX as a Load-BalancerDevelopment of a Cisco ACI device package for NGINX as a Load-Balancer
Development of a Cisco ACI device package for NGINX as a Load-Balancer
Fabrice Servais
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
Alejandro Salinas
 
Neutron DVR
Neutron DVRNeutron DVR
Neutron DVR
Edgar Magana
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Amazon Web Services
 
Fast Convergence Techniques
Fast Convergence TechniquesFast Convergence Techniques
Fast Convergence Techniques
Bangladesh Network Operators Group
 
LTM essentials
LTM essentialsLTM essentials
LTM essentials
bharadwajv
 
Brksec 2101 deploying web security
Brksec 2101 deploying web securityBrksec 2101 deploying web security
Brksec 2101 deploying web security
Alfredo Boiero Sanders
 
Forward Networks - Networking Field Day 13 presentation
Forward Networks - Networking Field Day 13 presentationForward Networks - Networking Field Day 13 presentation
Forward Networks - Networking Field Day 13 presentation
Andrew Wesbecher
 
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scott Sneddon
 
F5 Link controller Configuration
F5 Link controller Configuration F5 Link controller Configuration
F5 Link controller Configuration
PCCW GLOBAL
 
AWS VPN with Juniper SRX- Lab Sheet
AWS VPN with Juniper SRX- Lab SheetAWS VPN with Juniper SRX- Lab Sheet
AWS VPN with Juniper SRX- Lab Sheet
Kimberly Macias
 
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
Takanori Miyagishi
 
Cloudflare lower network latency = faster website loads
Cloudflare lower network latency = faster website loadsCloudflare lower network latency = faster website loads
Cloudflare lower network latency = faster website loads
Vu Long Tran
 
Concrete use cases of SQL Performance Analysis
Concrete use cases of SQL Performance Analysis Concrete use cases of SQL Performance Analysis
Concrete use cases of SQL Performance Analysis
PerformanceVision (previously SecurActive)
 
What's new in Performance Vision version 2.18
What's new in Performance Vision version 2.18What's new in Performance Vision version 2.18
What's new in Performance Vision version 2.18
PerformanceVision (previously SecurActive)
 

Weitere ähnliche Inhalte

Was ist angesagt?

AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Amazon Web Services
 
LTM essentials
LTM essentialsLTM essentials
LTM essentials
bharadwajv
 

Was ist angesagt? (20)

Informix HA Best Practices
Informix HA Best Practices Informix HA Best Practices
Informix HA Best Practices
 
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joiningEMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
EMEA Airheads- ClearPass - Dot1x_ Purpose of domain joining
 
AWS re:Invent 2016: Making Every Packet Count (NET404)
AWS re:Invent 2016: Making Every Packet Count (NET404)AWS re:Invent 2016: Making Every Packet Count (NET404)
AWS re:Invent 2016: Making Every Packet Count (NET404)
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster Manager
 
ONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデート
 
Big ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsBig ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methods
 
Development of a Cisco ACI device package for NGINX as a Load-Balancer
Development of a Cisco ACI device package for NGINX as a Load-BalancerDevelopment of a Cisco ACI device package for NGINX as a Load-Balancer
Development of a Cisco ACI device package for NGINX as a Load-Balancer
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
 
Neutron DVR
Neutron DVRNeutron DVR
Neutron DVR
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
 
Fast Convergence Techniques
Fast Convergence TechniquesFast Convergence Techniques
Fast Convergence Techniques
 
LTM essentials
LTM essentialsLTM essentials
LTM essentials
 
Brksec 2101 deploying web security
Brksec 2101 deploying web securityBrksec 2101 deploying web security
Brksec 2101 deploying web security
 
Forward Networks - Networking Field Day 13 presentation
Forward Networks - Networking Field Day 13 presentationForward Networks - Networking Field Day 13 presentation
Forward Networks - Networking Field Day 13 presentation
 
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage Networks
 
F5 Link controller Configuration
F5 Link controller Configuration F5 Link controller Configuration
F5 Link controller Configuration
 
AWS VPN with Juniper SRX- Lab Sheet
AWS VPN with Juniper SRX- Lab SheetAWS VPN with Juniper SRX- Lab Sheet
AWS VPN with Juniper SRX- Lab Sheet
 
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
Network Node is Not Needed Anymore - Completed Distributed Virtual Router / F...
 
Cloudflare lower network latency = faster website loads
Cloudflare lower network latency = faster website loadsCloudflare lower network latency = faster website loads
Cloudflare lower network latency = faster website loads
 

Ähnlich wie Performance vision Version 2.15 news

Air Quality Data Acquisition and Management Systems
Air Quality Data Acquisition and Management SystemsAir Quality Data Acquisition and Management Systems
Air Quality Data Acquisition and Management Systems
Agilaire LLC
 

Ähnlich wie Performance vision Version 2.15 news (20)

Concrete use cases of SQL Performance Analysis
Concrete use cases of SQL Performance Analysis Concrete use cases of SQL Performance Analysis
Concrete use cases of SQL Performance Analysis
 
What's new in Performance Vision version 2.18
What's new in Performance Vision version 2.18What's new in Performance Vision version 2.18
What's new in Performance Vision version 2.18
 
New Product Release Roundup: SAM, NPM, & VNQM
New Product Release Roundup: SAM, NPM, & VNQMNew Product Release Roundup: SAM, NPM, & VNQM
New Product Release Roundup: SAM, NPM, & VNQM
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)
 
Stream Analytics
Stream Analytics Stream Analytics
Stream Analytics
 
Tracing-for-fun-and-profit.pptx
Tracing-for-fun-and-profit.pptxTracing-for-fun-and-profit.pptx
Tracing-for-fun-and-profit.pptx
 
Get SaaSy with Red Hat OpenShift on AWS (CON305-S) - AWS re:Invent 2018
Get SaaSy with Red Hat OpenShift on AWS (CON305-S) - AWS re:Invent 2018Get SaaSy with Red Hat OpenShift on AWS (CON305-S) - AWS re:Invent 2018
Get SaaSy with Red Hat OpenShift on AWS (CON305-S) - AWS re:Invent 2018
 
Cloud APIs Overview Tucker
Cloud APIs Overview TuckerCloud APIs Overview Tucker
Cloud APIs Overview Tucker
 
Always on high availability best practices for informix
Always on high availability best practices for informixAlways on high availability best practices for informix
Always on high availability best practices for informix
 
Webinar deploying software defined networks with confidence
Webinar deploying software defined networks with confidenceWebinar deploying software defined networks with confidence
Webinar deploying software defined networks with confidence
 
Key considerations in productionizing streaming applications
Key considerations in productionizing streaming applicationsKey considerations in productionizing streaming applications
Key considerations in productionizing streaming applications
 
Hpe service virtualization 3.8 what's new chicago adm
Hpe service virtualization 3.8 what's new chicago admHpe service virtualization 3.8 what's new chicago adm
Hpe service virtualization 3.8 what's new chicago adm
 
Zero Downtime JEE Architectures
Zero Downtime JEE ArchitecturesZero Downtime JEE Architectures
Zero Downtime JEE Architectures
 
Dynamic Service Chaining
Dynamic Service Chaining Dynamic Service Chaining
Dynamic Service Chaining
 
Sprint 46 review
Sprint 46 reviewSprint 46 review
Sprint 46 review
 
Istio Service Mesh for Developers and Platform Engineers
Istio Service Mesh for Developers and Platform EngineersIstio Service Mesh for Developers and Platform Engineers
Istio Service Mesh for Developers and Platform Engineers
 
Air Quality Data Acquisition and Management Systems
Air Quality Data Acquisition and Management SystemsAir Quality Data Acquisition and Management Systems
Air Quality Data Acquisition and Management Systems
 
Performance vision Version 3.0 - What's New
Performance vision Version 3.0 - What's NewPerformance vision Version 3.0 - What's New
Performance vision Version 3.0 - What's New
 
EXTENT-2016: Network Instrumentation Challenges and Solutions
EXTENT-2016: Network Instrumentation Challenges and SolutionsEXTENT-2016: Network Instrumentation Challenges and Solutions
EXTENT-2016: Network Instrumentation Challenges and Solutions
 
From nothing to Prometheus : one year after
From nothing to Prometheus : one year afterFrom nothing to Prometheus : one year after
From nothing to Prometheus : one year after
 

Mehr von PerformanceVision (previously SecurActive)

Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
PerformanceVision (previously SecurActive)
 
HTTP Application Performance Analysis
HTTP Application Performance AnalysisHTTP Application Performance Analysis
HTTP Application Performance Analysis
PerformanceVision (previously SecurActive)
 

Mehr von PerformanceVision (previously SecurActive) (13)

How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...
 
Presentation of Performance Vision Version 3.3
Presentation of Performance Vision Version 3.3Presentation of Performance Vision Version 3.3
Presentation of Performance Vision Version 3.3
 
Workshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance AnalysisWorkshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance Analysis
 
HTTP Application Performance Analysis
HTTP Application Performance AnalysisHTTP Application Performance Analysis
HTTP Application Performance Analysis
 
What's new in Performance vision version 3.2
What's new in Performance vision version 3.2What's new in Performance vision version 3.2
What's new in Performance vision version 3.2
 
Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
Network & Application Performance Monitoring - Troubleshooting HTTP Applicati...
 
HTTP Application Performance Analysis
HTTP Application Performance AnalysisHTTP Application Performance Analysis
HTTP Application Performance Analysis
 
Présentation N&APM en environnement hospitalier (CH Laborit)
Présentation N&APM en environnement hospitalier (CH Laborit)Présentation N&APM en environnement hospitalier (CH Laborit)
Présentation N&APM en environnement hospitalier (CH Laborit)
 
Performance Vision - What's new in version 2.9
Performance Vision - What's new in version 2.9Performance Vision - What's new in version 2.9
Performance Vision - What's new in version 2.9
 
Gestion des performances applicatives en environnement Cloud et Virtualisation
Gestion des performances applicatives en environnement Cloud et VirtualisationGestion des performances applicatives en environnement Cloud et Virtualisation
Gestion des performances applicatives en environnement Cloud et Virtualisation
 
Workshop APM in a Cloud & Virtualized environment
Workshop APM in a Cloud & Virtualized environmentWorkshop APM in a Cloud & Virtualized environment
Workshop APM in a Cloud & Virtualized environment
 
Présentation de Performance Vision en 2 minutes
Présentation de Performance Vision en 2 minutesPrésentation de Performance Vision en 2 minutes
Présentation de Performance Vision en 2 minutes
 
2 minute presentation of Performance Vision
2 minute presentation of Performance Vision2 minute presentation of Performance Vision
2 minute presentation of Performance Vision
 

Kürzlich hochgeladen

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Kürzlich hochgeladen (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Performance vision Version 2.15 news

  • 1. © SecurActive 2013 WHAT’S NEW IN VERSION 2.15?
  • 2. © SecurActive 2013 2 PERFORMANCE VISION VERSION 2.15 Http Application Performance BCNWorkflow Network Analysis Configuration & Usability
  • 3. © SecurActive 2013 3 HTTP APPLICATION PERFORMANCE
  • 4. © SecurActive 2013 4 HTTP APPLICATION PERFORMANCE 500 - Internal Server Error,ServiceTemporarilyUnavailable  Deal with End User complaints  Track Page / Hit load time  Identify Slow / Faulty transactions
  • 5. © SecurActive 2013 HTTP APPLICATION PERFORMANCE  Response Status Code over Time  Response Times & Volumetry over Time  Flows grouped by Server IP  Flows grouped by Client IP  Flows grouped by Host  Flows grouped by User Agent  Web Pages Performance & Timeline Chart  Hits Performance & Inspection 5
  • 6. © SecurActive 2013 6 HTTP STATUS Response Status Code over Time
  • 7. © SecurActive 2013 7 ARE THERE ERRORS?
  • 8. © SecurActive 2013 8 ARE THERE ERRORS?
  • 9. © SecurActive 2013 9 WHAT CAUSED THE ERRORS? Hits Performance & Inspection One-click Drilldown
  • 10. © SecurActive 2013 10 WHAT CAUSED THE ERRORS? Look at what happened:  Who is impacted (Client or Servers)?  What are the related resources?
  • 11. © SecurActive 2013 11 PERFORMANCE OVER TIME Response Times & Volumetry over Time
  • 12. © SecurActive 2013 12 ARE THERE SLOW DOWNS? Check Performance over time for:  Average Page Load Time  Average Hit Response Time
  • 13. © SecurActive 2013 13 #HOW MANY RESOURCES ARE PROCESSED? Evolution over time:  Number of Hits  Number of Pages  Number of Hits in Error (4xx & 5xx)
  • 14. © SecurActive 2013 14 HTTP TOPS Server IP Client IP Host User Agent Group HTTP Flows by:
  • 15. © SecurActive 2013 15 WHAT ARE THE SLOWEST PAGES?
  • 16. © SecurActive 2013 16 INTEREST OF STANDARD DEVIATION? 11 9 11 9 11 9 11 9 11 9 0 2 4 6 8 10 12 14 16 18 20 1 2 3 4 5 6 7 8 9 10 18 2 18 2 18 2 18 2 18 2 0 2 4 6 8 10 12 14 16 18 20 1 2 3 4 5 6 7 8 9 10 Page Load Average: 10 Standard Deviation: 1 Page Load Average: 10 Standard Deviation: 8
  • 17. © SecurActive 2013 17 PAGE LEVEL ANALYSIS Web Pages Performance & Timeline Chart
  • 18. © SecurActive 2013 18 WHAT ARE THE SLOWEST PAGES? Check performance indicators on:  Number of Elements composing a page  Page Load Time  Response Payload
  • 19. © SecurActive 2013 19 SEE ISSUES AT A GLANCE: TIMELINE CHART
  • 20. © SecurActive 2013 FULL QUERY / RESPONSE RETENTION Inspection details of transaction:  Client Query  Server Response 20
  • 21. © SecurActive 2013 FULL QUERY / RESPONSE RETENTION Inspection details of transaction:  Client Query  Server Response 21
  • 22. © SecurActive 2013 22 HIT LEVEL ANALYSIS HTTP Hits Performance Analysis
  • 23. © SecurActive 2013 23 LIST OF HTTP HITS Detailed list of HTTP hits:  Data Transfer Time  Server Response Time  Payload  User Agent, Method, Status, Category, Flags, URL
  • 24. © SecurActive 2013 24 HTTP SPECIFIC FILTERS Refine your search with HTTP analysis dedicated Filters  Method GET, HEAD, POST…  Status Success, Redirection, Error…  Host www.google.fr, pypi.rd.securactive.lan  URL Path /application1*, /intranet*/*app*…  User Agent Mozilla*, *Gecko*, *MSIE*…  Server Software Apache*, *nginx*, AmazonS3*…  HTTP Category HTML, Scripts, Style… Be careful when using regular expressions, it can be Highly resource consuming
  • 25. © SecurActive 2013 25 HTTP ANALYSIS FOR NPS/APS NPS APS  Flow metrics for both NPS & APS  HTTP Performance for APS Only
  • 26. © SecurActive 2013 26 FORMER WEB BROWSING  Marked as Deprecated  Works like before Should be Removed in an Upcoming Version
  • 27. © SecurActive 2013 27 BCN WORKFLOW
  • 28. Updated for drilldown New © SecurActive 2013 28 BCN WORKFLOW BCN Workflow with Easy Drilldown
  • 29. © SecurActive 2013 29 BUSINESS CRITICAL NETWORK DRILLDOWN V2.12 V2.15  Link to Performance from the first zone to the second zone  Link to the Bandwidth chart between the two zones  Link to Oriented Conversations from the first zone to the second zone  Link to BCN Edition  Link to the Bandwidth chart between the two zones
  • 30. © SecurActive 2013 30 SOURCE/DESTINATION PERFORMANCE Display Source/Destination performance over time:  Data Transfer Time (DTT), Network Latency (RTT) Retransmission Delay (RD)  Retransmission Rate (RR)  Number of Packets
  • 31. © SecurActive 2013 31 ORIENTED FLOW DETAIL Display more Information on Source/Destination flows: OS Fingerprint, MAC Addresses, Port, QoS Field…
  • 32. © SecurActive 2013 32 SOURCE/DESTINATION ADVANCED FILTERS V2.12 V2.15 Source/Destination Advanced Filters have been Completed. They now Work like in Client/Server Mode.
  • 33. © SecurActive 2013 33 NETWORK ANALYSIS
  • 34. © SecurActive 2013 34 NETWORK ANALYSIS NewUpdated
  • 35. © SecurActive 2013 CHECK QOS CLASS 35 DiffServ Field Client/Server Source/Destination
  • 36. © SecurActive 2013 36 DISPLAY MAC ADDRESSES MAC Addresses Client/Server Source/Destination
  • 37. © SecurActive 2013 37 OPERATING SYSTEM FINGERPRINTING OS Fingerprinting Client/Server Source/Destination For TCP Only!
  • 38. © SecurActive 2013 38 ETHERNET PROTOCOL / MAC VENDOR  Improved Display of Ethernet Protocol  Improved Display of MAC Address Vendor
  • 39. © SecurActive 2013 39 CONFIGURATION & USABILITY
  • 40. © SecurActive 2013 40 BETTER PERFORMANCE Better performance for:  Network Sniffing  Data Dumping
  • 41. © SecurActive 2013 41 IMPROVED SRT & DTT COMPUTATION In presence of lost TCP segments, more accurate:  Server Response Time (SRT)  Data Transfer Time (DTT)
  • 42. © SecurActive 2013 42 ZONE RULES CHECKER Find the first Matching Rule for a Zone.
  • 43. © SecurActive 2013 43 HTTP PERFORMANCE ANALYSIS CONFIGURATION For performance reasons it is recommended to Restrict HTTP performance analysis only to appropriate traffic.  Select Zones on which HTTP performance analysis will be performed, by default: None!  Child zones will be automatically selected.
  • 44. © SecurActive 2013 44 HTTP PERFORMANCE ANALYSIS IMPACT HTTP performance analysis Impacts:  System workload Check CPU, RAM, Disk…  Database workload Check License limit (Virtual appliances)
  • 45. © SecurActive 2013 HTTP PORT SIGNATURES 45 By default, HTTP performance analysis is performed on these ports.  Add more ports to Extend analysis scope,  This is Global parameter (for all selected zones). The more ports are added, the more CPU power is required!
  • 46. © SecurActive 2013 46 AUTOPCAP CONFIGURATION For Performance Reasons it is Recommended to Restrict AutoPCAP File Generation only to Appropriate Traffic.  Select Zones on which AutoPCAP files will be captured and generated.  Child Zones will be Automatically Selected.
  • 47. © SecurActive 2013 47 CUSTOM FILTERS (BETA) Available fields:  app,  capture.begin, capture.end,  device,  diffserv, diffserv.clt, diffserv.srv,  domain,  ip, ip.clt, ip.dst, ip.src, ip.srv,  mac, mac.clt, mac.dst, mac.src, mac.srv,  os, os.clt, os.srv,  port.srv,  proto,  vlan,  zone, zone.clt, zone.dst, zone.src, zone.srv  Combine filters with logical operators: (or, and, not)  Order sub expressions using Parentheses Examples:  (ip=10.10.*.* or ip.srv=10.20.30.*) and os.clt=‘linux’  zone in ‘/Private/Servers’ or port.srv < 1024  (proto=udp and port.srv=53) or zone in ‘/Private/DNS’  domain=‘~^www.google.(fr|com)$’  app=’http’ or app=’https’
  • 48. © SecurActive 2013 48 BCN WITH < 1 MIBPS LINKS  Business Critical Networks now supports links which available bandwidth is < 1 Mibps
  • 49. © SecurActive 2013 49 DATA MERGING Configure when to merge Data
  • 50. © SecurActive 2013 DATA MERGING 50 Increasing levels can generate huge performance issues. In case of slowdowns, consider reducing merging levels.  Configure Merging Level
  • 51. BeginTime EndTime Zone IP Payload EURT 08:00 08:01 Internet 76.20.80.201 10 MB 100 ms 08:05 08:06 Internet 76.20.80.201 3 MB 200 ms 08:10 08:11 Internet 183.28.100.2 6 MB 150 ms 08:10 08:11 Internet 76.20.80.201 3 MB 200 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms Example © SecurActive 2013 DATA MERGING 51 BeginTime EndTime Zone IP Payload EURT 08:00 08:11:00 Internet 76.20.80.201 16 MB 166 ms 08:10 08:11:00 Internet 183.28.100.2 6 MB 150 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms BeginTime EndTime Zone IP Payload EURT 08:00 08:11:00 Internet - 22 MB 158 ms 08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms  Data Aggregation  Data Merging
  • 52. © SecurActive 2013 52 APPLICATIVE LOGS Keep track of events
  • 53. © SecurActive 2013 53 APPLICATIVE LOGS Keep track of events on the probe.  Up to 7 days for internal processes  Up to 31 days for other events (ex: Errors)
  • 54. © SecurActive 2013 54 ADVANCED SNIFFER CONFIGURATION Advanced Sniffer Configuration
  • 55. © SecurActive 2013 55 ADVANCED SNIFFER CONFIGURATION Fine-tuning of the Sniffer’s parameters
  • 56. © SecurActive 2013 SET THE MTU OF A POLLER 56 Set the MTU of a Poller.  It is a per poller setting  Default is 1800  Over 9000 is not recommended  Reboot is required! MTU
  • 57. © SecurActive 2013 SNIFFER’S CAPTURE LENGTH 57 Defines the “Capture Length” used by the sniffer to analyze the traffic  For best accuracy it should be Equal to the highest poller’s MTU.  However high values are highly CPU Consuming  Smaller values will Save CPU processing power.  Sniffer Restart is required! CAPTURE LENGTH
  • 58. © SecurActive 2013 58 UPDATE LOG Upgrade logs have now their own file:  log nova/install.log
  • 59. © SecurActive 2013 59 DEFAULT SCREEN New welcome screen during:  Updates  Services turned Off
  • 60. © SecurActive 2013  Version 2.15  User Guide  Release Notes DOCUMENTATION UPDATE 60 Documentation update:  One-click access in the interface  Available on SecurActive web site  User guide and release notes http://www.securactive.net/en/resource-library/usersguide
  • 61. © SecurActive 2013 61 VERSION 2.15 IMPACTS Impacts on existing metrics:  SRT, DTT, EURT…  Main Impacts compared to 2.12:  Database MigrationTime: Small  Metrics Impact on database is small.  Update should take few minutes.
  • 62. © SecurActive 2013 62 REBOOT AFTER UPDATE After the update is completed
  • 63. © SecurActive 2013 63 YOU’RE READY TO GO, ENJOY!
  • 64. What’s New in Version 2.15? © SecurActive 2013 THANK YOU! 64 For any Question sales@securactive.net support@securactive.net Follow Us on @SecurActivePV www.securactive.net blog.securactive.net