SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions
-
Upload
rlafargue -
Category
Technology
-
view
1.453 -
download
0
description
Transcript of SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions
![Page 1: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/1.jpg)
SecurActive workshop
"Why a network behaviour analysis solution is now
indispensable for the management of your network?“
18th November, 2009
![Page 2: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/2.jpg)
© 2009 SecurActive. Proprietary and Confidential
Agenda
• 9.00: Welcome - Coffee and croissants
• 9.35 : Conference and Exchanges: "Why a network behaviour analysis solution is
now indispensable for the management of your network?“
– the new challenges for Network and Security managers
– NBA solutions: vital tools for your daily network management
– SecurActive NSS, an innovative Network Behavior Analysis solution
• 10h30 : Overview of SecurActive NSS in a real environment
![Page 3: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/3.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive overview
![Page 4: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/4.jpg)
© 2009 SecurActive. Proprietary and Confidential
Corporate Profile
European vendor based in Paris (France), since
2004 with solid investor funding
Develop and sell SecurActive NSS, the new network
& application performance analysis solutions
Distributed throughout Western Europe through a 1
tier channel
European leader of the Network Behavior Analysis
Market (“Red Herring 100 Europe Winner” 2008 )
![Page 5: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/5.jpg)
More than 450 customers in Western Europe
© 2009 SecurActive. Proprietary and Confidential
![Page 6: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/6.jpg)
© 2009 SecurActive. Proprietary and Confidential
The new challenges of your daily network
management
![Page 7: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/7.jpg)
© 2009 SecurActive. Proprietary and Confidential
Networks are growing
up and are much more
complex to manage
More demanding
Varied usages
Growing autonomy
Change in user behaviour
Frequent modifications of network architecture
Unclear perimeters of private networks
New Network Usage
![Page 8: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/8.jpg)
© 2009 SecurActive. Proprietary and Confidential
Complexity
Visibility
![Page 9: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/9.jpg)
© 2009 SecurActive. Proprietary and Confidential
NBA stands for
Network
Behaviour
Analysis
![Page 10: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/10.jpg)
© 2009 SecurActive. Proprietary and Confidential
Overview of NBA solutions
![Page 11: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/11.jpg)
© 2009 SecurActive. Proprietary and Confidential
Main features of a NBA solution
NBA SolutionIP Flow analysis
Storage, presentation
Capture of strategic flows
Diagnostic
and Troubleshooting
Analysis of Network
and Application behaviours
Private
network security
![Page 12: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/12.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS, a NBA solution
![Page 13: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/13.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS’s - Our Approach
Classical network analysis approach
Large volume of data to be
analysed
SecurActive NSS approach
Dashboard Network map Graphs
Details
1 to 5 clicks from synthesis
to detail
Report
![Page 14: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/14.jpg)
Application Performance
SecurActive, a NBA solution
Capture of strategic flows
Network usage and flow mapping
Security/Network
![Page 15: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/15.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive How it works?
NSS Sniffer
BusinessContext
Network map Graphs DetailsDashboard
Alert
Storage
Networkaggregatio
n
Securityaggregatio
n
Alert engine
Query engineGUIReport
![Page 16: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/16.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS, a NBA Solution
• Real time data• Historical data
• Easy to implement
• No additional point of Failure
• According to your own network context
• Email• Reporting• Graphical
interface
Period Time
AnalysisPassive
Tailored configurati
onInformatio
n
![Page 17: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/17.jpg)
© 2009 SecurActive. Proprietary and Confidential
A passive, agentless deployment
in your Network
Non intrusive integration Agentless deployment
Appliance with 2 to 9 listening ports
Implementation via either a port
mirroring or a TAP
SecurActiveManagement
SecurActive NSS
SecurActive reporting
Listening ports
Administration port
Synthetic presentation based on client
network Custom application
IP Zones
Network and Security alerts
![Page 18: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/18.jpg)
© 2009 SecurActive. Proprietary and Confidential
SecurActive – Range of solutionsPe
rfor
man
ce
Remote Office/Medium Enterprise
Large Enterprise
NSS-2007 GE (+1GE)
Set of appliances to address every kind of
needs.
NSS-5008 GE + 2 additional interfaces
NSS-1002GE +1FE (+1FE)
NSS-102FE (+1 FE)
NSS-8008 GE + 2 SPF + 1 additional interface
![Page 19: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/19.jpg)
© 2009 SecurActive. Proprietary and Confidential
Demonstration
![Page 20: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/20.jpg)
© 2009 SecurActive. Proprietary and Confidential
Example of a Proof of Concept
• Analysis of your strategical traffic
• Switch – port mirroring
• SecurActive’s tuning Custom application
IP Zones
Network and Security alerts
Reporting
Half a day
![Page 21: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/21.jpg)
I want to centralise one of my
vital applications
![Page 22: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/22.jpg)
Server
Main network Remote site
WAN network
Wa
Wb
ERP ERP
![Page 23: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/23.jpg)
Server
Main network
Remote site
WAN network
Wa
Wb
ERP
![Page 24: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/24.jpg)
Remote site
WAN network
Wb
Bandwidth analysis
Response time analysisApplicationLAN WAN
Server
WaERP
![Page 25: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/25.jpg)
The network does not have
correct configuration for its
back-up program.
![Page 26: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/26.jpg)
© 2009 SecurActive. Proprietary and Confidential
Situation
– Regional French newspaper group– Has numerous news agencies, some of which are located in zones that
are not equipped with high speed Internet access– Some journalists have difficulties transmitting their articles on time
because of a slow network.
Without SecurActive– No one is able to determine the cause of the slowdown.– Simple ping measures are made and obtain normal results on the
network’s lines at 64kbps.– The problem persists for weeks.
![Page 27: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/27.jpg)
People are complaining about
my ERP. Why?
![Page 28: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/28.jpg)
© 2009 SecurActive. Proprietary and Confidential
TCP Connection Time
WAN network
ClientServer
SYN
SYNACK
ACK
Connection Time
time
![Page 29: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/29.jpg)
© 2009 SecurActive. Proprietary and Confidential
Round Trip Time In
WAN network
ClientServer
RTTin
time
Data
ACK
![Page 30: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/30.jpg)
© 2009 SecurActive. Proprietary and Confidential
Round Trip Time Out
WAN networkClientServer
RTTout
time
Data
ACK
![Page 31: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/31.jpg)
© 2009 SecurActive. Proprietary and Confidential
Application Response Time
WAN network
ClientServer
ART
time
Applicative request
1st packet of applicative response
Applicativetreatment
![Page 32: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/32.jpg)
© 2009 SecurActive. Proprietary and Confidential
Retransmission delay
WAN network
ClientServer
RD
time
Non-acknowledged packet
First acknowledged packet
ACK
![Page 33: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/33.jpg)
Where are my misconfigured
devices in my LAN?
![Page 34: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/34.jpg)
© 2009 SecurActive. Proprietary and Confidential
ICMP Errors
Client Server
« Host unreachable »
![Page 35: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/35.jpg)
Why is my internet so slow?
![Page 36: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/36.jpg)
© 2009 SecurActive. Proprietary and Confidential
Situation
– This is a service company– The work culture is liberal and there is complete trust on network
users.– Access to the Internet is usually slow
Without SecurActive:– poor quality of the link?– the illegal use of the Internet?– or the insufficient bandwidth?
![Page 37: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/37.jpg)
© 2009 SecurActive. Proprietary and Confidential
Conclusion
![Page 38: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/38.jpg)
© 2009 SecurActive. Proprietary and Confidential
Conclusion – Why people use
SecurActive?
Manage network quality of service and
applications Optimise application deployment process
Maximise the quality of your network
Management of network suppliers (telcos) & SLAs
Increase internal security Understand real network usage
Track security issues
Identify non-compliant usage
Diagnose and debug faster Increase helpdesk efficiency
Have a proactive approach to quality of service
Improve user experience
Make best decisions on your network
architecture Improved capacity planning
Reduce costs and limit inefficient investments
![Page 39: SecurActive - Technical Workshop - Network Analyser & Application Performance Management Solutions](https://reader036.fdocuments.us/reader036/viewer/2022081413/546c3c36af795967298b4f5b/html5/thumbnails/39.jpg)
© 2009 SecurActive. Proprietary and Confidential
Next Steps
If you are interested about having a Proof of Concept or a customer meeting,
please feel free to contact us:
Rodolphe Lafargue
M. +33 6 59 33 98 81