nanog mailing list archives
Re: Netscout experiences
From: tOoLb0x <toolb0x.security () gmail com>
Date: Mon, 19 Aug 2013 17:24:48 -0700
On Aug 19, 2013, at 13:24, Blake Dunlap <ikiris () gmail com> wrote:
Greetings, Anyone out there have experiences with Netscout or any of their nGenius products and wish to share impressions? Currently looking at them in comparison to say Netbrain, NetQoS, smarts, etc. -Blake
We've been using Netscout's nGenius for years. Their Gig probes and Infinistream probes are rather expensive but the resulting application visibility justifies the cost. We have basically built up our network visibility over time starting with a PM server and a single probe, used as a netflow collector, then gradually superseding netflow with dedicated Netscout probes. We used fiber and copper taps instead of SPAN ports since we believe SPAN ports are better used tactically. Take that instrumentation cost into consideration. To be fair, we haven't evaluated the other apps that you have mentioned, as of late. We do have a Concord eHealth implementation which we use for historic SNMP network statistics. It's good for showing us WHEN and WHERE we have a bandwidth spike but it doesn't answer the WHO and WHAT questions like nGenius does. We use the Inifnistream probes strategically as a "network TiVo" which allows us to grab the packets we need for retrospective performance or forensic analysis. All of the Gig probes can do packet capture but they're limited. The Infinistreams are basically deployed at our core and network perimeter. Our Gig probes are more ubiquitous at the datacenter and distribution sites. Our basic philosophy of use is to monitor all the data center switches and any network choke points, especially ingress (ISP, extranet, VPN, dedicated circuits, etc). We also have a couple of portables that we use for our more on-going issues. We do have a few of the 10G probes but we coupled that with a Gigamon deployment since it was too cost prohibitive to purchase multiple 10G tool/interfaces everywhere in our data centers. Gigamon allows us to leverage many of our existing tools but that may not be germane to the conversation. -bb
Current thread:
- Netscout experiences Blake Dunlap (Aug 19)
- Re: Netscout experiences Dustin Schuemann (Aug 19)
- RE: Netscout experiences Lowe,Chris (Aug 19)
- Re: Netscout experiences tOoLb0x (Aug 19)
- Re: Netscout experiences Dustin Schuemann (Aug 19)