ExtraHop Networks is expanding its portfolio of network visibilty appliances today with the new EH9100, offering the promise of up to 40 Gbps of bandwidth.
The EH9100 is a 2U box that includes four 10 GbE ports to capture network traffic and an additional port for dedicated network management. The promise of up to 40 Gbps of traffic inspection isn’t just for data sent in the clear, but also for encrypted SSL/TLS traffic too.
“The gee-whiz number that gets me is the 40 Gbps of sustained SSL decryption, because the box actually does that at speed,” John Matthews, CIO of ExtraHop, told Enterprise Networking Planet.
Matthews said that when he was first made aware of the 40 Gbps decryption speed, he went to the company’s engineering test team to actually verify the claim, since he didn’t believe it was possible. As the CIO of ExtraHop, Matthews’s responsibility isn’t to sell products, but to manage the technology that ExtraHop itself uses. One key pain point that many CIOs have is actually understanding what’s going in their own environments. That’s where ExtraHop is eating its own dog food (or drinking its own champagne, depending on which metaphor you prefer).
“Managing complex environments is super challenging, and there are more ways things can go wrong than your average IT person or vendor can possibly keep track of,” Matthews said. “I’ve been in war rooms where you have server, storage and network people, with multiple vendors, and everyone is trying to figure out where the fault lies.”
Matthews said that in many cases, the first time anything goes wrong in an enterprise, the network is often blamed. From a CIO perspective, Matthews said he doesn’t really care where the fault lies. Rather, his concern is what’s wrong and how quickly the issue can be fixed.
“What the EH9100 does, in real time, is it allows me to diagnose that kind of stuff, at scale,” Matthews said.
Matthews noted that for many data centers, the transition from 1 Gbps to 10 Gbps is well underway, and there is increasing adoption of faster connection speeds, including 40 Gbps and even 100 Gbps.
“You need something that can consume all of that data,” Matthews said.
From a technology perspective, Erik Giesa, SVP of products at ExtraHop, explained that the EH9100 is a real-time data stream processor that sits out-of-band on the network. The underlying architecture enables a zero-copy proxy, providing very low latency. The EH9100 appliance is powered by 16 processor cores, which enable the rapid rate of processing.
The core operating system that powers the EH9100 is based on Linux for the system boot, though Giesa explained that ExtraHop leverages its own micro-kernel to enable the business-level services for analysis.
When it comes to network packet analysis and its relationship with applications, Matthews emphasized that the ExtraHop system does not require users to install software agents in their applications.
Matthews explained that he’s spent a lot of time in his career dealing with Oracle software.
“One of the issues I used to despise is, I’d have an issue inside of Oracle and I’d talk to my consultant and they told me to turn on monitoring inside of Oracle,” Matthews said. “As soon as you turn on the monitoring, your performance goes in the pooper. What I like about ExtraHop is that it doesn’t negatively impact the performance in my environment to look at my environment.”
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist.