What is our primary use case?
Our primary use case is troubleshooting. We use it to go take a look at application flows, to understand, when we have an issue, if there's some sort of latency or if there's a communication problem or if we're getting some abnormal behavior. Our first troubleshooting step, anytime we have an issue, is source and destination IPs and run a capture. It's the first tool that always gets called in when we're trying to troubleshoot an issue.
How has it helped my organization?
The biggest benefit is the ability to do low-level packet inspection. When I say packet inspection, I don't mean looking at payload, but just looking at your communication handshakes and the like. It reduces troubleshooting time because you can get a much better view into the communications path between servers, database servers, web servers, and understand what's going on. So the biggest impact is reducing time to recovery when we have a problem. It's the kind of thing such that when something is just flat-out broken, you can usually figure it out, but when you have degraded performance in applications, that's when it can be very valuable.
What is most valuable?
One of the things that we're doing is building the application flows into the dashboard, to monitor them that way. That will be one of the more valuable things to do. We are in the process of doing a PoC with one application, although we haven't actually built the workflow yet. There are some others that were built last year for some of the other more simplistic applications, but we're trying to look at the workflow for more complex applications, and do the analysis on how they're performing.
The other thing that is of high value is that we can go back and look at past performance. As long as we have data retention, which is typically only about three or four days, based on the amount of storage we have, we can go back and try to troubleshoot an issue that may have already corrected itself. We have the data back there to take a look and see what was going on at that time.
We do use it for doing a little bit of performance and capacity planning, but that's not its primary function.
What needs improvement?
The GUI has gotten better over time but there could be some improvement in how the GUI is built. That's one of the major areas of feedback I get from the users.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
From a stability perspective, we have not had any issues. We haven't had it break or go down.
What do I think about the scalability of the solution?
It's extremely scalable. We've had no issues with the scalability at this point.
How is customer service and technical support?
Tech support has been good. We have a local pre-sales engineer and he's very helpful. He comes onsite on a regular basis, and we work with him if we're trying to do anything with new feature functions. He's helped us build some of the dashboards and done some training with the staff. He's readily available. He's local so he's here within a day or two if we need something. We're not bringing him in if we need a break-fix, we're bringing him in for enhancement of dashboards or application monitors.
Which solutions did we use previously?
Prior to this, we were just using Wireshark on laptops. We did have a product called GigaStor which we're using, but we've had a lot of issues with the stability of the product. It tends to crash, it's just not very usable.
How was the initial setup?
The product was implemented about five years ago, and turn-up time was very quick. It only took us about a week to get it up and running. The implementation was, in the words of the person who did it, "pretty simple".
What was our ROI?
There isn't anything that we quantify in terms of ROI but it results in less time to resolution. Anytime engineers spend less time troubleshooting and, instead, are doing other work, they're able to be more productive. This solution reduces the amount of time that our folks have to spend doing troubleshooting because they can rapidly collect the data to solve problems.
It takes the process of collecting data from hours down to minutes.
What's my experience with pricing, setup cost, and licensing?
Like any company, we always want better pricing. The pricing is okay, but it's not a cheap solution. When you want to deploy it across an enterprise as large as ours, you go into seven figures. It's not a cheap solution to get out there.
Which other solutions did I evaluate?
GigaStor was a product that was in-house, which we were not happy with. We really didn't do a competitive bake-off of nGeniusONE vs GigaStor, but we had experience with that product and we were not happy with it.
With nGenius, the user interface is much better and the ability to collect data is better. The GigaStors are like a PC with Wireshark on steroids. It's a large device, you put it into a SPAN port, and it can collect a lot of data. But the problem is with the interface, with how you do the data analysis. It's not good. And, as I mentioned, we've had issues with the hardware reliability with that device as well. We've had a couple of them and they tend to have a lot of hard drive failures, which either corrupt or cause loss of data.
On the retail side of our business, where we don't have nGenius deployed, we still use those GigaStors on an ad-hoc basis. We have to go over to a switch and plug them in when there's an issue going on, which is not a very effective way of doing troubleshooting.
We're not really looking at any competitors at this point. We're happy with what we're getting out of nGenius.
What other advice do I have?
We have a pre-sales engineer whom we engage with on a regular basis. That has been extremely helpful, having somebody who is not just tech support but who is very familiar with the product and can provide some training. The product requires some knowledge on how to use it.
You really need to be a more frequent user. That's probably part of our downfall as an organization: We don't have people using it enough to help build dashboards and application monitors. We use it in a reactive manner and I think there's more opportunity to be proactive in how you build application monitors within nGenius.
There isn't so much of a heavy learning curve for the user interface, it's how you build the dashboards. The user interface seems to be pretty good. It's gotten better over time. But it's understanding how you get into how the mechanics of how the product works, where you pull your dataflows from, and how you stitch them together to get an application dashboard.
I've been with the company about four years, and we've been using it as long as I've been here. There was a bunch of infrastructure that was put in prior to my getting here, all the TAPs and things to expand the footprint, but the footprint for nGenius is just in the PBM (pharmacy benefit manager) part of our business. We don't have it on our retail side.
We're continuing to roll it out. As we can get funding, we increase the footprint of the product. Today we're only tapping a portion of our environment. Our plan is to continue to expand it and, eventually, put it into retail.
It's used by our entire Operations staff. Some people are better than others, so it's probably somewhere in the neighborhood of 20 people who have access to it. It's not used on a regular basis by anyone. It's used if we have a request or a problem, as needed. The users are all network engineers. Some people are on the Operations side, and some folks are on the Engineering side, and some people are on the Architecture side. It goes across the whole swath of network engineers.
There is just one guy who maintains it, and it's only a part-time job for him. As we scale it across the operation I expect we will only have to marginally increase the number of people who work on it. The biggest effort will be, as we roll it out, in bringing in additional TAPs, tapping the switches and the routers that we want to. But once that's done, we just direct the data feeds into the backend and, at that point, it's just a matter of how much storage we have. It doesn't require a whole lot of care and feeding. In the time I've been here, we've done one or two upgrades. But they've all gone well with no issues.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Nov 11 2018
Be In Touch to Learn More
Learn More about NETSCOUT