The summary screen gave us an overview of what was happening on the wire. We were interested in the Internet-attack analysis module, which provides a security analysis report on attacks such as Gin, Jolt, Land, Oversized IP, Pimp, RIP, Teardrop and WinNuke. These statistical buckets could be graphed and saved. In addition, we periodically took snapshots of the statistics. The snapshot is displayed directly next to the real-time collections and compared with previous snapshots, making diagnostic comparisons easy.
Two layers of alarms, Suspect and Problem, can be set. The configuration window offers the selection of thresholds by byte or packet, either total or per second, with a range of severities, from "information" through "severe." The rearm mechanism is based on number of units under alarm threshold passing within a specified time period. We welcome this sophisticated and complete set of alarm threshold mechanisms on an analyzer.
Two other displays, one for protocols and one for nodes, provide interesting high-level views. The protocol display shows Layer 2 through 5 summaries, while the node displays total traffic in bytes and packets sorted by node. A wide range of right-click context launches let us, for example, select specified packets in the capture buffer, see graphed packets, save protocol and node statistics, and create alarms.
EtherPeek offers fine-grain control over the alarm, letting us link to any of the statistics monitored in the node, protocol or summary screens. As would be expected with a protocol analyzer, this includes Ethernet statistics like broadcast, multicast, unicast, utilization, errors and packet size. In addition, we got protocol types, SMTP, FTP, ICMP, IP, NetWare, newsgroup, Internet attack and Web URLs. Not bad.
There is a name table, and in addition to IP and MAC, protocols and ports can be given names. You can do this naming by editing the table or importing a pre-existing list, either in the native EtherPeek format or as a delimited file, making possible the import of host files. However, an additional field is required to indicate that the enterers are IP, as the EtherPeek supports Ethernet MAC and port resolution in its name table.
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
