Last year, Atomic Labs, the creator of the Pion web analytics tool, changed its name to Cloudmeter, raised some money, and set above to make its analytics tool more broadly useful for enterprises. Pion has been transformed into a broader tool called Stream, which runs on premises, and Cloudmeter has cooked up an adjunct …
A few of the potential problems with this sort of network traffic analysis:
1) where do you capture data in a resilient multi-path enterprise network.
2) how do you ensure precise timestamps to correlate a connection's packets on different in/out paths.
3) how do you correlate multiple TCP parallel connections belonging to the same client application/browser transaction.
4) how do you ensure correct interpretation of retries or load-balanced out-of-order packets.
5) how do you distinguish HTML requests that worked and those that were abandoned by the browser.
5) how do you "render" client displays composed of very dynamic content.
6) how do you recognise the application on browser HTTPS connections.
It would be interesting to know the confidence factor in a real world enterprise use.
Netflow meets Application Aware DPI
So, this is Netflow meets Deep Packet Inspection with a bit of application aware filtering built in?
Evolution, not revolution. And you will need sensors at every ingress and egress point., otherwise you won't get the full picture.
I have been doing similar things with snort for years. The only problem is I don't have millions to throw around at developers to write me a pretty interface...
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- NASA boffin: RIDDLE of huge BULGE FOUND ON MOON is SOLVED
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- China in MONOPOLY PROBE into Microsoft: Do not pass GO, do not collect 200 yuan