Network Instruments Rolls Out Observer 12

New features include MPLS analysis, enhanced support for VoIP, support for IPv6 and SSL/SSH decryption. In addition, accessory products for Observer 12 bring high-level reporting and security forensics.

Observer is a Windows-based network monitor and protocol analyzer utility for Ethernet, wireless 802.11b/a/g, Token Ring and FDDI. Out of the box, Observer can monitor single-segment networks, and using optional Probes, the product can track conditions on remote networks.

Software Probes offer remote analysis and monitoring for 10/100 Ethernet, 802.11 a/b/g wireless, Token Ring, and FDDI networks, and hardware-based probes are available for wire-speed, full-duplex Gigabit and T1/E1 or HSSI/DS3 WAN networks.

Observer also can be a great help in complying with regulations such as Sarbanes-Oxley, as well as performing network forensics and network troubleshooting.

Sponsored post

By allowing network traffic to be seen in real time, Observer enables network administrators to make decisions based on fact rather than speculation. The effectiveness of network changes can be seen instantly, and trending data can be collected over a period of days, weeks or months.

Triggers and alarms can be set to help pinpoint problems, and the triggers can activate message windows, captures, logs and trouble tickets or even contact an administrator via e-mail or pager. In addition, a traffic generator and packet buffer replay allow for stress testing and controlled duplication of specific problems.

Observer 12 brings MPLS analysis and troubleshooting. MPLS, or MultiProtocol Label Switching, eliminates a lot of the overhead associated with frame relay and asynchronous transfer mode (ATM) used in broadband switching and transmission. Observer 12 can analyze MPLS networks, help isolate problems and verify proper performance. Because government agencies have been mandated to support IPv6 by 2008, Observer 12 can monitor IPv6 traffic and list data with the appropriate IPv6 address displayed.

Expanded VoIP analysis in Observer 12 includes support for Avaya CCMS and Nortel UNIStim protocols, support for SIP, SCCP (Cisco Skinny), H323 and MGCP. Integrated support for Microsoft Networking is also new, as well as the ability to be configured with Secure Socket Layer (SSL) and Secure Shell (SSH) certificates to decrypt secure data.

In the past, using Observer for multi-hop analysis was confusing and had to be configured manually. But multi-hop analysis is automated in version 12. Observer can initiate simultaneous packet captures from different network segments and automatically find the source of delays and packet loss.

Observer 12 also brings expanded analysis capabilities of data from Network Instruments' GigaStor appliance, which records network data transmissions for future analysis. An analysis of the captured transmissions will recognize the patterns of known attacks and then pinpoint the source and time of the breach. A forensic analysis can also reconstruct all network communications, including files, instant messages, e-mails, VoIP calls and Web pages, including any images on the Web pages.

Also this week, Minnetonka, Minn.-based Network Instruments unveiled a companion product called Observer Reporting Server, which can connect to multiple remote Observer consoles and provide a high-level view of overall network activity. It can scale to collect data from hundreds of Observer probes. Reports can be segmented by business unit, user group or infrastructure type.

Observer 12 costs from $995 to $3,995, depending on options. The GigaStor appliance begins at $20,000 for a two-port configuration, and Observer Reporting Server, available as software or as an appliance, starts at $10,000.

MARC SPIWAK is a technical editor for the CRN Test Center.