securactive - technical workshop - network analyser & application performance management...

SecurActive workshop

"Why a network behaviour analysis solution is now

indispensable for the management of your network?“

18th November, 2009

© 2009 SecurActive. Proprietary and Confidential

Agenda

• 9.00: Welcome - Coffee and croissants

• 9.35 : Conference and Exchanges: "Why a network behaviour analysis solution is

now indispensable for the management of your network?“

– the new challenges for Network and Security managers

– NBA solutions: vital tools for your daily network management

– SecurActive NSS, an innovative Network Behavior Analysis solution

• 10h30 : Overview of SecurActive NSS in a real environment


SecurActive overview


Corporate Profile

European vendor based in Paris (France), since

2004 with solid investor funding

Develop and sell SecurActive NSS, the new network

& application performance analysis solutions

Distributed throughout Western Europe through a 1

tier channel

European leader of the Network Behavior Analysis

Market (“Red Herring 100 Europe Winner” 2008 )

More than 450 customers in Western Europe



The new challenges of your daily network

management


Networks are growing

up and are much more

complex to manage

More demanding

Varied usages

Growing autonomy

Change in user behaviour

Frequent modifications of network architecture

Unclear perimeters of private networks

New Network Usage


Complexity

Visibility


NBA stands for

Network

Behaviour

Analysis


Overview of NBA solutions


Main features of a NBA solution

NBA SolutionIP Flow analysis

Storage, presentation

Capture of strategic flows

Diagnostic

and Troubleshooting

Analysis of Network

and Application behaviours

Private

network security


SecurActive NSS, a NBA solution


SecurActive NSS’s - Our Approach

Classical network analysis approach

Large volume of data to be

analysed

SecurActive NSS approach

Dashboard Network map Graphs

Details

1 to 5 clicks from synthesis

to detail

Report

Application Performance

SecurActive, a NBA solution

Capture of strategic flows

Network usage and flow mapping

Security/Network


SecurActive How it works?

NSS Sniffer

BusinessContext

Network map Graphs DetailsDashboard

Alert

Storage

Networkaggregatio

n

Securityaggregatio

n

Alert engine

Query engineGUIReport


SecurActive NSS, a NBA Solution

• Real time data• Historical data

• Easy to implement

• No additional point of Failure

• According to your own network context

• Email• Reporting• Graphical

interface

Period Time

AnalysisPassive

Tailored configurati

onInformatio

n


A passive, agentless deployment

in your Network

Non intrusive integration Agentless deployment

Appliance with 2 to 9 listening ports

Implementation via either a port

mirroring or a TAP

SecurActiveManagement

SecurActive NSS

SecurActive reporting

Listening ports

Administration port

Synthetic presentation based on client

network Custom application

IP Zones

Network and Security alerts


SecurActive – Range of solutionsPe

rfor

man

ce

Remote Office/Medium Enterprise

Large Enterprise

NSS-2007 GE (+1GE)

Set of appliances to address every kind of

needs.

NSS-5008 GE + 2 additional interfaces

NSS-1002GE +1FE (+1FE)

NSS-102FE (+1 FE)

NSS-8008 GE + 2 SPF + 1 additional interface


Demonstration


Example of a Proof of Concept

• Analysis of your strategical traffic

• Switch – port mirroring

• SecurActive’s tuning Custom application

IP Zones

Network and Security alerts

Reporting

Half a day

I want to centralise one of my

vital applications

Server

Main network Remote site

WAN network

Wa

Wb

ERP ERP

Server

Main network

Remote site

WAN network

Wa

Wb

ERP

Remote site

WAN network

Wb

Bandwidth analysis

Response time analysisApplicationLAN WAN

Server

WaERP

The network does not have

correct configuration for its

back-up program.


Situation

– Regional French newspaper group– Has numerous news agencies, some of which are located in zones that

are not equipped with high speed Internet access– Some journalists have difficulties transmitting their articles on time

because of a slow network.

Without SecurActive– No one is able to determine the cause of the slowdown.– Simple ping measures are made and obtain normal results on the

network’s lines at 64kbps.– The problem persists for weeks.

People are complaining about

my ERP. Why?


TCP Connection Time

WAN network

ClientServer

SYN

SYNACK

ACK

Connection Time

time


Round Trip Time In

WAN network

ClientServer

RTTin

time

Data

ACK


Round Trip Time Out

WAN networkClientServer

RTTout

time

Data

ACK


Application Response Time

WAN network

ClientServer

ART

time

Applicative request

1st packet of applicative response

Applicativetreatment


Retransmission delay

WAN network

ClientServer

RD

time

Non-acknowledged packet

First acknowledged packet

ACK

Where are my misconfigured

devices in my LAN?


ICMP Errors

Client Server

« Host unreachable »

Why is my internet so slow?


Situation

– This is a service company– The work culture is liberal and there is complete trust on network

users.– Access to the Internet is usually slow

Without SecurActive:– poor quality of the link?– the illegal use of the Internet?– or the insufficient bandwidth?


Conclusion


Conclusion – Why people use

SecurActive?

Manage network quality of service and

applications Optimise application deployment process

Maximise the quality of your network

Management of network suppliers (telcos) & SLAs

Increase internal security Understand real network usage

Track security issues

Identify non-compliant usage

Diagnose and debug faster Increase helpdesk efficiency

Have a proactive approach to quality of service

Improve user experience

Make best decisions on your network

architecture Improved capacity planning

Reduce costs and limit inefficient investments


Next Steps

If you are interested about having a Proof of Concept or a customer meeting,

please feel free to contact us:

Rodolphe Lafargue

M. +33 6 59 33 98 81

[email protected]

mailto:[email protected]

securactive - technical workshop - network analyser & application performance management...

Technology