The solution provides end-users with improved network performance and reduced costs by eliminating the need for expensive filtering appliances, reducing the amount of traffic that needs to be analysed, and enabling selective QoS management. Additionally, the solution offers easy management of multiple sites through the Multi-Site Management tool and provides detailed bandwidth statistics per user/application with 1-second resolution on the full traffic.
Overcoming the challenges of traffic growth
The cost of security and performance monitoring can be heavily influenced by bandwidth usage, making it challenging with the increasing volume of daily traffic. While the majority of traffic growth is typically not on sensitive traffic, bandwidth-intensive activities such as video streaming and social media usage can overload monitoring tools and drive costs. Monitoring all network packets is often unnecessary since only a few network connections (sessions) contain the relevant information.
All-In-One Solution for Bandwidth-Intensive Traffic Monitoring
Cubro Omnishark’s filtering capabilities reduce processing load and improve efficiency by extracting only the relevant traffic connections from live links. The analytic engine then extracts only the relevant packets from these network connections, providing an efficient way to generate relevant KPIs in real-time.
- Extract relevant traffic connections from live links using a Cubro NPB
- Use an analytic engine to extract only relevant packets from these connections
- Upfront filtering in the first step improves analytic engine efficiency
- Aggregate metadata and counters, which is a relatively small amount of data
- Correlate data with events/incidents and feed into SIEM or other database
Omnishark’s hardware-based approach provides competitive advantages such as immediate activation without relying on the TCP handshake, enabling efficient and effective filtering with a load capacity of up to multiple 100 Gbit. Cubro also provides detailed bandwidth statistics per user/application with 1-second resolution on the full traffic, enabling efficient cost management.
Omnishark’s Multi-Site Management tool allows for easy management of multiple sites, providing a comprehensive and scalable solution for network experts. An advanced packet broker with full features is also included, serving as the Swiss army knife for network monitoring.
Streamline Network Traffic Analysis
Customized Filtering and Efficient Packet Capture
By connecting to the NPB through interfaces ranging from 1 to 100 Gbit/s, the solution is able to perform aggregation, filtering, and traffic modification tasks such as removing tunnels or slicing packets.
The positive filtering of specific endpoints such as IP address and VLAN, along with negative filtering to remove unwanted traffic like application filtering, allows for a highly customized and tailored approach to network traffic analysis. The indexed packet capture feature then performs a rolling capture of the filtered packets, which can be downloaded as a Wireshark pcap file for further analysis.
This streamlined approach to network traffic analysis not only saves time but also reduces costs associated with processing irrelevant data. Additionally, the KPI analytics engine exports raw packets from the indexed capture, performs various network metrics analysis, and shows the results or exports them to SIEM, providing valuable insights for decision-making and security purposes.
Request a demo
Contact us now
Our newsletter provides thought leadership content about the industry. It is concise and has interesting content to keep you updated with what’s new at Cubro and in the industry. You can unsubscribe anytime with a single click.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.