Download - What's new in Performance vision version 3.2
![Page 1: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/1.jpg)
© SecurActive 2014
WHAT’S NEW
IN VERSION 3.2?
![Page 2: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/2.jpg)
© SecurActive 2014
PERFORMANCE VISION VERSION 3.2
CIFS Transaction Analysis
New Features & Improvements
![Page 3: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/3.jpg)
Performance Vision 3.2
© SecurActive 2014
CIFS/SMBTRANSACTION ANALYSIS
![Page 4: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/4.jpg)
© SecurActive 2014
CIFS TRANSACTION ANALYSIS: USER BENEFITS
Monitor CIFS/SMB Performance
Identify Slow Transactions
Correlate File Sharing Problems with Network Performance Issues
Access Rights Deleted or Corrupted Files Insufficient Resources All Errors and Warnings
Troubleshoot File Sharing Issues
![Page 5: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/5.jpg)
© SecurActive 2014
IN-DEPTH CIFS/SMB PERFORMANCE ANALYSIS
CIFS/SMB in APS
Supported CIFS/SMB versions
SMB 1.0
SMB 2.0
SMB 3.0 (no encryption)
![Page 6: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/6.jpg)
© SecurActive 2014 6
CIFS OVERVIEW
Overview of CIFS Commands
![Page 7: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/7.jpg)
© SecurActive 2014
OVERVIEW OF CIFS COMMANDS
Display CIFS Overview per Command type:
Number of Queries
Number of Errors and Warnings
Performance Metrics (SRT, DTT)
Payload and Number of Packets (PDUs)
One-click drill down to more details
![Page 8: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/8.jpg)
© SecurActive 2014 8
CIFS PERFORMANCE
Performance of CIFS Queries over Time
![Page 9: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/9.jpg)
© SecurActive 2014
PERFORMANCE OF CIFS QUERIES OVER TIME
Display CIFS Performance metrics over time:
Data Transfer Time and Server Response Time
Number of OKs, Warnings and Errors
Payload for Queries, Responses and Metadata
One-click drill down to more details
![Page 10: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/10.jpg)
© SecurActive 2014 10
CIFS CLIENTS
CIFS Most Active Clients
![Page 11: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/11.jpg)
© SecurActive 2014
CIFS MOST ACTIVE CLIENTS
Display CIFS metrics for the most active clients:
Client IP
Number of Queries, Errors and Warnings
Performance Metrics (SRT, DTT)
Payloads and Number of Packets (PDUs)
One-click drill down to queries and errors
![Page 12: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/12.jpg)
© SecurActive 2014 12
CIFS SERVERS
CIFS Most Active Servers
![Page 13: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/13.jpg)
© SecurActive 2014
CIFS MOST ACTIVE SERVERS
Display CIFS metrics for the most active servers:
Server IP
Number of Queries, Errors and Warnings
Performance Metrics (SRT, DTT)
Payloads and Number of Packets (PDUs)
One-click drill down to queries and errors
![Page 14: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/14.jpg)
© SecurActive 2014 14
CIFS FILES
CIFS Most Active Files
![Page 15: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/15.jpg)
© SecurActive 2014
CIFS TOP FILES
Display queries aggregated by Files:
File Path
Number of Queries, Errors and Warnings
Performance Metrics (SRT, DTT)
Payloads and Number of Packets (PDUs)
One-click drill down to queries and errors
![Page 16: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/16.jpg)
© SecurActive 2014 16
CIFS TREES
CIFS Most Active Trees
![Page 17: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/17.jpg)
© SecurActive 2014
CIFS TOP TREES
Display queries aggregated by Trees:
Tree Path
Number of Queries, Errors and Warnings
Performance Metrics (SRT, DTT)
Payloads and Number of Packets (PDUs)
One-click drill down to queries and errors
![Page 18: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/18.jpg)
© SecurActive 2014
DIFFERENCE BETWEEN TREE AND FILE
\\ WINSHARE \
DATA
\\ WINSHARE \ USR
Tree (Mount
Point)File
\ Private \ Users \ UC576 \ mailbox.pst
![Page 19: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/19.jpg)
© SecurActive 2014 19
CIFS USERS
CIFS Most Active Users
![Page 20: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/20.jpg)
© SecurActive 2014
CIFS TOP USERS
Display queries aggregated by Users:
Username
Number of Queries, Errors and Warnings
Performance Metrics (SRT, DTT)
Payloads and Number of Packets (PDUs)
One-click drill down to queries and errors
![Page 21: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/21.jpg)
© SecurActive 2014
USER NOT ALWAYS AVAILABLE?
Why is the User not always available?
Secured authentication (Kerberos)
Potentially unsupported authentication
mechanism
Session initialization has not been captured
![Page 22: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/22.jpg)
© SecurActive 2014 22
CIFS QUERIES
List of CIFS Queries
![Page 23: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/23.jpg)
© SecurActive 2014
CIFS QUERIES
Available CIFS Data
Command, Subcommand and Status
File ID and Path
Number of Queries, Errors & Warnings
Performance Metrics (SRT, DTT)
Username
Domain name
Tree ID and Tree name
Data Payload: Reads, Writes
Metadata Payload: Reads, Writes
Number of Packets (PDUs)
![Page 24: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/24.jpg)
© SecurActive 2014 24
CIFS RAW DATA
Details of all CIFS Transactions
![Page 25: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/25.jpg)
© SecurActive 2014
CIFS RAW DATA: TRUE ROOT CAUSE ANALYSIS
CIFS transactions without any grouping
Useful for advanced troubleshooting
Application behavior auditing
Queries
Raw Data
![Page 26: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/26.jpg)
© SecurActive 2014
USER FRIENDLY ROOT CAUSE ANALYSIS
User-friendly interface
Color highlighting for readability
One-click filtering facility
Inline CIFS protocol help
Resizable textboxes
![Page 27: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/27.jpg)
© SecurActive 2014
CIFS DEDICATED FILTERS
Dedicated CIFS filters:
Refine search for specific issues
Search results by:
Port number
Command type
Status name
Path name and File ID
Subcommand type
Tree name and Tree ID
User and Domain
![Page 28: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/28.jpg)
© SecurActive 2014
SEARCH FOR SPECIFIC CIFS ELEMENTS
Type text to automatically refine the list of available
options
CIFS Commands, Statuses and Subcommands organized into Categories
![Page 29: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/29.jpg)
© SecurActive 2014
EASY DRILL-DOWN
One click to see Performance over time for these CIFS Transactions
One click drill-down to CIFS Queries or Raw data
One click drill-down to Flow Details associated to these Transactions
One click drill-down to CIFS Errors or Warnings
![Page 30: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/30.jpg)
© SecurActive 2014
FOR POWER USERS: CUSTOM FILTERS FOR CIFS
Custom Filters for CIFS
Used to build advanced queries
See Custom Filters reference in Guide
![Page 31: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/31.jpg)
© SecurActive 2014
FAST ANALYSIS: CIFS COMMON STATUSES
Common Statuses for CIFS:
STATUS_NO_SUCH_FILE,
STATUS_NO_SUCH_DEVICE,
STATUS_OBJECT_NAME_NOT_FOUND,
STATUS_OBJECT_PATH_INVALID,
STATUS_OBJECT_PATH_NOT_FOUND,
STATUS_OBJECT_PATH_SYNTAX_BAD,
STATUS_DFS_EXIT_PATH_FOUND,
STATUS_REDIRECTOR_NOT_STARTED,
STATUS_TOO_MANY_OPENED_FILES,
STATUS_ACCESS_DENIED,
STATUS_PORT_CONNECTION_REFUSED,
STATUS_FILE_DELETED,
STATUS_INSUFF_SERVER_RESOURCES,
STATUS_MORE_PROCESSING_REQUIRED,
STATUS_BUFFER_OVERFLOW,
STATUS_WRONG_PASSWORD,
STATUS_NETWORK_ACCESS_DENIED,
STATUS_TOO_MANY_SESSIONS.
Common statuses category contains the most common CIFS errors and warnings.
cifs.status = "common"
Note: We do not consider
SMB_STATUS_NO_MORE_FILES as a Warning
![Page 32: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/32.jpg)
© SecurActive 2014
ACTIVATION: CONFIGURE CIFS ANALYSIS
Configuration > Zones
Activate CIFS transaction analysis
for the zone and its subzones
If not needed, do not add print servers to the scope of CIFS analysis.
![Page 33: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/33.jpg)
© SecurActive 2014
IMPACT: CIFS ANALYSIS WORKLOAD
Configuration > Database Workload
Check impact of CIFS analysis on workload
![Page 34: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/34.jpg)
© SecurActive 2014
PERFORMANCE SAVING: CIFS DATA MERGING
Datatype Zone Merging level Degraded metrics
Configuration > Data Merging
Adjust merging levels for more performance
or for more details
By default: maximum performance
![Page 35: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/35.jpg)
© SecurActive 2014
CORRELATION BETWEEN
NETWORK ISSUES AND CIFS TRANSACTIONS
CIFS
![Page 36: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/36.jpg)
© SecurActive 2014
ONE CLICK SWITCH: FROM TCP FLOWS TO CIFS TRANSACTIONS
DNS
SQL
ICMP
HTTP
Flows
CIFS
Already in 3.0
Switch from TCP Flows to CIFS Transactions
From TCP Details to CIFS Queries
From TCP Raw Data to CIFS Queries
![Page 37: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/37.jpg)
© SecurActive 2014
ONE CLICK SWITCH: FROM CIFS TRANSACTIONS TO TCP FLOWS
CIFS
SQL
HTTP
Flows
Switch from CIFS Transactions to TCP Flows
From CIFS Queries to TCP Flow Details
From CIFS Raw Data to TCP Flow Details
DNS
Already in 3.0
![Page 38: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/38.jpg)
© SecurActive 2014
CIFS DOCUMENTATION
User Guide update
CIFS Analysis
CIFS Status Categories (appendix)
![Page 39: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/39.jpg)
Performance Vision 3.2
© SecurActive 2014
NEW FEATURES
& IMPROVEMENTS
![Page 40: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/40.jpg)
© SecurActive 2014
LDAP INTEGRATION
LDAP Integration
Requires anonymous authorization
![Page 41: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/41.jpg)
© SecurActive 2014
SORT BCN BY CRITICALITY
BCN can be sorted by criticality level
BCN with most alerting events are shown first
One Red > Any oranges
One Orange > Any greens
Note: For Business Critical Networks only (not yet for BCA)
![Page 42: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/42.jpg)
© SecurActive 2014
#REQUESTS FOR DNS PAGES
For all DNS pages:
Add #Requests: Number of DRT
DRT: DNS Response Time
![Page 43: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/43.jpg)
© SecurActive 2014
DNS TROUBLESHOOTING
For DNS Troubleshooting:
Add new Custom Filters
Bandwidth, Packets, IPs
3.0
3.2
![Page 44: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/44.jpg)
© SecurActive 2014
ONE CLICK @ SWITCHING
New button to switch client/server values:
Zones, IP Addresses and MAC Addresses
![Page 45: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/45.jpg)
© SecurActive 2014
HINTS FOR « NO RESULTS »
Hints added:
When search requests return “No results”
Data could be merged
Metric could be disabled at sniffer level
Metric might not be active on any zone
Examples:
![Page 46: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/46.jpg)
© SecurActive 2014
HTTP DATA MERGING
3.0
3.2
For HTTP Transactions:
Added a new data merging level
![Page 47: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/47.jpg)
© SecurActive 2014
DATABASE PERFORMANCE IMPROVEMENTS
Better usage of query multithreading:
Response times up to 20% faster
Example: BCN computations
![Page 48: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/48.jpg)
© SecurActive 2014
BETTER HANDLING OF BUFFERED TCP PACKETS
Better handling of buffered TCP packets
Potential impact on DTT / EURT metrics
Note: already included in 3.0.17
![Page 49: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/49.jpg)
© SecurActive 2014
SHELLSHOCK SECURITY UPDATE
Bash security update for
Shellshock vulnerability
http://en.wikipedia.org/wiki/Shellshock_(software_bug)
![Page 50: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/50.jpg)
© SecurActive 2014
VERSION 3.2: IMPACTS SUMMARY
Major impacts compared to 3.0:
Database migration time: low
CIFS performance analysis
Potentially on DTT/EURT
Check impact of CIFS performance analysis on
workload & license limits
Potential impact on DTT/EURT metrics
Migration time is low
Update should take few minutes depending on
database size
![Page 51: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/51.jpg)
© SecurActive 2014
SOMETHING BIG IS COMING
Q1 2015 Technical Update
TBD 2015 Something BIG is coming
![Page 52: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/52.jpg)
© SecurActive 2014
REBOOT AFTER UPDATE
After the upgrade is completed
![Page 53: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/53.jpg)
© SecurActive 2014
YOU'RE READY TO GO, ENJOY VERSION 3.2!
![Page 54: What's new in Performance vision version 3.2](https://reader031.vdocument.in/reader031/viewer/2022020307/5596f3e71a28ab584b8b465a/html5/thumbnails/54.jpg)
What’s New
in Version 3 .2 ?
© SecurActive 2014
THANK YOU!
For any [email protected]
Follow Us on@SecurActivePV
www.securactive.netblog.securactive.net