Performance vision Version 2.15 news
-
Upload
securactive -
Category
Technology
-
view
149 -
download
1
Transcript of Performance vision Version 2.15 news
![Page 1: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/1.jpg)
© SecurActive 2013
WHAT’S NEW IN VERSION
2.15?
![Page 2: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/2.jpg)
© SecurActive 2013 2
PERFORMANCE VISION VERSION 2.15
Http Application Performance
BCN Workflow
Network Analysis
Configuration & Usability
![Page 3: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/3.jpg)
© SecurActive 2013 3
HTTP APPLICATION PERFORMANCE
![Page 4: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/4.jpg)
© SecurActive 2013 4
HTTP APPLICATION PERFORMANCE
500 - Internal Server Error, Service Temporarily Unavailable
Deal with End User complaints
Track Page / Hit load time
Identify Slow / Faulty transactions
![Page 5: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/5.jpg)
© SecurActive 2013
H TTP
APPLICATION
PERFORMANCE
Response Status Code over Time
Response Times & Volumetry over Time
Flows grouped by Server IP
Flows grouped by Client IP
Flows grouped by Host
Flows grouped by User Agent
Web Pages Performance & Timeline Chart
Hits Performance & Inspection
5
![Page 6: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/6.jpg)
© SecurActive 2013 6
HTTP STATUS
Response Status Code over Time
![Page 7: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/7.jpg)
© SecurActive 2013 7
ARE THERE ERRORS?
![Page 8: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/8.jpg)
© SecurActive 2013 8
ARE THERE ERRORS?
![Page 9: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/9.jpg)
© SecurActive 2013 9
WHAT CAUSED THE ERRORS?
Hits Performance & Inspection
One-click Drilldown
![Page 10: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/10.jpg)
© SecurActive 2013 10
WHAT CAUSED THE ERRORS?
Look at what happened:
Who is impacted (Client or Servers)?
What are the related resources?
![Page 11: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/11.jpg)
© SecurActive 2013 11
PERFORMANCE OVER TIME
Response Times & Volumetry over Time
![Page 12: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/12.jpg)
© SecurActive 2013 12
ARE THERE SLOW DOWNS?
Check Performance over time for:
Average Page Load Time
Average Hit Response Time
![Page 13: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/13.jpg)
© SecurActive 2013 13
#HOW MANY RESOURCES ARE PROCESSED?
Evolution over time:
Number of Hits
Number of Pages
Number of Hits in Error (4xx & 5xx)
![Page 14: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/14.jpg)
© SecurActive 2013 14
HTTP TOPS
Server IP
Client IP
Host
User Agent
Group HTTP Flows by:
![Page 15: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/15.jpg)
© SecurActive 2013 15
WHAT ARE THE SLOWEST PAGES?
![Page 16: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/16.jpg)
© SecurActive 2013 16
INTEREST OF STANDARD DEVIATION?
11
9
11
9
11
9
11
9
11
9
0
2
4
6
8
10
12
14
16
18
20
1 2 3 4 5 6 7 8 9 10
18
2
18
2
18
2
18
2
18
2
0
2
4
6
8
10
12
14
16
18
20
1 2 3 4 5 6 7 8 9 10
Page Load Average: 10
Standard Deviation: 1
Page Load Average: 10
Standard Deviation: 8
![Page 17: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/17.jpg)
© SecurActive 2013 17
PAGE LEVEL ANALYSIS
Web Pages Performance & Timeline Chart
![Page 18: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/18.jpg)
© SecurActive 2013 18
WHAT ARE THE SLOWEST PAGES?
Check performance indicators on:
Number of Elements composing a page
Page Load Time
Response Payload
![Page 19: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/19.jpg)
© SecurActive 2013 19
SEE ISSUES AT A GLANCE: T IMELINE CHART
![Page 20: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/20.jpg)
© SecurActive 2013
FULL
Q UERY / R ESPONSE
RETENTION
Inspection details of transaction:
Client Query
Server Response
20
![Page 21: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/21.jpg)
© SecurActive 2013
FULL
Q UERY / R ESPONSE
RETENTION
Inspection details of transaction:
Client Query
Server Response
21
![Page 22: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/22.jpg)
© SecurActive 2013 22
HIT LEVEL ANALYSIS
HTTP Hits Performance Analysis
![Page 23: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/23.jpg)
© SecurActive 2013 23
LIST OF HTTP HITS
Detailed list of HTTP hits:
Data Transfer Time
Server Response Time
Payload
User Agent, Method, Status, Category, Flags, URL
![Page 24: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/24.jpg)
© SecurActive 2013 24
HTTP SPECIFIC F ILTERS
Refine your search with HTTP analysis dedicated Filters
Method GET, HEAD, POST…
Status Success, Redirection, Error…
Host www.google.fr, pypi.rd.securactive.lan
URL Path /application1*, /intranet*/*app*…
User Agent Mozilla*, *Gecko*, *MSIE*…
Server Software Apache*, *nginx*, AmazonS3*…
HTTP Category HTML, Scripts, Style…
Be careful when using regular expressions, it can be Highly resource consuming
![Page 25: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/25.jpg)
© SecurActive 2013 25
HTTP ANALYSIS FOR NPS/APS
NPSAPS
Flow metrics for both NPS & APS
HTTP Performance for APS Only
![Page 26: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/26.jpg)
© SecurActive 2013 26
FORMER WEB BROWSING
Marked as Deprecated
Works like before
Should be Removed in an Upcoming Version
![Page 27: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/27.jpg)
© SecurActive 2013 27
BCN WORKFLOW
![Page 28: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/28.jpg)
Updated for drilldown
New
© SecurActive 2013 28
BCN WORKFLOW
BCN Workflow with Easy Drilldown
![Page 29: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/29.jpg)
© SecurActive 2013 29
BUSINESS CRITICAL NETWORK DRILLDOWN
V2.12 V2.15
Link to Performance from the first zone to the second zone
Link to the Bandwidth chart between the two zones
Link to Oriented Conversations from the first zone to the second zone
Link to BCN Edition
Link to the Bandwidth chart between the two zones
![Page 30: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/30.jpg)
© SecurActive 2013 30
SOURCE/DESTINATION PERFORMANCE
Display Source/Destination performance over time:
Data Transfer Time (DTT), Network Latency (RTT) Retransmission Delay (RD)
Retransmission Rate (RR)
Number of Packets
![Page 31: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/31.jpg)
© SecurActive 2013 31
ORIENTED FLOW DETAIL
Display more Information on Source/Destination flows: OS Fingerprint, MAC Addresses, Port, QoS Field…
![Page 32: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/32.jpg)
© SecurActive 2013 32
SOURCE/DESTINATION ADVANCED FILTERS
V2.12 V2.15
Source/Destination Advanced Filters have been Completed. They now Work like in Client/Server Mode.
![Page 33: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/33.jpg)
© SecurActive 2013 33
NETWORK ANALYSIS
![Page 34: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/34.jpg)
© SecurActive 2013 34
NETWORK ANALYSIS
NewUpdated
![Page 35: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/35.jpg)
© SecurActive 2013
CHECK
Q OS CLASS
35
DiffServ FieldClient/Server
Source/Destination
![Page 36: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/36.jpg)
© SecurActive 2013 36
DISPLAY MAC ADDRESSES
MAC AddressesClient/Server
Source/Destination
![Page 37: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/37.jpg)
© SecurActive 2013 37
OPERATING SYSTEM FINGERPRINTING
OS FingerprintingClient/Server
Source/Destination
For TCP Only!
![Page 38: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/38.jpg)
© SecurActive 2013 38
ETHERNET PROTOCOL / MAC VENDOR
Improved Display of Ethernet Protocol
Improved Display of MAC Address Vendor
![Page 39: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/39.jpg)
© SecurActive 2013 39
CONFIGURATION & USABILITY
![Page 40: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/40.jpg)
© SecurActive 2013 40
BETTER PERFORMANCE
Better performance for: Network Sniffing
Data Dumping
![Page 41: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/41.jpg)
© SecurActive 2013 41
IMPROVED SRT & DTT COMPUTATION
In presence of lost TCP segments,more accurate: Server Response Time (SRT)
Data Transfer Time (DTT)
![Page 42: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/42.jpg)
© SecurActive 2013 42
ZONE RULES CHECKER
Find the first Matching Rule for a Zone.
![Page 43: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/43.jpg)
© SecurActive 2013 43
HTTP PERFORMANCE ANALYSIS CONFIGURATION
For performance reasons it is recommended to RestrictHTTP performance analysis only to appropriate traffic.
Select Zones on which HTTP performance analysis will be performed, by default: None!
Child zones will be automatically selected.
![Page 44: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/44.jpg)
© SecurActive 2013 44
HTTP PERFORMANCE ANALYSIS IMPACT
HTTP performance analysis Impacts:
System workloadCheck CPU, RAM, Disk…
Database workloadCheck License limit (Virtual appliances)
![Page 45: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/45.jpg)
© SecurActive 2013
HTTP P ORT
S IGNATURES
45
By default, HTTP performance analysis is performed on these ports. Add more ports to Extend analysis scope,
This is Global parameter (for all selected zones).
The more ports are added, the more CPU power is required!
![Page 46: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/46.jpg)
© SecurActive 2013 46
AUTOPCAP CONFIGURATION
For Performance Reasons it is Recommended to RestrictAutoPCAP File Generation only to Appropriate Traffic.
Select Zones on which AutoPCAP files will be captured and generated.
Child Zones will be Automatically Selected.
![Page 47: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/47.jpg)
© SecurActive 2013 47
CUSTOM FILTERS (BETA)
Available fields: app,
capture.begin, capture.end,
device,
diffserv, diffserv.clt, diffserv.srv,
domain,
ip, ip.clt, ip.dst, ip.src, ip.srv,
mac, mac.clt, mac.dst, mac.src, mac.srv,
os, os.clt, os.srv,
port.srv,
proto,
vlan,
zone, zone.clt, zone.dst, zone.src, zone.srv
Combine filters with logical operators: (or, and, not) Order sub expressions using Parentheses
Examples: (ip=10.10.*.* or ip.srv=10.20.30.*) and os.clt=‘linux’
zone in ‘/Private/Servers’ or port.srv < 1024
(proto=udp and port.srv=53) or zone in ‘/Private/DNS’
domain=‘~^www.google.(fr|com)$’
app=’http’ or app=’https’
![Page 48: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/48.jpg)
© SecurActive 2013 48
BCN W ITH < 1 MIBPS LINKS
Business Critical Networks now supports links which available bandwidth is < 1 Mibps
![Page 49: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/49.jpg)
© SecurActive 2013 49
DATA MERGING
Configure when to merge Data
![Page 50: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/50.jpg)
© SecurActive 2013
DATA
M ERGING
50
Increasing levels can generate huge performance issues. In case of slowdowns, consider reducing merging levels.
Configure Merging Level
![Page 51: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/51.jpg)
Begin Time End Time Zone IP Payload EURT
08:00 08:01 Internet 76.20.80.201 10 MB 100 ms
08:05 08:06 Internet 76.20.80.201 3 MB 200 ms
08:10 08:11 Internet 183.28.100.2 6 MB 150 ms
08:10 08:11 Internet 76.20.80.201 3 MB 200 ms
08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms E x a m p le
© SecurActive 2013
DATA
M ERGING
51
Begin Time End Time Zone IP Payload EURT
08:00 08:11:00 Internet 76.20.80.201 16 MB 166 ms
08:10 08:11:00 Internet 183.28.100.2 6 MB 150 ms
08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms
Begin Time End Time Zone IP Payload EURT
08:00 08:11:00 Internet - 22 MB 158 ms
08:12 08:14 Lan/Server 192.168.100.8 5 MB 10 ms
Data Aggregation
Data Merging
![Page 52: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/52.jpg)
© SecurActive 2013 52
APPLICATIVE LOGS
Keep track of events
![Page 53: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/53.jpg)
© SecurActive 2013 53
APPLICATIVE LOGS
Keep track of events on the probe.
Up to 7 days for internal processes
Up to 31 days for other events (ex: Errors)
![Page 54: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/54.jpg)
© SecurActive 2013 54
ADVANCED SNIFFER CONFIGURATION
Advanced Sniffer Configuration
![Page 55: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/55.jpg)
© SecurActive 2013 55
ADVANCED SNIFFER CONFIGURATION
Fine-tuning of the Sniffer’s parameters
![Page 56: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/56.jpg)
© SecurActive 2013
SET
THE MTUOF A POLLER
56
Set the MTU of a Poller. It is a per poller setting
Default is 1800
Over 9000 is not recommended
Reboot is required! MTU
![Page 57: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/57.jpg)
© SecurActive 2013
SNIFFER’S
C APTURE
L ENGTH
57
Defines the “Capture Length” used by the sniffer to analyze the traffic
For best accuracy it should be Equal to the highest poller’s MTU.
However high values are highly CPU Consuming
Smaller values will Save CPU processing power.
Sniffer Restart is required!
CAPTURE LENGTH
![Page 58: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/58.jpg)
© SecurActive 2013 58
UPDATE LOG
Upgrade logs have now their own file:
log nova/install.log
![Page 59: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/59.jpg)
© SecurActive 2013 59
DEFAULT SCREEN
New welcome screen during:
Updates
Services turned Off
![Page 60: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/60.jpg)
© SecurActive 2013
Ve r s i o n 2 . 1 5
U s e r G u i d e
Re l e a s e N o t e s
D OCUMENTATION
UPDATE
60
Documentation update:
One-click access in the interface
Available on SecurActive web site
User guide and release notes
http://www.securactive.net/en/resource-library/usersguide
![Page 61: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/61.jpg)
© SecurActive 2013 61
VERSION 2.15 IMPACTS
Impacts on existing metrics:
SRT, DTT, EURT…
Main Impacts compared to 2.12:
Database Migration Time: Small
Metrics Impact on database is small.
Update should take few minutes.
![Page 62: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/62.jpg)
© SecurActive 2013 62
REBOOT AFTER UPDATE
After the update is completed
![Page 63: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/63.jpg)
© SecurActive 2013 63
YOU’RE READY TO GO, ENJOY!
![Page 64: Performance vision Version 2.15 news](https://reader034.fdocuments.in/reader034/viewer/2022052622/5596f3a91a28ab624b8b461f/html5/thumbnails/64.jpg)
What’s New
in Version 2.1 5 ?
© SecurActive 2013
THANK YOU!
64
For any [email protected]
Follow Us on@SecurActivePV
www.securactive.netblog.securactive.net