The big news of the NetProfiler 10.11 release is that we doubled the flow capacity. Yes, a 100% increase - from 10 million dedeuplicated flows per minute (FPM) to a whopping 20 million deduped FPM. This equates to 200 million raw flow per minute.
We also made a number of tweaks that resulted in significant performance advancements in query, I/O and reporting. But the real news is that we've been consistently making performance improvements for the past three releases and these gains are really starting to add up.
SteelCentral Flow Gateway Buffering provides data resiliency whenever there is loss of connectivity between the Flow Gateway and NetProfiler or when the NetProfiler is down. Flow Gateway temporarily stores flows on its hard drive until connectivity is restored and the flows can again be delivered to NetProfiler. When connectivity is restored, on-time flows take priority over buffered flows.
Expanding on the recent theme of menu integrations, NetProfiler 10.11 offers a more directed right-click menu option for SteelCentral AppResponse 11. Now when you right click any dashboard and UI widget with Hosts, you get a choice of AppResponse 11 appliances and then a choice of module -- either ASA, WTA, DBA. The link takes you to the Insights page for the selected modules.
NetProfilers 10.11 adds several other usability enhancements, including:
The ability to search for interfaces on the Navigate Network Page
Moving the Manage Preferred Interface List to Interface Groups
Ability to send and receive AppResponse 11 and NetShark flows on AUX
In this release of SteelCentral AppResponse, version 11.1.0, we introduced brand new products and features, in addition to the expected parity features that continue to fill out the AppResponse 11 capabilities.
The AppResponse 2200, 3300, 3800 models can now all upgrade to AppResponse 11. This allows these Hawk boxes to get all the new AppResponse 11 capabilities and modules without a forklift trade up. (The rest of the line will be coming soon!) However, while the upgrade process is destructive, we have created a couple of tools to help smooth things along. The first creates an AppResponse archive VM for your 9.x data. This allows you to refer to your past data but does not allow collection. This is available for both pre-AppResponse 11 upgrades & trade-ups. The second is an Import script for Business Groups and applications configurations, which allows this data to be moved to AppResponse 11 and translated to the appropriate new terminology. For example Business Group to Host Group.
The new, high-end packet capture appliance, SteelCentral AppResponse 8170, is our highest performing and offers an incredible 1.152 PB (that’s petabyte) of storage and double the RAM for increased processing. The 8170 is considered limited availability; which means the hardware is rock solid, but the software is beta and is still being tweaked in order to reach its fullest potential.
SteelCentral Transaction Analyzer Plus (TAP) not only bundles SteelCentral Packet Analyzer Plus with SteelCentral Transaction Analyzer for free, but the cost of Transaction Analyzer Plus has been reduced to $40K to make this transaction analysis and performance prediction tool more affordable for everyone.
AppResponse 11 integrates with SteelCentral Portal. AppResponse is supported on Portal version 1.5.0. With support for application information, connection requests, host groups, connection problems, and top talkers, this enhancement advances SteelCentral’s ability to manage application-aware network performance monitoring as an integral component of Portal’s blended performance management.
New Modules and Other Features
The Database Analysis (DBA) module is an optional module for SteelCentral AppResponse11 for network-based database monitoring. It’s now natively embedded into AppResponse and monitors database transactions and user activity 24x7. Watch the video.
TruePlots are scatter plots showing a metric over time. For example, it can be actual page time measurements for an individual page view or database transactions. The value of TruePlot is that it helps you easily highlight trends and anomalies.
Finally, there’s RADIUS and TACACS+ authentication, which gives AppResponse 11 users and administrators single sign on and new ways to interact with the Web UI.
So, as you can see, the AppResponse engineers were very busy these past few months cranking out great new capabilities for you to use to quickly solve network, application and database performance issues. For more information about these or other AppResponse 11 capabilities, please ask your Riverbed sales representative or partner.
SteelCentral NetProfiler 10.9.5 includes new features that improve integration with SteelCentral AppResponse 11, new ways to create custom application definitions and performance improvements. Reports now run up to 25% faster and pages load faster for flow log configurations and system information. This provides a better user experience and speeds problem resolution.
With this release, SteelCentral NetProfiler, SteelCentral NetExpress and SteelCentral Flow Gateway can now receive flow data from SteelCentral AppResponse 11. Naturally, any data sent from an AppResponse 11 can then be accessed via the click-to-packet feature from NetProfiler reports. Also as a result of this feature, NetProfiler users can auto-recognize more than 1300 applications and they have some of the fastest troubleshooting available, allowing them to go from high-level dashboard views to packets (i.e., the answers) in just a few clicks. In addition, AppResponse 11 can synchronize with NetProfiler application definitions.
We also changed the way you define custom apps. There are now three ways to map traffic attributes to an application name in order to create a custom application definition. You can map:
Hosts, host groups, protocols, and ports to an application name
Auto-recognized applications to an application name
URLs to an application name
The release also these ease-of-use improvements:
More selections for traffic unit displays. For example, you can display total traffic volumes in bytes while displaying throughputs in bits per second.
"Top" time series displays can be limited to a specified number of 1 to 10.
Notifications if a data source is caching flow records before sending or has an active timeout of greater than 60 seconds.
Ability to schedule monthly reports to run on a specified nth day of the month and quarterly reports to run on a specified nth day of quarter, regardless of calendar dates.
Ability to specify the automatic refresh interval of a Dashboard independently from the data resolution of widgets.
Some time ago I was running through a SteelCentral Demo with a partner in the region when they said the root cause of a problem they were having was excessive TCP retransmissions. They seemed unhappy with that, and they were unsure on what to do next. This is a prime example where knowing the basics will take over, and lacking basic knowledge will prevent you from figuring out how to solve this problem.
To figure out what is wrong boils down to the questions: how does TCP work and when will TCP retransmit? As TCP is a reliable protocol, this means that packets sent are acknowledged that they are received before the sliding window algorithm can move on. If an acknowledgement is not received then the same packet is resent until an acknowledgement is heard. So if there are TCP retransmissions that boils down to two main scenarios:
The traffic never made it to the receiver or it was received and failed a data integrity check and therefore never sent an acknowledgement
The acknowledgement was lost returning to the sender and was never received, OR the acknowledgement took too long (received after timeout), therefore incurring a retransmission
At this point more knowledge of the network is needed and both sides need to be examined/excluded as cause. If there are packet drops, we then need to look at causes of packet loss in the network. Some prime examples include:
Over taxed network equipment which causes packet loss/delay
A security device in the network (or client side) that drops traffic (IPS, stateful firewall)
Asymmetric routing or other routing issue (black holes)
We also need to look at reasons for data corruption/excessive latency to cause retransmission.
Dirty/incorrect fiber types
SMF over very short distances (yes, using Single Mode Fiber at a short distance will cause reflections along the fiber and “echoes” that can cause incorrectly received bits at the receiving end)
Asymmetric routing/routing issues which can cause latency
Other environmental issues (I have seen things like rats gnawing on fiber and even fiber that had been thrown over a hot water pipe and was partially melted)
Please keep in mind that these are not comprehensive lists, just a “top of my head” list that I thought of in a few minutes, but again, basics are what leads me to figure out my next steps and how to address this issue.
SteelCentral AppResponse 11 and SteelCentral Packet Analyzer Plus, versions 11.0.1, are now available for upgrade for all existing NetShark xx70 customers on active maintenance on the Riverbed support site!
SteelCentral AppResponse 11 provides powerful, flexible network and application analytics and workflows to speed problem diagnosis and resolution. It combines network forensics and historical analysis, application analytics and end-user experience monitoring in a single solution so you have everything you need at your fingertips to resolve performance issues quickly.
This release of AppResponse 11 also adds:
Flow export to SteelCentral NetProfiler
Support precision time stamps and pre-slice packet length analysis from network tap aggregators, including Gigamon, Anue/IXIA, cPacket, and Arista
Four new virtual modules: the AppResponse 100v, 500v, 2000v and FLOWv
Up to 100GB
Up to 2TB
Up to 8TB
Up to 100GB
VMware ESXi 5.5 and 6.0
System Disk Space
Up to 8
On an earlier version of NetShark and want AppResponse 11? Check out our trade up options or talk to your account rep for more information.
Reference applications come in all shapes and sizes. They're generally designed to help developers learn how to use new languages, APIs, or frameworks, but they can also be extremely useful for evaluating application performance management tools, such as Riverbed® SteelCentral™ AppInternals. In this blog post, I'm going to share my experience using the AppInternals component of SteelCentral to evaluate end-user experience with a reference application called TicketMonster.
TicketMonster is a modern web application that is representative of an online ticketing broker - providing access to events (e.g. concerts, shows, etc) through an online booking service. This application uses both Java and .NET web services in a multi-tier heterogeneous environment that is typical for many AppInternals deployments. The application map looks like this:
The load for this application was produced in a fashion that simulated a global user base using all kinds of browsers and operating systems. AppInternals reflected these usage patterns nicely with visualizations such as those shown below:
We can use this environment to exhibit a realistic workflow for diagnosing delays which occur when customers attempt to purchase large ticket orders. In a business context, this is exactly the type of problem that would have urgency in the real-world, since users placing large orders could conceivably be the "power users" who generate the most revenue on our site.
The following video demonstrates the powerful search capabilities in AppInternals to make three key observations:
Determine how often users experience slow ticket orders
Identify a root cause (slowest class and slowest method)
Identify the email addresses for affected users
After seeing this demo, the uninitiated may be inclined to ask,
"I can trace a transaction even as it executes across different servers?"
"I can trace a transaction that happened weeks ago?"
"And I even have access to call stacks that illustrate execution paths through both Java and .NET services??? WOW!"
"The capability to instantly access so many details for transactions in my production environment is something I absolutely must have! Where have you been all my life!"
The TicketMonster application is well suited for showcasing many of the capabilities of AppInternals. We were able to quickly pinpoint and diagnose performance problems in TicketMonster and get immediate answers to complex business problems, such as "How can I identify our most valuable users and detect when they experience poor application performance?".
For more information about application performance management with SteelCentral AppInternals, visit www.riverbed.com/products.
Riverbed is pleased to announce the availability of VNE Server 9.0 and 17.5 PL6 versions of Network & Transport Planner, NetMapper, Sentinel and nCompass. This release includes a variety of new features, enhancements and bug fixes. Some of the key features are mentioned below. Please refer to the Release Notes for the complete list of features.
OPNET Technologies - now part of Riverbed Technology - is pleased to announce the availability of NetOne - Riverbed's suite of products for network engineering, operations, and planning - version 17.5 PL5. Some of the key features of this release are mentioned below. Please refer to the Release Notes for the complete list of features.
SP Sentinel and IT Sentinel
New rules for configuration auditing of Cisco Wireless LAN Controllers
Rule updates to support Cisco Nexus OS for multiple rule suites including AAA, Administration, ACLs, Route Maps and System Logging
Sentinel Advisory Service (SAS) is now provided to all maintained Sentinel customers, with more than 400 hardware EOL rules added since 17.5 PL3
SP NetMapperand IT NetMapper
DMVPN (Dynamic Multipoint VPNs) diagrams displaying tunnels between spoke-and-hub devices
Cisco Nexus 2000 Fabric Extenders (FEX) in diagrams showing the relationship of the extenders to the switches and end-system connectivity
SP Guru Network Planner and IT Guru Network Planner
Time-zone aware capacity planning reports including per-time zone business hour definitions
Analysis, visualization, and reporting of the effectiveness of protection provided by IP Fast Reroute/Loop Free Alternates
IPv6 VPN (6VPE) support for Cisco, Juniper, and Huawei
Layer-2 switching and bridging support for JUNOS devices including EX switches, MX routers, SRX firewalls, and SDGs (Service Delivery Gateways)
SP Guru Transport Planner
Full ROADM (Reconfigurable Optical Add/Drop Multiplexer) support including representation of color-less, direction-less, and contention-less characteristics
Route Validation report to analyze and report on compliance of connection routes with protection requirements (i.e., diversity constraints)
Updated web report look-and-feel including sorting and filtering of report contents
In addition, bug fixes for all products of the NetOne suite, including nCompass, are included in the new release.
July 2013 edition of Sentinel Advisory Service update is now available for Sentinel version 17.5 PL3. This update includes 69 new rules for the security advisories and end-of-life notices listed below.
Cisco Security Advisory - Cisco ASA 5500 Crafted URL Denial of Service Vulnerability (cisco-sa-20130410-asa)
Cisco Security Advisory - Cisco ASA 5500 Denial of Service During Validation of Crafted Certificates (cisco-sa-20130410-asa)
Cisco Security Advisory - Cisco ASA 5500 DNS Inspection Denial of Service Vulnerability (cisco-sa-20130410-asa)
Cisco Security Advisory - Cisco ASA 5500 IKE Version 1 Denial of Service Vulnerability (cisco-sa-20130410-asa)
OS End-of-Life Notices:
Cisco End-of-Life Notice - PIX OS Release 6.3 for PIX 500 Series
Cisco End-of-Life Notice - IOS Release 12.2(18)S for 7200 / 7300 Series Routers
Cisco End-of-Life Notice - IOS Release 12.2(14)S for 7200 Series Routers
Cisco End-of-Life Notice - IOS Release 12.3(14)YM for 7200 Series Routers
Cisco End-of-Life Notice - IOS Release 12.4(4)XD for 7200 Series and 7301 Routers
Hardware End-of-Life Notices:
Cisco Catalyst 6500/Cisco 7600 Series Router Anomaly Guard Module and Anomaly Detector Module
Cisco 4-Port Ethernet Network Module
Cisco 851 Integrated Services Router
Cisco 7304 Series Router
Cisco 4-Port Ethernet WAN Interface Card
Cisco Multiple Interface Processors
Select Port Adapters for Cisco 7100, 7200, 7400 and 7500 Series Routers
WAN Interface Card for Cisco 1600, 1700, 2600, 3600 and 3700 Series Routers
Select Fast Ethernet Port Adapters for Cisco 7100, 7200, 7400, 7500, and the uBR7200 Series Routers
Cisco 8-Port Multichannel T1 and E1 Port Adapters
Cisco 1- and 2-Port T1/E1 Multiflex Voice/WAN Cards
Cisco 7200 and 7500 Series Dedicated Token Ring Port Adapter
The Riverbed Splash community is a network of users and a set of tools for connecting, sharing, and collaborating. Whether you're here to troubleshoot a technical problem,
get best practices on your Riverbed product deployment, or want to learn how to leverage Riverbed's developer tools, you'll find it here in our community.