Understand Flow Path Analysis in LiveNX
Unimpeded network performance is the core aim for many NetOps activities, one of which is troubleshooting network performance issues by using packet data and network flows. When flow and packet data are aggregated and analyzed, network insights can lead teams to better solutions. For the small business that relies on restarting systems every time performance drops, flow insights may lead them to understand their network usage and then find the root cause for network problems. Large enterprises are likely already utilizing flow and packet data to monitor their environments.
Flow and packet data are key to fixing performance issues. To find specifics amongst overwhelming amounts of packet data flowing through the network, the degree of network visibility is essential for IT teams in addressing network performance and security problems.
Go With the Flow (Path Analysis)
Flows show top-level visibility by summarizing packets traveling between endpoints, while packet capture and DPI provide a greater depth of detail into what is inside packets, illuminating what data is traversing the network, wanted and unwanted.
The idea of network flow monitoring is to essentially tally, log, and analyze all network traffic as it passes through routers. This creates a summary model of network usage. Think of flow monitoring like a fast pass toll gate that electronically counts cars and records usage. Flow Path Analysis provides a hop-by-hop correlation of application and network performance.
Packet data holds the clues. Whole files do not travel in one piece across networks. Instead, network messages are packetized and then routed over the internet and other connections to be reassembled at their destination. Each packet is generally organized into three segments regardless of its size, the header, payload, and footer.
If packet capture, deep packet inspection, and flow monitoring are implemented, then NetOps and SecOps teams have the most relevant data at their disposal to troubleshoot incidents at the moment, the further from an incident in time, the more likely its root-cause clues will disappear.
To understand Flow Path Analysis with LiveNX, watch our video below!
Flow Monitoring in a Single View
As shown in the video above, flow path analysis in LiveNX is a useful story that can be used when troubleshooting network issues. Say there is a site that is having application slowness, or a user is complaining about a specific application, you can apply it to the filter, click apply filter button and the solution will show traffic for the VoIP application. Within the filter, things like source destination IDs, source destination port, bandwidth information, and other details can be found.
If it is a cisco environment and has proper licenses enabled on the Cisco routers, the ability to track things like high packet loss and jitter is possible. If the AVC license is enabled, you can see the performance information that is collecting basic flow. Regardless of having an AVC license, you’ll have the ability to be able to drill down and get to the information quickly.
Basic flow is the data you’ll get from all the network devices. If it’s the router, switch, or firewall you’ll be able to collect data and visualize it within the solution.
The LiveNx Difference
Instead of going from other tools to be able to troubleshoot one issue, the solution will tell you there is a problem with the network by showing the status, and from this workflow, I can drill down and get to the packets.
Let’s say you’re not a packet expert whatsoever and don’t know how to use the packets to troubleshoot. Instead of going through millions of packets to figure out what’s going on, the Expert Analysis will show it is high packet loss, high jitter, or high network delay affecting some packets.
You can use LiveNX to identify if it’s the network or the application causing the problem. You can see in this view Application delay (how long the server took to respond) or Network Delay (how long it took for the traffic to get to the traffic to get from the client to the server). This really helps provide visibility into the network or application causing the problem.
The idea is that you can start high level and get to the details very quickly. Everything is on the same interface, you don’t need to switch between different tools – you have everything you need on a single view.