Observer Overview
|
Observer® is a
network analyzer for LAN, wireless 802.11 a/b/g, low-utilization gigabit,
Token Ring and FDDI networks. Observer provides real-time metrics, packet
capture, decode, trending and more for shared and switched environments.
|
|
Observer is a
software-only, network monitoring and troubleshooting tool. Observer
includes a 64-bit core to maximize 64-bit processing. A 32-bit version is
also included. Observer can monitor wired LANs and 802.11 a/b/g networks.
With the addition of Network Instruments’ software or hardware probes,
Observer can monitor multi-segment networks including LAN, WAN, gigabit and
wireless.
With the Network Instruments’
Distributed Network Analysis architecture, (NI-DNA™),
Observer is unique in the network analysis industry. It’s the only analyzer
built from a unified code set, offering scalability and seamless integration
across the entire Observer product family. Network administrators need to
only learn one interface to monitor across topologies, locations, and
technologies.
Learn
more about NI-DNA.
Observer Benefits:
 | Convert your PC or laptop into a
powerful analyzer |
| Capture, view, and decode traffic
in real time |
| Instantly assess the effectiveness
of network changes |
| Monitor and graph real-time
bandwidth utilization |
| Save historical data |
| Baseline your network |
| Identify virus and hack attacks
|
| Collect statistics by user, packet
size, or protocol
(See the Video) |
| Filter easily through data to
isolate issues |
| Perform stress testing |
| Speed troubleshooting with
proactive notification
(See the Video) |
| View router traffic patterns in
real time |
| Analyze VLANs independently or in
aggregate
(See the Video) |
| Monitor wired and wireless
together |
| |
Packet
Capture and Decode |
| Over 550 primary protocols (decode
listing) |
| Countless subprotocols (including
wireless) |
| Nanosecond resolution |
| Add administrator comments to any
packet |
| Dynamic port protocol decode
|
| Schedule packet captures |
| Conceal private IP addresses
|
| Over 30 real-time statistics
available |
| Network summary |
| Bandwidth utilization |
| Internet Observer |
| Access point load monitor
|
| Pair statistics |
| Protocol distribution |
| Network activity |
| Wireless site survey |
| Router Observer |
| VLAN Analysis |
| Understand bandwidth usage by
device |
| Determine if a station is
consuming too much bandwidth |
| View LAN use patterns |
| Detect faulty network hardware |
| Make informed decisions about
network segmentation |
| Find broadcast storms |
| Review switch usage and resource
allocation
|
| Include or exclude packets by
address, address range, protocol offsets, and presets |
| Use Boolean logic to create
complex features |
| Filter with Perl-compatible
regular expressions
 |
| Design filters visually |
| Create protocol filters from the
protocol distribution list |
| Execute multiple filters
concurrently |
| Share filter libraries with other
Observer users |
| Quickly configure filters with
fast post filtering |
| Utilize data mining capabilities
|
| Flag activities or errors with a
pre-defined list |
| Set custom notifications based on
any filter |
| Receive alerts as vulnerabilities
are detected |
| Choose alert method (e-mail,
pager, etc.) |
| Obtain e-mails with virus
information including source and destination |
| Setup any trigger to have an
associated action
 | Pop up message windows |
| Activate captures |
| Start/append logs |
| Print trouble tickets |
| Execute external programs |
|
| Manage triggers and alarms for
multiple probes from one location |
| Set a trigger on any WLAN activity |
| View each VLAN data independently
or in aggregate |
| Real-time statistics |
| Determine loads by station and by
VLAN |
| |
Network
Trending and Reporting |
| Collect trending data for
| Ethernet |
| Internet |
| VLANs
|
| WLANs
|
|
| Gain insight into total network
health over time |
| Collect and store network,
Internet, and switch data for days, weeks, months, even years |
| View a single time period (i.e.
day or month) or create period-to-period comparison reports |
| Choose text-based, graphical or
Web-based reports |
| Obtain instant snapshots with
Ready-Made Reports |
| Design custom reports and save
templates for later use |
| Auto-generate reports to any
folder or e-mail box |
| Share reports with non-Observer
users |
| Complete support for 802.11a/b/g –
no additional software necessary |
| Gain WLAN-specific metrics such as
| Access Point statistics |
| Wireless types by station |
| Errors by station |
|
| Utilize site configuration tools
for better planning |
| Choose from multiple security
encryption options |
| Collect long-term trending
information |
| Stay on top of your WLAN with
Wireless Site Survey |
| Find rogue access points |
| Understand signal quality and data
rates |
| Enforce WLAN security policies |
| Determine AP placement by
measuring signal strength |
| Monitor wired and wireless with
one interface |
| Receive instant notifications on
problems with wireless Triggers and Alarm |
| Obtain specific Internet activity |
| Review individual Internet usage
with Internet Patrol |
| Receive true Layer 3 IP addresses
with IP Pairs Matrix |
| Use IP Subprotocols by Station to
gain each users’ specific Internet usage by service |
| Understand router activity |
| Determine router usage |
| Obtain a “heads-up” immediate
display of packets/sec, bit/sec, and interface utilization |
| Review traffic by direction (in,
out, total) and percentages of interface utilization |
| One-minute and one-hour displays
available |
| Unique method of easily
cross-referencing data
|
|
|
Expert
Observer speeds network troubleshooting by proactively identifying network
issues and offering immediate solutions. Pinpoint difficult problems through
real-time or post-capture Expert analysis. |
|
Expert Observer tracks
applications, VoIP traffic, transactions and more across your LAN, wireless
802.l1 a/b/g, gigabit, token ring, and FDDI networks. Expert Observer
includes a 64-bit core to maximize 64-bit processing. A 32-bit version is
also included.
With the Network Instruments’
Distributed Network Analysis architecture, (NI-DNA™),
Observer is unique in the network analysis industry. It’s the only analyzer
built from a unified code set, offering scalability and seamless integration
across the entire Observer product family. Network administrators need to
only learn one interface to monitor across multiple topologies, locations,
and technologies.
Learn
more about NI-DNA.
Expert Observer Benefits:
| Solve problems quickly with over
570 real-time Experts |
| Predict network bandwidth and
response time impacts |
| Track and solve application
problems |
| View application session flows
graphically |
| Reconstruct data packets
|
| Isolate transaction and
conversation delay
|
| Obtain instant expert explanation
online for each event and item |
| Grade LAN, WAN/Internet traffic
differently |
| Track errors, events, slow
response, and slow connections |
| Manage voice and video
communication
|
| Monitor all ports on a switch |
| Collect long-term trending
statistics
(See the Video) |
| Utilize WLAN Experts to solve WLAN
problems |
Expert Observer includes all
the benefits of base Observer plus additional key features for identifying
network issues and offering immediate solutions.
TCP/UDP/ICMP/IPX/SPX/802.11a/b/g/NetBIOS/NetBEUI
Experts
| Displays protocol and application
problems in real-time |
| Local traffic is judged
differently than WAN/Internet traffic |
| Ensure no false readings are
provided |
| Common services are tracked and
organized |
| Response performance is sorted and
flagged by severity |
| Tracks all port-based protocols
for slow response and other issues |
| Measures delay to differentiate
between network and application problems |
| Provides a graphical view of
system conversations |
| Shows packet-to-packet display
items visually |
| Allows for instant identification
of long latency and response times |
| Retransmissions and lost packets
are flagged in red for quick identification |
| Drill-down to decode information
with one click |
| Monitor connections to improve
VoIP performance |
| Save or play voice conversations
or streaming video |
| Offers relevant and actionable
detail and diagnostics |
| High-level VoIP traffic summaries
|
| In-depth Call Detail Records
|
| Over 50 event and threshold-based
VoIP Experts
|
| Displays the individual MOS and
R-factor for every call
|
| Customize impairment factors of
the E-model depending on your needs
|
| See reports on QoS by call,
packet, and protocol
|
| Understand VoIP utilization to
plan upgrades
|
| Sort TCP sub-protocols by
precedence bit to help prioritize VoIP traffic
|
| Review flow including call setup,
duration, and teardown
|
| Jump immediately to Connection
Dynamics to understand direction and delay of every packet in the stream
|
| Monitors VoIP across LAN, WAN,
gigabit, and WLAN |
| Shows current and maximum jitter
|
| Analyze H.323/SIP conversational
data |
| Obtain application statistics in
realtime and postcapture |
| Track application session flows
and failed transactions |
| Receive statistics on errors and
monitor response time |
| Obtain up-to-the minute
application performance |
| Automatic server and application
discovery |
| Attain true application response
times deeper than the TCP level |
| Drill-down to view
session-by-session communications |
| Eliminates need to purchase a
separate application monitoring system |
| Supports SQL (TDS), Oracle (TNS),
VoIP, DNS, FTP, HTTP, POP3, Telnet, SMTP, SNMP, Exchange, and Citrix
|
| Track conversations through
multiple segments, hops, and routes
|
| Quickly pinpoint and eliminate
transaction delay
|
| Supports up to 10 hops
|
| Easily see across routers over
time
|
| Pinpoint bottlenecks within
specific conversations
|
| Verify if 3rd party service
providers are performing to their SLA
|
| Isolate if slowdowns are due to
network delay or system processes
|
| Identify packet loss and location
|
| Measure one-way, round-trip, and
individual hop delay
|
| Utilize Connection Dynamics to
show packet-by-packet, hop-by-hop
|
| View delay in aggregate with Hop
Summary
|
| Obtain a textual summary display
with Summary Statistics
|
| Can be utilized across WAN links,
Ethernet connections, wireless traffic, and gigabit networks
|
For enterprise administrators
concerned with network forensics, compliance, and security, Observer can now
take captured traffic and recreate the communication in an easy-to-read
format. Rebuild web pages (including images), reconstruct e-mails and
instant messaging communication to gather hard evidence on network activity.
Stream reconstruction can help maintain corporate Internet usage policies,
assist law enforcement, and contribute toward Sarbanes-Oxley compliance.
NetFlow monitors routed traffic on
the backplane of Cisco switches and routers. Any Advanced Expert Probe can
be configured to aggregate flows from various NetFlow devices on the network
and send updated information to an Observer console. The console then
displays the NetFlow data, providing top talkers, pairs matrix, bandwidth
usage, long-term trending, VLAN analysis, and application awareness.
IT can gain a number of benefits by
integrating NetFlow technology in an Observer environment.
| Collect statistics on user
activity |
| Extend Observer probe visibility |
| Obtain long-term trending reports |
| Consolidate and encrypt user data
collected by NetFlow technology |
| Predict how network changes will
affect response times |
| Track bandwidth capacity changes
(e.g. 100 Mb to gigabit) |
| Review variable changes (i.e.
packet size, packet ratio, users) |
| Measure based on actual client,
peer-to-peer, or server conversations |
| Plot possible response time,
bandwidth utilization, and packet flow scenarios |
| “Live-modeling” lets you assess
the impact of network or application changes |
| Displays server response times
charted against the number of simultaneous requests |
| Charts response times for recorded
request sets, and as request loads increase |
| Displays network errors by time
frequency |
| Identify whether a problem is
sporadic or consistent |
| Shows if a slow response is due to
network load |
| |
Expert
Summary Problem Analysis |
| Shows error events in a single,
concise display |
| Offers ability to quickly
drill-down for further analysis |
| Displays when errors occurred and
at what time |
| Isolates and provides solutions to
WLAN issues |
| More than 50 wireless-specific
Expert conditions |
| Receive instant alerts on
| Unknown stations |
| Spoofed MAC addresses |
| Whether an AP is used open
system or shared key authentication |
| Whether encryption is disabled
or enabled |
| Authentication and
de-authentication rates |
|
| |
Industry-Leading Memory Buffer |
| For 32-bit Windows, utilize a 4 GB
memory buffer |
| For 64-bit Windows, buffer can be
up to 124 GB |
| Allows for increase captures |
| Extend time frames for Expert
analysis |
| User-defined memory mode to
fine-tune individual memory usage |
| Guarantees no dropped packets by
using reserved memory not associated with Windows |
| Limits access to confidential data
through a decode screen |
| Password protect and limit
captures to a set number of bytes |
sFlow is a standard traffic reporting
mechanism that device manufacturers have embedded into switches. sFlow
monitors sampled traffic on the backplane of these switches and then pushes
the data to any Network Instruments Advanced Expert Probe. Similar to how
Observer integrates NetFlow, Observer then provides real-time statistics and
long-term trending reports on this data as well.
|
|
Observer
Suite encompasses all the functionality of Observer and Expert Observer plus
includes support for SNMP and RMON device management with Web Reporting
tools. Observer Suite is a network analyzer for LAN, wireless, 802.11 a/b/g,
low-utilization gigabit, Token Ring, and FDDI shared and switched networks.
Observer Suite includes a 64-bit core to maximize 64-bit processing. A
32-bit version is also included. |
|
With the Network
Instruments’ Distributed Network Analysis architecture, (NI-DNA™),
Observer is unique in the network analysis industry. It’s the only analyzer
built from a unified code set, offering scalability and seamless integration
across the entire Observer product family. Network administrators need to
only learn one interface to monitor across multiple topologies, locations,
and technologies. To learn more about
NI-DNA, click here.
Observer Suite Benefits:
| Optimize devices with a full SNMP
management console |
| Configure and update SNMP device
parameters all from a single location |
| Monitor different network segments
from a central location using RMON1, RMON2 and HCRMON collection consoles |
| View statistics from any web
browser |
| Obtain secure remote access of
trending reports and SNMP data through any Web browser |
| Identify client/server
relationships automatically |
| Automate report delivery |
Observer Suite includes all the
benefits of base Observer and Expert Observer plus additional key
functionality for identifying network issues.
| Support multiple views of SNMP
device data |
| View readable and writeable SNMP
objects |
| Perform trending on time-based
SNMP data |
| Baseline data for comparison
reports |
| Multiple notifications are
available upon trap receptions |
| Includes a MIB compiler to support
any vendor |
| Utilize one tool for multi-vendor
hardware networks |
| Display names or addresses of
devices by switch port |
| Monitor and control any RMON-standard
device |
| Fully compliant with all RMON1/2
specifications |
| RMON console supports high
capacity RMON (HCRMON) |
| Share Observer reports with
non-Observer users |
| Generate reports dynamically |
| Configure reports based on time,
station, switch, or SNMP data |
| Obtain current and historical
trends |
| Secure access with password
protection |
| Control report access at the
administrator level |
| Define different user levels |
| Distribute network “Weather
Reports” via your corporate intranet/extranet |
| Quickly publish data with Ready
Made or Custom reporting options |
| Drill down inside any report for
deeper analysis |
| Obtain access to error, capacity,
and historical network data to any application that supports XML or SOAP
(Simple Object Access Protocol)
|
| Add custom, proprietary, or
additional protocols to Observer decodes |
| Full wireless support |
|
Take a look at Link Analyst
Graphical Network
Mapping, Up-Time Monitor, Route Analysis and QoS Management
|
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)