Precise, accurate timing and replay is essential in network packet capture and recording. Network and security operations teams gather and use this information to resolve network and application performance issues as well as security related events. But to make the recorded data valuable, it must be accurate (high-resolution timestamps), complete (not sampled), and collected from the right places in the network.
The Emulex next generation EndaceDAG™ Data Capture Card portfolio, with Precision Time Protocol (PTP) hardware timestamp capability, is a new set of data capture cards that ensure 100 percent packet capture on any network, regardless of packet size, interface type or network load. This means 100 percent of available network traffic is captured from the wire, timestamped and transferred to host memory without loss and with no impact to live network traffic.
Accurate timestamping for high-bandwidth enterprise network monitoring can help network and security operations teams capture and analyze network behavior for incident detection, even on 40Gb Ethernet (40GbE) networks.
By supporting a large number of receive streams, load balancing and time stamping of network data on every server, metrics can be collected and analyzed to ensure service provider performance, transaction usage and performance, and can make network key performance indicators (KPIs), such as network latency and packet loss, more measureable and actionable. The ability to capture 100 percent of the network traffic transiting a link provides network organizations clear visibility to detect and investigate issues at the network packet-level and enables lower time-to-resolution (TTR).
The EndaceDAG Cards provide both dual-port and quad-port 10GbE configurations along with a dedicated PTP port. This effectively doubles port density and halves the price per port when compared to competing solutions that do not offer dedicated PTP ports. This creates a 2:1 port density advantage for customers using the EndaceDAG dual-port card and a 4:1 port density advantage for customers using the EndaceDAG quad-port card in PTP applications.
For more than a decade, the EndaceDAG Cards have been providing consistent, reliable, high performance packet capture and are the best possible foundation for customers’ proprietary, internally developed network visibility solutions. The new offerings will bring these capabilities to several new target markets to address a new class of customers including government, high frequency trading (HFT), telecommunications, network performance management (NPM), application performance management (APM), service provider, and security event information management (SEIM) markets that have traditionally been forced to settle for less. These markets can now benefit from 100 percent data capture and nanosecond-level timing accuracy, but at a significantly lower price-point.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.