Solera Networks has introduced traffic classification and identification with deep packet inspection, including highly detailed application information and visualized geolocation, to its network analysis platform. Solera OS 5, supporting the DeepSee suite of tools, also features an improved database engine for better performance and dynamic updating of dashboard displays.
Solera is among a handful of vendors that capture, store and analyze all network traffic. These capabilities are generally focused on security, but have considerable value for network operations as well, as they help ops teams determine the cause of network outages and performance issues.
"The goal is to catch an incident before anyone sees a problem, before it impacts a user," says the security administrator for a large government contractor. "But, if there's an incident or a machine is acting slowly, you can immediately go back--we're currently configured to go back a full month--to trace the problem to the point of origin."
This class of tools is designed to literally see everything that goes on across the network and enable enterprises to spot problems and investigate issues quickly. Solera describes its capabilities as network forensics. Forrester Research has labeled it network analysis and visibility (NAV), maintaining it is essential to enforce a "zero trust" approach to enterprise security (trust no one, see everything). Without this ability to capture, store and analyze many terabytes of network data, enterprises have to rely primarily on manual log review and "snapshot " packet capture that doesn't provide historical data and may not "see" malicious activity, such as a botnet "phoning home" to a command-and-control server.
This kind of capability is designed in large part to dramatically reduce time to resolution of security and network incidents, getting business systems back on line and fully functional.