- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
Network World - When users complain that an application is slow or when customers abandon online sessions without buying anything, the cause of the problem is often elusive and mysterious. You know that the network connections are tight and the servers are humming, but the problem persists.
Troubleshooting efforts degenerate into finger-pointing. One vendor suggests spending money on faster computers. Someone invariably says the software needs to be completely rewritten. Another vendor sagely recommends faster storage devices. Yet another says you need more bandwidth.
What’s a network executive to do?
The answer: Try an Application Performance Monitoring (APM) tool. An APM tool monitors a multi-tier application’s performance and availability to show exactly how much time each application component takes to respond to a user’s requests. The information helps you decide what network or computing environment changes to make to solve the problem.
+ ALSO ON NETWORK WORLD 26 helpful open source network management tools +
The perfect APM tool would have the following capabilities:
We invited APM tool vendors to submit products to our Alabama lab for evaluation. Five vendors participated. ExtraHop sent its Application Delivery Assurance (ADA) 3.9 EH6000 appliance, Dell shipped its FogLight 5.9.1 appliance and Fluke Networks loaned us a Visual TruView 1.3 appliance. We downloaded BlueStripe’s FactFinder 7.2 and the virtual machine edition of BMC’s Real End User Experience Monitoring (EUEM) 2.0. (Watch a slideshow version of this story.)
While all the tools exhibited a range of APM strengths and abilities, we found that ExtraHop’s appliance did the best job of keeping our users’ performance complaints to a minimum. It was quickest to identify performance problems, its display of application activity was easiest to use and it had the best virtual machine support.
BMC EUEM’s endpoint- and session-oriented transaction analysis quickly and accurately spotted our bottlenecks, but EUEM required that we license a number of other vendors’ products, and it lacked a high level of support for virtual computing and public clouds.
While Dell FogLight excelled at tracking database transaction performance and had comprehensive analysis tools, configuring FogLight was tedious.
Although Fluke Networks’ Visual TruView revealed great volumes of network performance detail, it was packet-centric and technically demanding.
BlueStripe FactFinder accurately mapped transaction paths, graphically charted real-time app service levels, issued alerts and analyzed root causes. Unfortunately, BlueStripe FactFinder lost points for being agent based.
Here are the individual reviews:
The perfectly passive ExtraHop Application Delivery Assurance appliance used historical trends to recognize normal network and application behavior, gave us clear, easy-to-understand visibility into our applications, accurately pinpointed bottlenecks and notified us of problems with its dynamic, intelligent alerting engine.
We especially liked ExtraHop’s Application Inspection (AI) Triggers scripting feature, which we used to trace, monitor and measure entire transactions as they wended their way through multiple servers and connections.
Using what ExtraHop terms Trouble Groups, the appliance detects common performance problems, such as aborted database transactions, aborted HTTP transactions, excessive CIFS metadata queries, MTU mismatches, expiring SSL certificates, virtual packet loss and DNS missing entries.
Alerts were triggered by either the occurrence of the common problems previously mentioned, by custom alerts that we configured, or by statistical departures from the baselines which the appliance established from watching the network. ExtraHop’s problem notifications appeared as on-screen messages, SNMP traps, email notes and help desk trouble tickets.
ExtraHop’s Web interface is responsive, easy to navigate and intuitive. The customizable dashboard window contains widgets for specific applications and tiers that we chose to see. Other summary windows displayed application-sensitive metrics for transactions, device groups and individual devices we set up.
Configuring the summary windows was a simple matter of dragging and dropping widgets and selecting time intervals for charts. Hovering the cursor over a widget or chart caused ExtraHop to show further details, and we could drill down to zoom in on transactions, servers or connections. The Web interface also displays geographical network maps and graphical depictions of network activity.
Flex grids are custom-tailored summary reports that we found easy to assemble and versatile to use. We quickly produced high-level flex grid reports suitable for sending to a CIO (showing, for instance, an application activity summary view) as well as detail-level, targeted reports containing meaningful information for network administrators (showing network traffic levels), database administrators (showing database activity or database errors) and developers (showing application server network activity that highlighted server responsiveness). We especially appreciated the ability to drill down into network or application details.
The ExtraHop appliance continuously and accurately discovered devices and applications on the network. Passively, the appliance noticed new devices when they began using the network (either as a source or destination). The appliance classified devices based on a heuristic analysis of media access control address, IP address, naming protocol and transaction types. Classification of applications into logical groups and tiers relied on network activity (HTTP, database, CIFS, etc.), and we could easily define custom applications using ExtraHop’s Application Inspection (AI) Triggers.
ExtraHop’s AI Triggers are scripts you write at the application-protocol level. We used them in one test to easily isolate and view mobile device application access by segregating HTTP clients by type. Tracing specific front-end transactions across tiers via session IDs was similarly painless and simple.