ExtraHop goes one hop further taking wire data into Open Data Stream

Peter Williams

Written By:
Published: 18th August, 2014
Content Copyright © 2014 Bloor. All Rights Reserved.

ExtraHop Networks is expanding the scope of its software to help businesses to exploit the value of the data it collects—for instance by big data applications and specific lines of business (LOBs).

Last week’s announcement of Open Data Stream for MongoDB (a leading open source NoSQL database) and Open Data Stream for Elasticsearch (a powerful search, analytics and data visualisation suite used in many big data environments) augments its already-available Open Data Stream (ODS) solutions for Splunk and VMware Log Insight for no extra cost.

For the uninitiated, what ExtraHop appliances uniquely do is conceptually simple but complex to achieve: tap all data as it traverses the wire in real-time, re-assembling the packets for every protocol to produce meaningful network analytics for every level from 2 to 7 in the ISO stack—at up to 20Gb/s. It is non-invasive as it uses no agents and does not degrade performance.

ExtraHop also provides some 2,500 metrics out of the box for IT operational analytics (ITOA) for wide use in complex enterprise network troubleshooting to help pinpoint hardware or application problems. The unique ability to turn raw data from the wire into structured data already means that it can be visualised, measured and used to show trends, reveal network infrastructure and application performance, and security issues and trigger alerts.

However, this announcement takes it one 'hop' further. It facilitates gaining extra business value from any specific data by, for instance, tailoring one of its metrics to extract and export it to combine with valuable data sets collected from other sources for multi-dimensional analysis.

As Chris Blessington, ExtraHop’s senior director of marketing, told me, data may come from the wire (network), systems (DBs and applications) and agents or be human-generated. However, “Wire [data] is orders of magnitude larger and [using ExtraHop] the ability is there to surgically and precisely extract just what you want from the wire data.”

So ExtraHop’s message to customers is that they can free their data from restrictive silos. Now it can also feed nuggets of data of business value into a larger analytical repository to achieve deeper insights, also dropping unnecessary 'data garbage'.

There is some potential competition for this aspect. Just days ago Splunk announced Splunk App for Stream to help its own cloud and enterprise customers capture streaming wire data in real time (a fruit of its acquisition of Cloudmeter last year).

However, Splunk’s move only serves to confirm a need to capture wire data and ExtraHop’s ability to structure the wire data in real time and now to export it to various highly scalable open repositories is much wider in scope. This keeps it well ahead of competitors and opens up new market possibilities.   

Following this announcement, expect further ExtraHop extensions to support some specific LOBs (including supporting some proprietary LOB protocols) and a new full release of ExtraHop—all within the next two months.

Post a comment?

We welcome constructive criticism on all of our published content. Your name will be published against this comment after it has been moderated. We reserve the right to contact you by email if needed.

If you don't want to see the security question, please register and login.