Unlike information that systems report about their own activity, wire data provides an objective “outside-looking-in” perspective that is always on. Even if a hacker turns off logging on a compromised server, you will still see their activity on the wire.
Visibility across tiers
The network is the common element that ties all components of the application delivery chain together. By analyzing wire data for the web, database, middleware, storage, and other tiers, you can observe how performance at the various tiers impacts service delivery.
If you were to analyze all transactions and data passing over your network, that would be the largest and richest source of insight available about your IT systems and business operations. A single 10Gbps link carries over 100TB of data each day—now extrapolate that to all your datacenters, remote sites, and the cloud. Only ExtraHop makes it feasible to transform all those unstructured packets into valuable, structured wire data for you to explore, visualize, and learn from.
ExtraHop has pioneered an innovative approach that transforms unstructured packets into structured wire data, and presents that information—in real-time—for all teams to explore and visualize. This is possible through new technology that reassembles packets into complete sessions and flows between devices, and then extracts key data from those communications as they occur.
The ExtraHop platform is a passive network appliance that uses a network tap to receive network traffic, and then performs real-time full-stream reassembly to extract application-level protocol metrics and other custom-specified information contained in the transaction payload. IT operations teams use this data to monitor the performance of the applications running on the network and detect anomalous behavior that could indicate a data breach, for example. The ExtraHop appliance can be deployed on-premises or in public cloud services such as Amazon Web Services (AWS).