ExtraHop has announced the release of both a new appliance and the fifth version of its wire analysis software. This is not merely a feature update but introduces a significant change for wire analytics. Enterprise Times spoke to Isaac Roybal, Principal Product Marketing Manager, and Brent Blood, Sr. Manager, Technical Marketing Engineering at ExtraHop to find out more about this latest release.
Version five: Iteration or Generation
When software companies announce the release of yet another version, ones first thought it that it is merely an iterative improvement from what has gone before. While the changes to the ExtraHop software might seem iterative in some respects, and certainly they build on what has been before, they deliver a step change in functionality that will be of interest to many IT leaders.
Alongside the new version is another appliance, the Explore Appliance that enables companies to carry out analytics on the data captured to deliver insights that were not previously possible within ExtraHop. This is a good thing and Gartner Research VP Will Cappelli wrote in “Causal Analysis Makes Availability and Performance Data Actionable,” that:
“Recognition that more data does not equate to availability and performance process improvement is cascading across global enterprises. As a result, users have begun to insist that any ITOA solution should focus not only on the ingestion, storage and access to data, but also on tools for making that data meaningful and actionable.”
Where previous versions of ExtraHop have merely been capable of capturing network data that is being transferred between two points on the network, this latest version is also capable of capturing application data. As Blood explained this could not be achieved with the existing Discover appliance as there was insufficient storage in the device to cope with the amount of data being collected.
“That’s why we are introducing a new appliance for this. Storing this new data was unfit for our existing data store. So we have made a new type of appliance with a new kind of data store with a lot more disk.
In fact using Elastic Search clustering it is possible for ExtraHop to combine both their Discover and Explore appliance, so that not only can they exceed the 40GB per second data intake of a single appliance, but that once clustered they appear as a single entity.
This is important when collecting the volumes of data they are suggesting. The relationship between the boxes does not have to be 1:1 either, so it is possible to collect all the data from multiple discover appliances but only filter what is required back to a single Explore appliance for analysis.