Boost network visibility by combining NetFlow and packet analysis together

Network visibility can be quite challenging in a distributed network architecture. Here is a typical example: a number of sites are spread around the world for manufacturing while two central datacenters host all the internal applications. The internet gateway is provided by the service provider. Traffic from the remote sites can either go to the internet gateway, to another remote site, or to the datacenters.

The challenge of managing highly distributed network architecture

The network team is requested to monitor the performance for all users wherever they are located, given the facts that:

• The architecture is distributed 
• For the elements beyond the WAN router, the level of control of the central IT team is close to zero

That’s a real challenge!

Whenever end users are complaining about poor performance, there are many potential sources of performance degradations; some are out of the scope of the central IT team.

Without the adequate troubleshooting and visibility capabilities, solving such issues can be long, difficult, costly and sometimes simply impossible.

Two main approaches to network visibility: NetFlow and packet analysis

When IT teams search for possibilities to restore the visibility of their network environment, they consider two main technologies, they will look into NetFlow and Packet Analysis.

Packet analysis provides deeper insight into network traffic, while NetFlow analysis can offer a broader view. To achieve a better network visibility, the two work best when used together.

• When looking at traffic statistics, flow analysis is sufficient if you only want to see IP addresses and how much data they are transferring. Netflow monitoring can alert engineers of bandwidth hogs or anomalous behavior, help them determine traffic statistics over WAN links and provide an easy way to get network usage level visibility without the need for tapping traffic.

• However, when you want to troubleshoot performance problems, in many cases you need to see the full packet detail. Packet Analysis will provide a lot more detail at specific points on the network. Administrators will be able to monitor the detailed behavior, response times, and errors for all important applications, servers, or internet connections.

Combining both methods to maximize wide-angle network visibility and troubleshooting capabilities

SkyLIGHT PVX provides a method for bringing this data together in a common console. Since it’s the same interface, it makes it a lot easier to perform an analysis.