Archive

Posts Tagged ‘nChronos’

How to Baseline Network Throughput and Performance

May 22nd, 2014 No comments

How to Baseline Network Throughput and Performance

What is network baseline?

Do you know what your normal network throughput volume is, what types of traffic are most used in your network? If you can’t answer these questions then you should baseline your network. Network baseline is very important to network management because the data will tell you what it’s like when everything goes all right.

To baseline your network, you need software or hardware to listen on your network or a particular device. Both Colasoft nChronos and Capsa can be used to accomplish this task. Both of them are used to listen into packet data of a wire and generate all kinds of statistics on the network. To baseline a network, you need to use them to monitor the network traffic long enough, because a wider time span presents a more real picture of network traffic pattern. The use of network baseline is listed as follows:

  • Understand healthy network pattern and traffic trends.
  • Evaluate network management policies compliance.
  • Understand how the network resources are allocated.
  • Accelerate to troubleshoot network issues, i.e. abnormal traffic and spam traffic, etc.
  • Provide data on network and security management to support decision making.
  • Provide history statistics on network upgrade.

Download Capsa

How to baseline a network

Preparation

If you want to baseline a network, you can start from the tasks listed below:

1. Network diagram: draw the layout of the network structure, marking IP/MAC addresses, VLAN, and places of all routers, switches, firewalls, servers, management devices, and even the data flow directions.

2. Network management policy: helps you understand what services are allowed to run on the network, what traffic is forbidden, and what services should enjoy higher priority.

Scope & Objectives

When you are ready to start baselining your network, first you should think what to baseline because it’s hard or sometimes unnecessary to include all hosts, switches and routers of a big network into you baseline report. The suggestion is that you divide the network into several layers and only baseline the critical layers. For example, only baseline the services like ERP, Email, HTTP traffic and devices like core switches, routers and critical servers.

In addition to last point, different devices, hosts and links require different types of baseline data. For example, performance and security baseline is important to the servers, and network itself cares about throughput, utilization and types of traffic.

Collect baseline data

Generally speaking, a network baseline report contains these basic data: network utilization, traffic components, top protocols talkers, top hosts talkers, conversation statistics, address statistics, packet sizes, average packet length, and key server info, etc. Both nChronos and Capsa Network Analyzer provide these types of data (figure below).

To use nChronos or Capsa to baseline a network, you need run nChronos or Capsa and use an excel sheet to record statistics over each specific time period. The following figure shows a typical Excel network benchmark table.

Then you can use formula to work out the max, min, and average value of each data type. And if you keep recording long enough, you get a much precise baseline statistics.

The use of network baseline data

The baseline data is often used when the network is reported to be running improperly. For example, when the network performance drops, you can compare the real-time datacollected from the analyzer with the baseline data to help you spot where the anomalies are.

Download Capsa

Tips for network baselining

Update the baseline document in time

The baseline report is useful only when it provides accurate and up-to-date data. It requires that you update the data in time when there are any changes to the network. For example, when a new device is added, or a new application is implemented, the changes need to be marked on in the baseline report.

An IP/MAC database is necessary

If the network is full of desktops, laptops and switches, you should consider an IP/MAC database to record the user name and place of each individual IP and MAC address. It’s very helpful when you need figure out who is using the IP or MAC and where it is when you decide to give it an examination.

Baseline the critical devices only

Remember, you don’t have to maintain a baseline table which covers all your host computers, laptops, servers, switches, firewalls and routers. If you insist to do so, you’d better prepare enough time for it. You are suggested to only cover the mission-critical servers, such as email, web site, OA and CRM servers, and core switches and routers in your baseline report. And they’d better be organized in separate sheets to help you easily find what data you need.

Baseline over a long time period

It takes a long time to set up a network baseline because your network probably works in different patterns through Monday to Sunday. For example, on Monday morning, your email traffic could be higher than other days because there are lots of emails waiting to be processed after the weekend. On Friday afternoon after 4:00 PM, web traffic could be higher because some are browsing the web to find a place for the weekend. Therefore, your baseline report should cover the time period of a week at least, and you are suggested to extend to 2 ~ 4 weeks.

Keep baseline report easy to read

You should include all useful diagrams and illustrations in baseline report, the more the better, such as a network diagram, network policy, backups for switches and routers. The documents should be standardized with explanations and descriptions, especially for the technical terms. All of them are helpful when someone else is trying to access and read the documents.

Download Capsa

from: colasoft.com

How to View and Analyze Historical Network Traffic

May 21st, 2014 No comments

How to View and Analyze Historical Network Traffic

As a network forensic analysis application, nChronos allows users to view historical data just by a drag. Below is a screenshot of the Time Window, you can drag the trend charts back and forth to view the network traffic of any interested time period.

Download Capsa

You can click the Set Time Window button  to set which time period to show:

When you select a time slice on the Time Window, the analysis views will only show data related to that time slice, and this is very convenient to analyze a traffic spike. Just select the spike to view and analyze the top talkers in that spike. Furthermore, you can double-click a record item to drill down it:

Download Capsa

from: colasoft.com

Colasoft Launches nChronos Forensic Data Recorder v4.1

November 14th, 2013 No comments

Tulsa, OK – November 11, 2013 – Colasoft LLC, an innovative developer of network management and packet analysis software and solutions, today announced the release of a new version of its flagship product, nChronos, a Forensic Network Analysis Application. Customizable and schedulable reporting are now available in nChronos 4.1, allowing network administrators to easily generate and schedule various reports on the traffic for a specific time period.

nChronos’ new reporting engine now provides 12 statistical system reports based on:

1)       Traffic

2)       Addresses

3)       Communication

4)       Applications

5)       Top Talkers

6)       Alarms

Users can customize reports for a specific network scope, like addresses, network segments, and applications, based on 17 built-in report modules. Network Administrators will have comparison data for all reports. nChronos 4.1 allows more effective analysis because not the data from all reports can be compared with historical indicators. Both system reports and user-defined reports can be scheduled to generate hourly, daily, weekly and monthly reports, and sent to any email recipients as specified.

nChronos 4.1 strives to provide greater convenience for network administrators through the reports delivered by email.  This new reporting includes, but is not limited to:

1)       Bandwidth Consumption

2)       Application Activity

3)       Trending Traffic

4)       Network Anomalies

With the new innovative comparison function, the nChronos reports can be presented to the management without any extra effort because everything is already so designed for you.

In addition to reports, traffic alarms based on network segments are provided in nChronos 4.1, with 27 available trigger parameters. A Transaction Content Analysis window is provided for transaction logs to display the details of an application transaction, including the client and server IP and port number, the request and response time and content.

The reporting and transaction analysis are great features we have added to nChronos because of customer demand”, said Brandon Lewis, Director of Customer Support at Colasoft, “This new release makes nChronos a more comprehensive forensic network analysis solution for critical enterprise networks”.

The evaluation version of nChronos 4.1 is now available at Colasoft website www.colasoft.com.

Read the full press release here.

Colasoft nChronos Forensic Data Recorder v4.0

June 19th, 2013 No comments

We are very happy today to announce a new version of our flagship product, the nChronos Network Forensic Data Recorder application. The new nChronos version 4.0 has enhanced application monitoring and alerting capability.

This release of nChronos provides the user with the capability of monitoring the performance and real-time availability of custom applications.  nChronos has also added the ability to monitor transaction analysis of HTTP-based web applications.  nChronos has the ability to monitor Standard Applications, Web Applications, and Signature Applications.

The nChronos Expert Analyzer module now offers the ability to perform Custom Reporting of network parameters. Additionally, in response to customer demands and industry trends nChronos now supports IPv6 analysis.  The nChronos is fully supported on Microsoft Operating Systems running in 64 bit OS’s.

Application monitoring and alerting are mission critical to many of our customers”, said Brandon Lewis, Director of Customer Support at Colasoft. “This new release of nChronos provides users the capability to ‘rewind’ their network traffic and troubleshoot application issues as if it were real-time.”

 

nChronos 4.0 now gives network engineers the ability to monitor from the application to the packet level and set alarms that trigger when network performance parameters are exceeded or security conditions are tripped.  nChronos performs like a Digital Video Recorder for your Data Network now alerting you of an issue before your phone rings.

 

A Free Evaluation version of nChronos 4.0 is now available at Colasoft website www.colasoft.com.

How to baseline network throughput and performance

May 10th, 2012 1 comment

What is network baseline?

Do you know what your normal network throughput volume is, what types of traffic are most used in your network? If you can’t answer these questions then you should baseline your network. Network baseline is very important to network management because the data will tell you what it’s like when everything goes all right.

To baseline your network, you need software or hardware to listen on your network or a particular device. Both Colasoft nChronos and Capsa can be used to accomplish this task. Both of them are used to listen into packet data of a wire and generate all kinds of statistics on the network. To baseline a network, you need to use them to monitor the network traffic long enough, because a wider time span presents a more real picture of network traffic pattern. The use of network baseline is listed as follows:

• Understand healthy network pattern and traffic trends.

• Evaluate network management policies compliance.

• Understand how the network resources are allocated.

• Accelerate to troubleshoot network issues, i.e. abnormal traffic and spam traffic, etc.

• Provide data on network and security management to support decision making.

• Provide history statistics on network upgrade.
Read more…

Colasoft Launches Industry’s First Retrospective Network Analysis Freeware

August 25th, 2011 No comments

Today we are very happy to announce the release of nChronos Free, the industry’s first retrospective network analysis freeware and rapid continuous network traffic capturing and analysis solution which offers great capabilities in troubleshooting real-time networks and fastest drilling down to back-in-time network analysis to thousands of network professionals.

nChronos Free enables network administrators and professionals to realize high-speed massive network packet real-time capture and record, provides efficient data mining, in-depth network traffic analysis, drill down to isolate performance issues and troubleshooting high-priority and critical network issues. nChronos Free offers home offices or SMB who could not afford costly network analysis solutions the capability of remote data capturing, efficient network troubleshooting, application and device performance evaluation and optimization.

“The advanced capabilities of nChronos Free are very essential to enterprises or organizations whose networks are challenged by growing network traffic and performance expectations, said Roy Luo, CEO at Colasoft. “nChronos Free make it easy for network professionals to maintain a well-performed and productive network by quickly pinpointing critical network issues”.

“Network professionals are not only able to capture network traffic in real-time and display detailed statistics including protocols, network utilization, and so on, but also to view analysis results of any specific time duration, benchmark the network performance, and audit network user activities with forensics from the historical network traffic”, said Eddie Gao, CTO at Colasoft. “By continuously recording network traffic for back-in-time analysis, all critical network issues that threaten network performance and network security would be proactively resolved”.

Key Features of nChronos Free

Perform 7×24 real-time packet capturing to storage for application and network forensics analysis and back-in-time troubleshooting
Efficient drill-down for traffic data-mining and index for rapid data retrieval and application isolation
Provide detailed statistics of protocols, IP/TCP conversations, network utilization to baseline and visualized trends of network performance
Monitor critical events on any critical links with customizable alerts
In-depth network traffic analysis to optimize performance

nChronos retrospective network analysis freeware is available for download HERE .

Colasoft Announces the Launch of nChronos Retrospective Network Analysis Software

May 31st, 2011 2 comments

May 31, 2011, Colasoft, the leading provider of innovative network analysis solutions, today announces the launch of nChronos retrospective network analysis software, providing customers with great capabilities to troubleshoot high performance networks and pinpoint critical performance & application issues.

As a brand new retrospective product, nChronos’ release has poured fresh and great power to Colasoft Network Analysis Technology. It performs massive packet capturing and recording, efficient data mining and in-depth network traffic analysis to empower customers the capability of visualizing the overall enterprise network activities, drilling down to isolate performance issues and troubleshooting high-priority and critical network issues. Furthermore, it consists of servers and consoles to achieve expediently remote data capture, decoding and analysis for efficient network troubleshooting, application and device performance evaluation and optimization.

“With nChronos, IT professionals are able to view a specific window of time to troubleshoot network problems, benchmark the network performance, and audit network user activities with forensics from the historical network traffic”, said Eddie Gao, CTO of Colasoft, “Exclusively, nChronos provides scalable mass storage capacity varies from 1TB to unlimited storage for packets and statistics retrieval to meet the customizable network requirements”.

Features of nChronos retrospective network traffic software:

7×24 real-time packet capturing and recording for forensics analysis
Retrospectively analyze historical traffic of any time period
Baseline and visualized trends of network performance
Critical links monitoring & alerting
In-depth network traffic analysis to optimize performance
Efficient drill-down for traffic data-mining & index

An evaluation copy of nChronos retrospective network analysis software is available. Click here to request.