1 2 Previous Next


17 Posts

Watch this great video detailing how to generate and upload a sysdump from AppResponse 11.




Great video about  Riverbed Modeler Academic Edition - Licensing and Installation

Riverbed Modeler Academic Edition - Licensing and Installation - YouTube

Watch this great how to video showing how to import traces into SteelCentral Transaction Analyzer.



The big news of the NetProfiler 10.11 release is that we doubled the flow capacity. Yes, a 100% increase - from 10 million dedeuplicated flows per minute (FPM) to a whopping 20 million deduped FPM. This equates to 200 million raw flow per minute.


We also made a number of tweaks that resulted in significant performance advancements in query, I/O and reporting. But the real news is that we've been consistently making performance improvements for the past three releases and these gains are really starting to add up.


SteelCentral Flow Gateway Buffering provides data resiliency whenever there is loss of connectivity between the Flow Gateway and NetProfiler or when the NetProfiler is down. Flow Gateway temporarily stores flows on its hard drive until connectivity is restored and the flows can again be delivered to NetProfiler. When connectivity is restored, on-time flows take priority over buffered flows.


Expanding on the recent theme of menu integrations, NetProfiler 10.11 offers a more directed right-click menu option for SteelCentral AppResponse 11. Now when you right click any dashboard and UI widget with Hosts, you get a choice of AppResponse 11 appliances and then a choice of module -- either ASA, WTA, DBA. The link takes you to the Insights page for the selected modules.


NetProfilers 10.11 adds several other usability enhancements, including:

  • The ability to search for interfaces on the Navigate Network Page
  • Moving the Manage Preferred Interface List to Interface Groups
  • Ability to send and receive AppResponse 11 and NetShark flows on AUX
  • Dashboard permission changes

In this release of SteelCentral AppResponse, version 11.1.0, we introduced brand new products and features, in addition to the expected parity features that continue to fill out the AppResponse 11 capabilities.



The AppResponse 2200, 3300, 3800 models can now all upgrade to AppResponse 11. This allows these Hawk boxes to get all the new AppResponse 11 capabilities and modules without a forklift trade up. (The rest of the line will be coming soon!) However, while the upgrade process is destructive, we have created a couple of tools to help smooth things along. The first creates an AppResponse archive VM for your 9.x data. This allows you to refer to your past data but does not allow collection. This is available for both pre-AppResponse 11 upgrades & trade-ups. The second is an Import script for Business Groups and applications configurations, which allows this data to be moved to AppResponse 11 and translated to the appropriate new terminology. For example Business Group to Host Group.


The new, high-end packet capture appliance, SteelCentral AppResponse 8170, is our highest performing and offers an incredible 1.152 PB (that’s petabyte) of storage and double the RAM for increased processing. The 8170 is considered limited availability; which means the hardware is rock solid, but the software is beta and is still being tweaked in order to reach its fullest potential.


SteelCentral Transaction Analyzer Plus (TAP) not only bundles SteelCentral Packet Analyzer Plus with SteelCentral Transaction Analyzer for free, but the cost of Transaction Analyzer Plus has been reduced to $40K to make this transaction analysis and performance prediction tool more affordable for everyone.



AppResponse 11 integrates with SteelCentral Portal. AppResponse is supported on Portal version 1.5.0. With support for application information, connection requests, host groups, connection problems, and top talkers, this enhancement advances SteelCentral’s ability to manage application-aware network performance monitoring as an integral component of Portal’s blended performance management.


New Modules and Other Features

The Database Analysis (DBA) module is an optional module for SteelCentral AppResponse11 for network-based database monitoring. It’s now natively embedded into AppResponse and monitors database transactions and user activity 24x7. Watch the video.


TruePlots are scatter plots showing a metric over time. For example, it can be actual page time measurements for an individual page view or database transactions. The value of TruePlot is that it helps you easily highlight trends and anomalies.


Finally, there’s RADIUS and TACACS+ authentication, which gives AppResponse 11 users and administrators single sign on and new ways to interact with the Web UI.


So, as you can see, the AppResponse engineers were very busy these past few months cranking out great new capabilities for you to use to quickly solve network, application and database performance issues. For more information about these or other AppResponse 11 capabilities, please ask your Riverbed sales representative or partner.

SteelCentral NetProfiler 10.9.5 includes new features that improve integration with SteelCentral AppResponse 11, new ways to create custom application definitions and performance improvements. Reports now run up to 25% faster and pages load faster for flow log configurations and system information. This provides a better user experience and speeds problem resolution.


With this release, SteelCentral NetProfiler, SteelCentral NetExpress and SteelCentral Flow Gateway can now receive flow data from SteelCentral AppResponse 11. Naturally, any data sent from an AppResponse 11 can then be accessed via the click-to-packet feature from NetProfiler reports. Also as a result of this feature, NetProfiler users can auto-recognize more than 1300 applications and they have some of the fastest troubleshooting available, allowing them to go from high-level dashboard views to packets (i.e., the answers) in just a few clicks. In addition, AppResponse 11 can synchronize with NetProfiler application definitions.


We also changed the way you define custom apps. There are now three ways to map traffic attributes to an application name in order to create a custom application definition. You can map:

  • Hosts, host groups, protocols, and ports to an application name
  • Auto-recognized applications to an application name
  • URLs to an application name


The release also these ease-of-use improvements:

  • More selections for traffic unit displays. For example, you can display total traffic volumes in bytes while displaying throughputs in bits per second.
  • "Top" time series displays can be limited to a specified number of 1 to 10.
  • Notifications if a data source is caching flow records before sending or has an active timeout of greater than 60 seconds.
  • Ability to schedule monthly reports to run on a specified nth day of the month and quarterly reports to run on a specified nth day of quarter, regardless of calendar dates.
  • Ability to specify the automatic refresh interval of a Dashboard independently from the data resolution of widgets.
  • Smarter health alert notifications.

Some time ago I was running through a SteelCentral Demo with a partner in the region when they said the root cause of a problem they were having was excessive TCP retransmissions. They seemed unhappy with that, and they were unsure on what to do next. This is a prime example where knowing the basics will take over, and lacking basic knowledge will prevent you from figuring out how to solve this problem.

To figure out what is wrong boils down to the questions: how does TCP work and when will TCP retransmit? As TCP is a reliable protocol, this means that packets sent are acknowledged that they are received before the sliding window algorithm can move on. If an acknowledgement is not received then the same packet is resent until an acknowledgement is heard. So if there are TCP retransmissions that boils down to two main scenarios:

  1. The traffic never made it to the receiver or it was received and failed a data integrity check and therefore never sent an acknowledgement
  2. The acknowledgement was lost returning to the sender and was never received, OR the acknowledgement took too long (received after timeout), therefore incurring a retransmission

At this point more knowledge of the network is needed and both sides need to be examined/excluded as cause. If there are packet drops, we then need to look at causes of packet loss in the network. Some prime examples include:

  • Incorrectly configured QoS/rate limiters/queue drops
  • Over taxed network equipment which causes packet loss/delay
  • A security device in the network (or client side) that drops traffic (IPS, stateful firewall)
  • Asymmetric routing or other routing issue (black holes)

We also need to look at reasons for data corruption/excessive latency to cause retransmission.

  • Dirty/incorrect fiber types
  • SMF over very short distances (yes, using Single Mode Fiber at a short distance will cause reflections along the fiber and “echoes” that can cause incorrectly received bits at the receiving end)
  • Asymmetric routing/routing issues which can cause latency
  • Other environmental issues (I have seen things like rats gnawing on fiber and even fiber that had been thrown over a hot water pipe and was partially melted)

Please keep in mind that these are not comprehensive lists, just a “top of my head” list that I thought of in a few minutes, but again, basics are what leads me to figure out my next steps and how to address this issue.

SteelCentral AppResponse 11 and SteelCentral Packet Analyzer Plus, versions 11.0.1, are now available for upgrade for all existing NetShark xx70 customers on active maintenance on the Riverbed support site!


SteelCentral AppResponse 11 provides powerful, flexible network and application analytics and workflows to speed problem diagnosis and resolution. It combines network forensics and historical analysis, application analytics and end-user experience monitoring in a single solution so you have everything you need at your fingertips to resolve performance issues quickly.


This release of AppResponse 11 also adds:

  • Flow export to SteelCentral NetProfiler
  • Support precision time stamps and pre-slice packet length analysis from network tap aggregators, including Gigamon, Anue/IXIA, cPacket, and Arista
  • Four new virtual modules: the AppResponse 100v, 500v, 2000v and FLOWv







Secondary Storage

Up to 100GB

Up to 2TB

Up to 8TB

Up to 100GB


VMware ESXi 5.5 and 6.0





System Disk Space


Capture Ports

Up to 8

Management Ports



On an earlier version of NetShark and want AppResponse 11? Check out our trade up options or talk to your account rep for more information.



Please be advised that we just added a Splash page for the new SteelCentral Portal offering.  Please be sure to check it out at SteelCentral Portal.


Best regards,

Erik Hille, Product Marketing

SteelCentral Portal

Reference applications come in all shapes and sizes. They're generally designed to help developers learn how to use new languages, APIs, or frameworks, but they can also be extremely useful for evaluating application performance management tools, such as Riverbed® SteelCentral™ AppInternals.  In this blog post, I'm going to share my experience using the AppInternals component of SteelCentral to evaluate end-user experience with a reference application called TicketMonster.


TicketMonster is a modern web application that is representative of an online ticketing broker - providing access to events (e.g. concerts, shows, etc) through an online booking service. This application uses both Java and .NET web services in a multi-tier heterogeneous environment that is typical for many AppInternals deployments. The application map looks like this:

application map.png


The load for this application was produced in a fashion that simulated a global user base using all kinds of browsers and operating systems. AppInternals reflected these usage patterns nicely with visualizations such as those shown below:



We can use this environment to exhibit a realistic workflow for diagnosing delays which occur when customers attempt to purchase large ticket orders. In a business context, this is exactly the type of problem that would have urgency in the real-world, since users placing large orders could conceivably be the "power users" who generate the most revenue on our site.


The following video demonstrates the powerful search capabilities in AppInternals to make three key observations:

  1. Determine how often users experience slow ticket orders
  2. Identify a root cause (slowest class and slowest method)
  3. Identify the email addresses for affected users



After seeing this demo, the uninitiated may be inclined to ask,

  • "I can trace a transaction even as it executes across different servers?"
  • "I can trace a transaction that happened weeks ago?"
  • "And I even have access to call stacks that illustrate execution paths through both Java and .NET services???  WOW!"
  • "The capability to instantly access so many details for transactions in my production environment is something I absolutely must have!  Where have you been all my life!"


stick figure dialog 02.png



The TicketMonster application is well suited for showcasing many of the capabilities of AppInternals. We were able to quickly pinpoint and diagnose performance problems in TicketMonster and get immediate answers to complex business problems, such as "How can I identify our most valuable users and detect when they experience poor application performance?".

For more information about application performance management with SteelCentral AppInternals, visit www.riverbed.com/products.

Riverbed is pleased to announce the availability of VNE Server 9.0 and 17.5 PL6 versions of Network & Transport Planner, NetMapper, Sentinel and nCompass. This release includes a variety of new features, enhancements and bug fixes. Some of the key features are mentioned below. Please refer to the Release Notes for the complete list of features.

VNE Server

  • VNE Server Integration with Dashboards 2.2 with additional out of box templates and support for user-defined metrics
  • Out-of-the-box grouping of devices by vendor and function
  • Improved logging and reporting of auto-discovery and LCI process


SP Sentinel and IT Sentinel

  • All existing DISA STIG rules are now updated to support version 8 r15
  • Over 250 new hardware EOL, OS EOL and Security Vulnerability rules



  • IPv6 address and routing information in diagrams
  • Display of Nexus Virtual Port Channel (VPC) configurations
  • Display of static and dynamic IPSec tunnels for ASA firewall and IOS devices
  • Virtualization diagrams showing ASA firewall and FWSM Security contexts


SP Guru Network Planner and IT Guru Network Planner

  • Network Capacity Reports in PDF format
  • Out of the box WAN consolidation report showing potential areas for cost saving
  • Tabular reports that can be docked to the project editor for easy access


SP Guru Transport Planner

  • Single-pass multiple bit rate grooming in transport planner for core and metro networks
  • User-defined shared risk groups with a fail-together option


The Software and Release Notes can be obtained in the OPNET Network Engineering, Operations, and Planning section at https://support.riverbed.com/software/index.htm

OPNET Technologies - now part of Riverbed Technology - is pleased to announce the availability of NetOne - Riverbed's suite of products for network engineering, operations, and planning - version 17.5 PL5. Some of the key features of this release are mentioned below. Please refer to the Release Notes for the complete list of features.

SP Sentinel and IT Sentinel

  • New rules for configuration auditing of Cisco Wireless LAN Controllers
  • Rule updates to support Cisco Nexus OS for multiple rule suites including AAA, Administration, ACLs, Route Maps and System Logging
  • Sentinel Advisory Service (SAS) is now provided to all maintained Sentinel customers, with more than 400 hardware EOL rules added since 17.5 PL3


SP NetMapper and IT NetMapper

  • DMVPN (Dynamic Multipoint VPNs) diagrams displaying tunnels between spoke-and-hub devices
  • Cisco Nexus 2000 Fabric Extenders (FEX) in diagrams showing the relationship of the extenders to the switches and end-system connectivity


SP Guru Network Planner and IT Guru Network Planner 

  • Time-zone aware capacity planning reports including per-time zone business hour definitions
  • Analysis, visualization, and reporting of the effectiveness of protection provided by IP Fast Reroute/Loop Free Alternates
  • IPv6 VPN (6VPE) support for Cisco, Juniper, and Huawei
  • Layer-2 switching and bridging support for JUNOS devices including EX switches, MX routers, SRX firewalls, and SDGs (Service Delivery Gateways)


SP Guru Transport Planner 

  • Full ROADM (Reconfigurable Optical Add/Drop Multiplexer) support including representation of color-less, direction-less, and contention-less characteristics
  • Route Validation report to analyze and report on compliance of connection routes with protection requirements (i.e., diversity constraints)
  • Updated web report look-and-feel including sorting and filtering of report contents

In addition, bug fixes for all products of the NetOne suite, including nCompass, are included in the new release. 

NetOne 17.5PL5 Software and Release Notes can be obtained in the OPNET Network Engineering, Operations, and Planning section at https://support.riverbed.com/software/index.htm.

July 2013 edition of Sentinel Advisory Service update is now available for Sentinel version 17.5 PL3. This update includes 69 new rules for the security advisories and end-of-life notices listed below.


  • Security Advisories:
    1. Cisco Security Advisory - Cisco ASA 5500 Crafted URL Denial of Service Vulnerability (cisco-sa-20130410-asa)
    2. Cisco Security Advisory - Cisco ASA 5500 Denial of Service During Validation of Crafted Certificates (cisco-sa-20130410-asa)
    3. Cisco Security Advisory - Cisco ASA 5500 DNS Inspection Denial of Service Vulnerability (cisco-sa-20130410-asa)
    4. Cisco Security Advisory - Cisco ASA 5500 IKE Version 1 Denial of Service Vulnerability (cisco-sa-20130410-asa)

  • OS End-of-Life Notices:
    1. Cisco End-of-Life Notice - PIX OS Release 6.3 for PIX 500 Series
    2. Cisco End-of-Life Notice - IOS Release 12.2(18)S for 7200 / 7300 Series Routers
    3. Cisco End-of-Life Notice - IOS Release 12.2(14)S for 7200 Series Routers
    4. Cisco End-of-Life Notice - IOS Release 12.3(14)YM for 7200 Series Routers
    5. Cisco End-of-Life Notice - IOS Release 12.4(4)XD for 7200 Series and 7301 Routers

  • Hardware End-of-Life Notices:
    1. Cisco Catalyst 6500/Cisco 7600 Series Router Anomaly Guard Module and Anomaly Detector Module
    2. Cisco 4-Port Ethernet Network Module
    3. Cisco 851 Integrated Services Router
    4. Cisco 7304 Series Router
    5. Cisco 4-Port Ethernet WAN Interface Card
    6. Cisco Multiple Interface Processors
    7. Select Port Adapters for Cisco 7100, 7200, 7400 and 7500 Series Routers
    8. WAN Interface Card for Cisco 1600, 1700, 2600, 3600 and 3700 Series Routers
    9. Select Fast Ethernet Port Adapters for Cisco 7100, 7200, 7400, 7500, and the uBR7200 Series Routers
    10. Cisco 8-Port Multichannel T1 and E1 Port Adapters
    11. Cisco 1- and 2-Port T1/E1 Multiflex Voice/WAN Cards
    12. Cisco 7200 and 7500 Series Dedicated Token Ring Port Adapter
    13. Cisco 12000 Series SPA Interface Processor-600
    14. Select Cisco Second-Generation 2-Port Voice Interface Cards
    15. Cisco Interface Card and 4- and 8-Port ISDN BRI S/T Network Modules
    16. Cisco Application Runtime Environment Advanced Integration Module
    17. Cisco 1-Port GBIC Gigabit Ethernet Network Module
    18. Cisco 16-Channel DSP Module for High-Density Analog Voice/Fax Network Modules
    19. Cisco 3G Wireless High-Speed WAN Interface Card
    20. Select Parts for Cisco Unified Videoconferencing 3500 and 5200 Series Products
    21. Cisco Content Switching Module with SSL
    22. Cisco 7200VXR and uBR7200 Series NPE-400 Network Processing Engine
    23. Cisco 7600 IPSec VPN System Bundle
    24. Cisco Catalyst 6500 Supervisor Engine 32 PISA
    25. Cisco 4-Port E1 G.703 Serial Port Adapters
    26. Cisco 8-Port X.21 Serial Port Adapter
    27. Cisco ASR 1000 RP1 2-GB DRAM Memory Module
    28. Cisco 8-Port 100BASE-TX Fast Ethernet Shared Port Adapter (Gila ASIC)
    29. Cisco 8-Port Gigabit Ethernet Shared Port Adapter
    30. Cisco 10-Port Gigabit Ethernet Shared Port Adapter
    31. Cisco 7600/Catalyst 6500 IPsec VPN SPA and Carrier Module
    32. Cisco 1-Port 100BASE-FX Fast Ethernet Network Module Version 2
    33. Cisco 7600 Series Ethernet Services 20 Gbps (ES20) Line Card
    34. Cisco 2-Port Gigabit Ethernet Shared Port Adapter
    35. Cisco CRS 1-Port OC-768C/STM-256C Tunable WDMPOS Interface Module
    36. Cisco 1811 Fixed Configuration Models
    37. Cisco 1812 Fixed Configuration Models
    38. Cisco 2- and 4-Port Multichannel T1 Port Adapters with Integrated CSU/DSUs
    39. Cisco 2621XM-DC Multiservice Router
    40. Cisco 1- and 2-Port 10/100 Ethernet 2-WAN Card Slot Network Modules
    41. Cisco 1805 Integrated Services Router
    42. Cisco Catalyst 3750 Series Integrated Wireless LAN Controllers
    43. Cisco 4-Pair Symmetric High-Bit-Rate DSL High-Speed WAN Interface Cards
    44. Cisco 32-port Async/Sync Serial Network Module
    45. Cisco ASR 5000 Packet Services Card (PSC) 16GB
    46. Cisco ASR 5000 Ethernet and Optical Line Cards
    47. Cisco CSS 11500 Series Content Services Switches (EOL8150)
    48. Cisco 3800 Series Integrated Services Routers
    49. Cisco 1841 Integrated Services Router
    50. CiscoPro CPA1100 Series
    51. 16-Port 10/100 Ethernet Modules and Gigabit Ethernet Daughter Card for Multiple Cisco Routers
    52. Cisco 7600 Series Ethernet Services Plus 2TG and 4TG Line Cards
    53. Cisco High-Performance ATM SAR AIM Modules and Bundles
    54. Cisco XR 12000 Series IPSec VPN Shared Port Adapter
    55. Cisco 3200 Series Mobile Access Router - Selected Components
    56. Cisco ADSL2 and ADSL2+ High-Speed WAN Interface Cards
    57. Cisco 5-Port Gigabit Ethernet Shared Port Adapter
    58. Cisco 2-Port OC-3c/STM-1c ATM Shared Port Adapter
    59. Cisco 4-Port OC-3c/STM-1c ATM Shared Port Adapter
    60. Cisco 1-Port OC-12c/STM-4c ATM Shared Port Adapter

You can download this update directly from Sentinel product by:

  • Adding an automation step to download new advisories (See user guide section: "Modules / NetDoctor / Sentinel Advisory Service"), or
  • Manually selecting NetDoctor / Advisories / Download Now

All customers with active maintenance contracts should be able to set up the above automation step for monthly advisory downloads.

You can also download the installer from https://sas.opnet.com/updates (requires login).

Please refer to following workflows in Sentinel documentation on how to enable and use the advisories:

  • Auditing Networks Against OS End-of-Life Notices
  • Auditing Networks Against Hardware End-of-Life notices
  • Auditing Networks Against Vulnerability Notices


Please contact Riverbed Technical Support with your questions/comments.



Sentinel Product Management

Here are 3 simple steps to help get you going with your SteelCentral deployment


1.  Read the SteelCentral NetProfiler product docs (from Riverbed support site)


2.  Watch a demo / tutorial video


SteelCentral NetProfiler and Flow Gateway:

Problem Identification with Cascade

VXLAN Monitoring with Cascade (Video)

SteelCentral NetShark and Packet Analyzer:

Intro to Cascade Pilot and Cascade Shark

Configuring a Cascade Shark Appliance (Video)

Cascade Pilot Reporting (Video)

Cascade Pilot - Time Control (Video)

Cascade for Wireless

Demo of Cascade Pilot (Video)


3.  Peruse the appropriate SteelCentral discussion forum and ask a question


Cascade Profiler & Gateway

Cascade Shark and Pilot


Filter Blog

By date:
By tag: