securactive - technical workshop - network analyser & application performance management...
DESCRIPTION
SecurActive is a Network & Application Performance Analyser. If you are interested about SecurActive solutions, please feel free to contact us: [email protected]TRANSCRIPT
SecurActive workshop
"Why a network behaviour analysis solution is now
indispensable for the management of your network?“
18th November, 2009
© 2009 SecurActive. Proprietary and Confidential
Agenda
• 9.00: Welcome - Coffee and croissants
• 9.35 : Conference and Exchanges: "Why a network behaviour analysis solution is
now indispensable for the management of your network?“
– the new challenges for Network and Security managers
– NBA solutions: vital tools for your daily network management
– SecurActive NSS, an innovative Network Behavior Analysis solution
• 10h30 : Overview of SecurActive NSS in a real environment
© 2009 SecurActive. Proprietary and Confidential
SecurActive overview
© 2009 SecurActive. Proprietary and Confidential
Corporate Profile
European vendor based in Paris (France), since
2004 with solid investor funding
Develop and sell SecurActive NSS, the new network
& application performance analysis solutions
Distributed throughout Western Europe through a 1
tier channel
European leader of the Network Behavior Analysis
Market (“Red Herring 100 Europe Winner” 2008 )
More than 450 customers in Western Europe
© 2009 SecurActive. Proprietary and Confidential
© 2009 SecurActive. Proprietary and Confidential
The new challenges of your daily network
management
© 2009 SecurActive. Proprietary and Confidential
Networks are growing
up and are much more
complex to manage
More demanding
Varied usages
Growing autonomy
Change in user behaviour
Frequent modifications of network architecture
Unclear perimeters of private networks
New Network Usage
© 2009 SecurActive. Proprietary and Confidential
Complexity
Visibility
© 2009 SecurActive. Proprietary and Confidential
NBA stands for
Network
Behaviour
Analysis
© 2009 SecurActive. Proprietary and Confidential
Overview of NBA solutions
© 2009 SecurActive. Proprietary and Confidential
Main features of a NBA solution
NBA SolutionIP Flow analysis
Storage, presentation
Capture of strategic flows
Diagnostic
and Troubleshooting
Analysis of Network
and Application behaviours
Private
network security
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS, a NBA solution
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS’s - Our Approach
Classical network analysis approach
Large volume of data to be
analysed
SecurActive NSS approach
Dashboard Network map Graphs
Details
1 to 5 clicks from synthesis
to detail
Report
Application Performance
SecurActive, a NBA solution
Capture of strategic flows
Network usage and flow mapping
Security/Network
© 2009 SecurActive. Proprietary and Confidential
SecurActive How it works?
NSS Sniffer
BusinessContext
Network map Graphs DetailsDashboard
Alert
Storage
Networkaggregatio
n
Securityaggregatio
n
Alert engine
Query engineGUIReport
© 2009 SecurActive. Proprietary and Confidential
SecurActive NSS, a NBA Solution
• Real time data• Historical data
• Easy to implement
• No additional point of Failure
• According to your own network context
• Email• Reporting• Graphical
interface
Period Time
AnalysisPassive
Tailored configurati
onInformatio
n
© 2009 SecurActive. Proprietary and Confidential
A passive, agentless deployment
in your Network
Non intrusive integration Agentless deployment
Appliance with 2 to 9 listening ports
Implementation via either a port
mirroring or a TAP
SecurActiveManagement
SecurActive NSS
SecurActive reporting
Listening ports
Administration port
Synthetic presentation based on client
network Custom application
IP Zones
Network and Security alerts
© 2009 SecurActive. Proprietary and Confidential
SecurActive – Range of solutionsPe
rfor
man
ce
Remote Office/Medium Enterprise
Large Enterprise
NSS-2007 GE (+1GE)
Set of appliances to address every kind of
needs.
NSS-5008 GE + 2 additional interfaces
NSS-1002GE +1FE (+1FE)
NSS-102FE (+1 FE)
NSS-8008 GE + 2 SPF + 1 additional interface
© 2009 SecurActive. Proprietary and Confidential
Demonstration
© 2009 SecurActive. Proprietary and Confidential
Example of a Proof of Concept
• Analysis of your strategical traffic
• Switch – port mirroring
• SecurActive’s tuning Custom application
IP Zones
Network and Security alerts
Reporting
Half a day
I want to centralise one of my
vital applications
Server
Main network Remote site
WAN network
Wa
Wb
ERP ERP
Server
Main network
Remote site
WAN network
Wa
Wb
ERP
Remote site
WAN network
Wb
Bandwidth analysis
Response time analysisApplicationLAN WAN
Server
WaERP
The network does not have
correct configuration for its
back-up program.
© 2009 SecurActive. Proprietary and Confidential
Situation
– Regional French newspaper group– Has numerous news agencies, some of which are located in zones that
are not equipped with high speed Internet access– Some journalists have difficulties transmitting their articles on time
because of a slow network.
Without SecurActive– No one is able to determine the cause of the slowdown.– Simple ping measures are made and obtain normal results on the
network’s lines at 64kbps.– The problem persists for weeks.
People are complaining about
my ERP. Why?
© 2009 SecurActive. Proprietary and Confidential
TCP Connection Time
WAN network
ClientServer
SYN
SYNACK
ACK
Connection Time
time
© 2009 SecurActive. Proprietary and Confidential
Round Trip Time In
WAN network
ClientServer
RTTin
time
Data
ACK
© 2009 SecurActive. Proprietary and Confidential
Round Trip Time Out
WAN networkClientServer
RTTout
time
Data
ACK
© 2009 SecurActive. Proprietary and Confidential
Application Response Time
WAN network
ClientServer
ART
time
Applicative request
1st packet of applicative response
Applicativetreatment
© 2009 SecurActive. Proprietary and Confidential
Retransmission delay
WAN network
ClientServer
RD
time
Non-acknowledged packet
First acknowledged packet
ACK
Where are my misconfigured
devices in my LAN?
© 2009 SecurActive. Proprietary and Confidential
ICMP Errors
Client Server
« Host unreachable »
Why is my internet so slow?
© 2009 SecurActive. Proprietary and Confidential
Situation
– This is a service company– The work culture is liberal and there is complete trust on network
users.– Access to the Internet is usually slow
Without SecurActive:– poor quality of the link?– the illegal use of the Internet?– or the insufficient bandwidth?
© 2009 SecurActive. Proprietary and Confidential
Conclusion
© 2009 SecurActive. Proprietary and Confidential
Conclusion – Why people use
SecurActive?
Manage network quality of service and
applications Optimise application deployment process
Maximise the quality of your network
Management of network suppliers (telcos) & SLAs
Increase internal security Understand real network usage
Track security issues
Identify non-compliant usage
Diagnose and debug faster Increase helpdesk efficiency
Have a proactive approach to quality of service
Improve user experience
Make best decisions on your network
architecture Improved capacity planning
Reduce costs and limit inefficient investments
© 2009 SecurActive. Proprietary and Confidential
Next Steps
If you are interested about having a Proof of Concept or a customer meeting,
please feel free to contact us:
Rodolphe Lafargue
M. +33 6 59 33 98 81