Missing data - Where current generation visibility solutions fall short

Overview

Sinefa's visibility is designed for high resolution and deep drill-down with scale in mind. From links less than 1Mbps to core networks running at 10+Gbps, Sinefa's visibility offers performance and scale without sacrificing detail. At the core of Sinefa's visibility is our flow aggregation and processing pipeline technology, put simply, this allows Sinefa Instances to ingest millions of flows and process them efficiently into sample sets.

Current Solutions

Current generation visibility solutions store the top X flows (e.g. 1,000) for each sample period (e.g. 5 minutes). From these 1,000 flows, the top applications and hosts are derived. But what if several users are using connection intensive applications such as Bittorrent? Bittorrent creates hundreds of connections for each user, so the top 1,000 flows could easily all be made up of a single application. This clearly doesn't scale. Add to that drill-down capability… there is no way you can achieve useful drilldown when there is such little detail, particularly at higher speeds. What if you wanted to view the users of a particular application other than Bittorrent? There would be little or no detail because most of the data in the top 1,000 flows is made up of Bittorrent connections.

The problem gets worse at lower resolutions when data is summarised down. Data is lost when the top 1,000 flows for each 5 minute period is aggregated into a 60 minute sample to produce a top 1,000 flows for the 60 minutes. For example, what if there are applications that made the top 1,000 flows for some of the 5 minute samples but not the others? When they are summarised into a 60 minute sample, the totals will be under reported because of the missing data.

Next Generation Visibility

Sinefa's next generation visibility solution efficiently stores ALL connections in RAM, and derives the TRUE top applications, hosts and users for each sample period, for all resolutions. In addition, for each record, Sinefa derives TRUE drill-down statistics. What's more, Sinefa has 1 minute resolution, 5 times more than other solutions. So that's more accurate reporting at higher resolution, and longer retention.

Sinefa's solution also has the ability to segment traffic and provide the same high definition visibility on every segment. This allows users to split up the traffic into logical groups, such as branch offices, customers, or departments, and report individually on these groups in full detail.

All of Sienfa's reporting is hosted in the cloud, meaning no expensive hardware and no servers or databases to maintain. Sinefa can report on an entire WAN, a group of locations, an individual location or a segment of a location all from the one UI. Full report filtering and drill-down allows users to quickly view relevant information all from a single interface.

Visibility for Virtual Networks and Public/Private Cloud Environments

Some current generation appliances have been retro-fitted to install "virtually inline" with virtual networks in an attempt to offer some sort of solution in this space, however, that does not help in public or private cloud environments. Sinefa's solution was built from the ground-up with virtualization in mind, from deployment in virtual environments to monitoring traffic inside virtual networks. Current generation solutions simply can't be retro-fitted to provide full visibility into all virtualized environments.

Feature Comparison

Feature

Sinefa's Solution

Other Solutions

Historical Data Resolution

1 minute

5 minutes or more

Realtime Data Resolution

1 second

10 seconds or 1 minute

Realtime Scope

Up to 1,000 locations

Only one location

Data Retention

Unlimited @ Daily Resolution

2 Years @ Monthly Resolution

Flows Analysed

All

Top 1,000

Top Applications, Hosts, Users

True top 1,000

Up to top 1,000 (derived from top 1,000 flows)

Maintaining Peaks

Sinefa's solution accurately maintains historical peaks

Historical peaks disappear due to taking 'averages of averages' resulting in misleading historical graphs

Appilcation Signature Updates

Yes, available on demand. Daily automatic updates.

Only with full software release download. Manual update only.

Drill-down

True HD drill-down

Whatever can be derived from the top 1,000 flows

Segmentation

Yes, each segment reported individually with HD visibility

No

Multi-tenant

Yes, with Customer Portal, each customer can access their own data

No

Central Reporting

Yes, all reports are managed and viewed centrally

No, each appliance reports individually

Deployment

Software (VM), Software (BYOD), Hardware, Inline, SPAN Port, Netflow, Network TAP

Inline Hardware Appliance, SPAN

Environment

Physical networks, Virtual networks (hypervisor and VM) and cloud (eg. Amazon AWS)

Physical network only

Pricing

Low Opex

High Capex

Backup

Full, automatic backup in the cloud

Data is stored on the appliance, lose the appliance, lose the data

Speed

Fast, next generation UI

Cumbersome and slow UI

Updates

New features and updates automatically available every month. No reboot. No outages.

6-12 month release cycle. Very large update files. System reboot and network outage.

Building a Managed Services Practice

Product Update – April 2013