The SearchSAP.com Conference Europe

Download Report

Transcript The SearchSAP.com Conference Europe 

Hosted by
Network Analysis Tools:
Make the Right Decision
or Risk Your ROI
Laura Chappell
Sr. Protocol Analyst, Founder
Protocol Analysis Institute, Inc.
[email protected]
www.packet-level.com
www.podbooks.com
Hosted by
Network
Analyzer
Architecture
 Capture network
traffic
 Chart
relationships
 Decode traffic
 Identify unusual
events
Hosted by
What Do You Want Out of Your
Analyzer?
 Troubleshooting
 Optimization
 Monitoring
 Security
Hosted by
What is Your Analyzer Budget?
Free tools (such as Ethereal) can capture data – requires
strong knowledge of protocols and TCPdump formatting –
may not keep up with traffic rates
Hosted by
What is Your Analyzer Budget?
More expensive tools still require strong protocol knowledge
Hosted by
What is Your Analyzer Budget?
 Do you need a portable
analyzer?
Hosted by
What is Your Analyzer Budget?
 Do you need a distributed analyzer?
Hosted by
What is Your Analyzer Budget?
 The analyzer must keep up with traffic
Hosted by
What is Your Training Budget?
 These are not simple devices
 Network analysts must know
• protocols (TCP/IP) very well
• network layout
• analyzer functions
 Who is the ideal analyst candidate?
Hosted by
Can Your Analyst
Build an Analysis
ROI on Each Case?
 Downtime
 Salary groupings
 Usage rates
 ROI per minute, hour,
day, week, month,
year
Hosted by
Analyzer Function Checklist
 Graphical views
 Understandable
 Fat pipe
 Alarms/Logs
 Decodes
 Latency times
 Expert system
 Application analysis
 Report generation
 Triggered start/stop
 Distributed
 Training
Hosted by
How to Evaluate Analyzers
1. Obtain fully functioning software (or
hardware/software)
2. Designate an evaluator
3. Capture a boot up sequence, login sequence,
common applications (trace file)
4. Force an error (disconnection, misconfiguration)
5. Force a security breach (port scan, OS
fingerprinting operation, SYN flood)
6. Move a trace file from one analyzer to another
(ProConvert needed?) to compare results
Hosted by
For more information
 Laura explains how to use her ROI
calculator in this webcast:
Calculating the cost of network downtime
 Or, you can Download the calculator here
Hosted by
Questions
Laura Chappell
Sr. Protocol Analyst, Founder
Protocol Analysis Institute, Inc.
[email protected]
www.packet-level.com
www.podbooks.com