The SDMS product family delivers a complete, end-to-end, enterprise-wide solution for linerate network recording, monitoring, and analysis. All of the SDMS family products are fully integrated with Wireshark and are designed to extend Wireshark functionality throughout distributed network environments.
Features
| Continuous, line-rate, multi-gigabit per second network traffic recording without packet drops using an optimized multi-terabyte packet storage system |
| Full Wireshark integration |
| Intuitive, visual, and interactive user interface |
| Quick and easy time interval isolation within multi-terabyte network recordings |
| Precise and in-depth retrospective analysis of real-time and offline traffic analytics |
| Drag & drop multi-level drill-down for local and remote analysis and troubleshooting |
| Many-to-many Console/Appliance interaction |
| Advanced, multi-threaded software architecture for simultaneous, high-performance capture, analysis and display |
Shark Appliance
The Shark Appliance is a turnkey hardware and software solution providing high-performance, line rate, network traffic analysis, recording, monitoring, and reporting.
| Based on CACE Technologies high-performance TurboCap capture cards, the Shark Appliance is capable of sustained line-rate, multi-gigabit per second recording of network traffic without packet drops. |
| The Shark Appliance provides an effective and indispensable tool for the manipulation and in-depth analysis of multi-terabyte network traffic recordings. |
| Fully integrated with Wireshark, the Shark Appliance supports packet filtering based on Wireshark BPF and Wireshark Display filters. |
| The Shark Appliance seamlessly integrates with the Pilot Console (an enhanced version of CACE Pilot) supporting an intuitive drag-and-drop multi-level drill down for local and remote analysis and troubleshooting. |
Wireshark Within
The Shark Appliance includes the only network analysis software fully integrated with Wireshark, the worldâ??s most popular network protocol analyzer. This integration makes the prodigious collection of Wireshark Display Filters available for use within the network analysis software engine. Using the visual selection and drill-down features of the Pilot Console, the "Send to Wireshark" feature is used to export only the selected subset of the traffic to the Pilot Console for detailed packet protocol inspection with Wireshark
Global Network Visibility
By placing Shark Appliances at strategic vantage points in your network you will significantly improve your network visibility in geographically distributed network locations. The number and placement of Shark Appliances will be determined by factors such as your distributed network architecture, mission-critical applications, traffic recording needs, and security design
Line-Rate Multi-Gigabit Ethernet Traffic Capture
The Shark Appliance includes the Shark Packet Recorder which is capable of continuous line-rate recording of multi-gigabit per second network traffic to disk without packet drops. The Shark Packet Recorder is a customized dump-to-disk utility based on the dual-port GigE TurboCap cards and a RAID-enhanced and specially designed packet storage system.
Enhanced Retrospective Analysis with Multi-Terabyte Packet Recordings
No more awkward file rotation schemes resulting in thousands of files and file boundaries representing a single recording. A multi-terabyte packet recording is represented as a single "virtual file" in the Pilot Console and, through the use of a powerful and intuitive drag-and-drop graphical user interface, the user can quickly isolate arbitrary time intervals of interest within a recording and perform in-depth analysis and traffic visualization.
Remote Live and Off-Line Troubleshooting
The Shark Appliance supports a wide variety of network protocols and traffic analysis metrics (called Views) to meet all of your monitoring, reporting, and troubleshooting needs. Views can be applied to live traffic on the Shark Appliance's local network interfaces or to off-line network traces stored in the Shark Appliance's storage system. Typical Views include:
- LAN and Network troubleshooting (MAC, VLAN, ARP, ICMP, DHCP, DNS)
- Bandwidth usage (including micro-bursts, IP, TCP, WEB, VoIP)
- Talkers and conversations (IP, subnets, countries, TCP, WEB, VoIP)
- Performance and errors (IP, TCP, Web, VoIP)
- User activity (Web, VoIP)
Performance Monitoring Using Triggers and Alerts on Network Metrics
The Shark Appliance supports "Watches", a sophisticated triggering and alerting technology. A Watch consists of a trigger condition on a View metric and a set of actions to be carried out whenever the trigger condition is met. You can, for example, be alerted on high bandwidth usage, slow server response time, high TCP round trip time, and much more. When a Watch running on a Shark Appliance detects that a threshold has been crossed, the Shark Appliance will execute one or more actions. The available actions include sending an email/Twitter message and starting/stopping a capture job
Navigation Through Vast Amounts of Data wiht a Few Mouse Clicks
The seamless interaction between the Pilot Console and Shark Appliance supports the innovative Time Control technology, whereby a user can move through View metrics calculated over extended periods of time with just a few mouse clicks. Based on the selected time interval, advanced subsampling and data aggregation techniques are used to optimize the granularity of the visual presentation and minimize the bandwidth usage between the remote Shark Appliance and the Pilot Console
Professional Report Generated on Demand
The Shark Appliance supports enhanced report generation from displayed Views. Upon request from the Pilot Console, the Shark Appliance generates the data for a report based on one or more Views. The report data is then sent to the Pilot Console for rendering and immediate presentation
The Appliance is available in two Configuration. Please see details.
Shark Appliance Kit
Build your own Shark Applicance
CACE Technologies provides the Shark Appliance software components and TurboCap high-performance, GigE capture cards and the user provides the appliance hardware platform.
Cost effective solution - the user provides the appliance hardware platform using already-available or new hardware
Match Shark Appliance performance - meet the minimum hardware platform specifications to match Shark Appliance performance
Flexible platform options - the user provides CPU, Memory, and Storage to meet the user's specific performance needs
Shark Appliance Kits come in two configurations, both of which have been optimized to support high-performance packet recording, integration with Wireshark and, together with the Pilot Console, provide a platform for distributed live and off-line network analysis, visualization, monitoring, troubleshooting, and reporting.
Pilot Console
The Pilot Console: Turns Shark Appliances into Powerful Remote Network Analyzers
The Pilot Console, an enhanced version of CACE Pilot, seamlessly and securely integrates with remote Shark Appliances to provide a complete, end-to-end, enterprise-wide and feature-rich distributed network analysis solution. Moreover, Wireshark integration with Pilot Consoles and Shark Appliances extends Wireshark's application domain to distributed network analysis.
Pilot Consoles can be connected to one or more Shark Appliances to:
| Create multiple capture jobs on remote Shark Appliances each capable of sustained gigabit per second line-rate recording without packet drops |
| Quickly and easily manipulate and analyze multi-terabyte network recordings using "trace clips" -- no more clumsy file rotation schemes and no packets leave the Shark Appliance |
| Support local and remote troubleshooting using drag-and-drop multi-level drill-down on local/remote and live/off-line traffic sources â?? it feels like a local network analyzer but you are controlling a remote Shark Appliance |
| Visualize long-duration local and remote traffic metrics by moving back-in-time through large data sets with just a few mouse clicks |
| Detect anomalies on long-duration local/remote network traffic using "Watches", a flexible trigger and alerting feature |
| Create professional reports directly from Views located on remote Shark Appliances |
Documentation
WIREXPERT WX4500-FA
WireXpert is the most advanced LAN cable tester, easy to use, and with accuracy far exceeding current standards.
Details here...