Troubleshooting Network Latency Issues with EndaceProbe
Troubleshooting network latency issues can be difficult in any network, particularly when you are reliant on 3rd-parties for connectivity between different sites. In large, complex networks this difficulty is magnified by the sheer number of network elements that can negatively impact the way that packets traverse the network.
Many analysts rely on their instinct to narrow down the causes of problems, placing ad-hoc troubleshooting tools in various parts of the network and hoping that the issue reoccurs. Full packet capture across the network, with time synchronization via a GPS signal, or some other external source, allows you to quickly solve latency problems the first time.
As packets traverse the network, EndaceProbe™ Analytics Platforms can record them with nanosecond-accurate timestamps, enabling you to quickly see exactly how long each packet took to traverse the network between capture points.
EndaceVision
EndaceVision™ is a browser-based Visual Traffic Analysis and Forensics application included on every EndaceProbe™ Analytics Platform and in InvestigationManager™ the rapid-search and data-mining tool that lets you find "needle-in-the-haystack" packets-of-interest across months of distributed Network History in seconds, no matter where or when the incident occurred.
EndaceVision lets you filter recorded traffic based on a wide range of parameters including link name, application classification, IP address, MAC address, port number, time stamp and many more options.
EndaceProbes also provide built-in Deep Packet Inspection (DPI) which classifies captured traffic by application. This makes it easy to analyze traffic by application to see precisely what's happening on your network.
Troubleshooting High Network Latency With EndaceVision
Using EndaceVision, you can isolate packets-of-interest from one or more EndaceProbes for the period that you are interested in. By applying filters you can drill into particular hosts or specific protocols to identify the specific packets you want to examine.
Packets can be decoded directly using the onboard Wireshark without requiring a download. Alternatively they can be downloaded as standard pcaps, or enhanced ERF format files with added Provenance™ data.
Want to know more?
Integrating always-on packet capture into your security and performance monitoring tools gives you definitive evidence at your fingertips.
Find out just how fast and accurate your investigations can be.