Application Awareness

Deep Packet Inspection and Behavioral Analysis for Flow-based Application Awareness

In recent years, application visibility has become increasingly critical for managing your network. Business objectives require the assurance of continuous, prompt delivery of mission-critical applications across the enterprise. However, a growing mobile workforce, the explosion of new applications, and increased use of virtual networks brings a greater risk of disruptions in application and network performance, as well as exposure to threats from malware, data loss, and other security breaches.

How do you ensure uninterrupted, on-time global application delivery while simultaneously optimizing network performance and protecting business assets? End-to-end, borderless visibility of the network, including performance metrics, is key to your success in this effort.

StealthWatch combines powerful network performance monitoring and behavior-based anomaly detection to deliver total visibility from a single, integrated platform across both physical and virtual networks. Lancope also provides URL information in flow records generated by the StealthWatch FlowSensor to further aid troubleshooting, compliance and forensic investigations. URL data, which has previously been unavailable from most flow sources, enables administrators to see exactly which web sites users are going to, as well as the file path, to more easily identify which applications are causing performance or security problems.

StealthWatch analyzes and identifies troublesome hosts and problem areas across the network, rapidly identifying and resolving application-related issues by:

  • Host profiling to specify allowed service usage and alarm on disallowed usage or out of profile conditions
  • Modeling host behavior to identify changing host, application and traffic usage
  • Identifying congested areas of the network, potential candidates for WAN optimization
  • Providing a graphical breakdown of traffic composition for at-a-glance view of apps consuming the greatest amount of bandwidth (speaks to better capacity planning decision making)
  • Enabling a better understanding of the impact of new application and service deployments

In addition to providing in-depth insight into the internal network, StealthWatch also integrates behavioral analytics of data from perimeter devices such as firewalls. Combining internal and external monitoring provides greater contextual awareness for troubleshooting network and application issues, such as valid applications getting blocked by the firewall.

Additionally, the StealthWatch System includes custom application configuration, which enables users to detect custom applications within their environment to assist in the identification of anomalous traffic.

For more information, download the white paper 'Application Delivery on Time and Uninterrupted' (registration required) or see the Market Brief on Application Performance Monitoring.