Wasabi Networks

Interview networks solutions and Wasabi Networks develop together a common analysis platform for high speed capture and deep packet analytics

The technical integration of Sharkmon by Interview and Wasabi Network provides an excellent solution for a workflow of high speed capture and deep packet analysis.

Pain Points Industry

High speed capturing often lacks of deep data analytics – user have to know when and what an incident happened, before downloading pcap files and run manual analysis.

Wasabi Networks

Wasabi solution provides unique features for user to improve and facilitate “search and filter” processes.

Wasabi Networks specializes in providing highly scalable, always-on solutions that can record network traffic at speeds from 1Gbps up to 100Gbps and at volumes up to Petabytes of storage. As all network traffic is always “on record”, the system contains all performance issues, all network attacks, and all network activity back in time leading up to such incidents (as long as storage allows). Data can be searched and accessed on-the-fly through a Web-GUI, or by 3rd party solutions through an API. A sophisticated queuing and scheduling mechanism allow teams of experts sharing searches and search results interactively, to quickly zoom in on issues. 3rd party solutions can use the system as a high-speed front-end, where network traffic can be filtered and extracted for post-analysis, anomali detection, and trend-predictions by such solutions

 

These features perfect fit for integration with Sharkmon:

  • Recurring captures – capture can be autop split in short tiem _ smaller size Pcap Files
  • Future / history scheduled (forward / Backward) – jobs can bed ascheduled for future monitoring / start tomorrow – stop 2 weeks later )
  • Prioritized Search Queue – search queues can be prioritized, allowing urgent searches to be executed instantly despitede a possible search queue
  • Separated partitions – separate partitions allow to assign disk partitions to certain search paramters, which allows a much fatser search on criticl topics – instead searching the whole storage
  • Ultra fast search engine

 

Sharkmon can connect to capture appliances and manage search and download processes, forward filter conditions, set timing options and finally import requested data and  analyse the retrieved packets on customizable conditions.

Packets from the network are capture and stored by Wasabi NTA , if required in  separate partitions for criticil and standard data.

User can defines search and download conditions on Intertrace :

  • Filter – also BPF
  • timing – history or future data
  • recurring – where user can define size or time duration of each capture file –  longtime captures can be split in many smaller slices

With this solution a high-performance capture platform closely integrates into deepest packet analysis based on wireshark filters and metris

  • for continuous monitoring of network segments and
  • long time monitoring user-customizable metrics and protocols
  • deep packet content  analytics
  • incident recognition and alerting

Sharkmon analysis workflow

1) Importing packets from capture appliance or pcap directories

define content, filter, time, priority

3) identify symptoms based on packet content, counters, or deviations 

as incidents or raw data in logarithmic dashboards, select your critical data in dashboard

2) analyse packets

based on customizable profiles, identify incidents, organise in categories

4)  forward pcap file

to local wireshark or cloudshark