Extreme Analytics providing applicaiton visibility not forensics

  • 0
  • 1
  • Question
  • Updated 3 weeks ago
This is a problem I come up with quite often, where users are trying to use Extreme Analytics more as something like a forensics tool rather then application visibility, and become concerned its not delivering on their expectations.

Have been trying to put some words to explain this, and some of the differences that you might expect between the two. One example is a user might being trying to get application bandwidth utilization on a per port bases i.e. know exactly what percentages of what applications, say a firewall port, might be being using. I've got as far as this:

Extreme Analytics provides application visibility, i.e. what applications are running on the network, who’s using what and when and the response times for each. It allows the determination of usage patterns and root cause analysis.
 
Some examples of this are:
 
·         Granular insights into who is using what application, when, and where
·         Understand usage patterns to optimise applications
·         Invest only in applications that are being used
·         Analytics that do not slow down the network with application telemetry
·         Prevent shadow IT and block unwanted applications
 
What it’s not is a forensic tool, so you can’t for example....

Was wondering if anyone in the community could help give some advice in what those distinctions are, so that it is easier for me to layout those boundaries and complete that sentence as full as I can.

Many thanks in advance

Photo of Martin Flammia

Martin Flammia

  • 6,326 Points 5k badge 2x thumb

Posted 1 month ago

  • 0
  • 1
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,650 Points 5k badge 2x thumb
Hi Martin, I sit outside of the sales process. So I do not have much to add about how to best pitch the product and it's deliverables other than that you are correct about the nature of analytics. In the long run, it will not hold onto much in the way of forensics.
In the short run, it will hold onto application flows and associated fingerprinted application information based on the amount of RAM in the appliance. So the amount of data reaching the appliance and the amount of RAM may allow one to look at flows stored in its cache a bit longer.

Photo of Martin Flammia

Martin Flammia

  • 6,326 Points 5k badge 2x thumb
Thanks Mike