We just raised a $30M Series A: Read our story

ExtraHop Reveal(x) for IT Operations OverviewUNIXBusinessApplication

ExtraHop Reveal(x) for IT Operations is #1 ranked solution in top Network Packet Capture tools, #2 ranked solution in top Network Diagnostics tools, #7 ranked solution in top IT Operations Analytics tools, and #39 ranked solution in best Network Monitoring Tools. IT Central Station users give ExtraHop Reveal(x) for IT Operations an average rating of 8 out of 10. ExtraHop Reveal(x) for IT Operations is most commonly compared to Cisco Stealthwatch:ExtraHop Reveal(x) for IT Operations vs Cisco Stealthwatch. The top industry researching this solution are professionals from a computer software company, accounting for 34% of all views.
What is ExtraHop Reveal(x) for IT Operations?

The ExtraHop Application Performance Management Solution Delivers Unified Visibility Across the IT Environment w/ Proactive Alerts & Accelerated Troubleshooting

Buyer's Guide

Download the IT Operations Analytics Buyer's Guide including reviews and more. Updated: October 2021

ExtraHop Reveal(x) for IT Operations Customers

Alaska Airlines, bet365, Concur, McKesson, Microsoft, Morgan Stanley, Practice Fusion, Seattle Children's Hospital, Steward Health Care System

ExtraHop Reveal(x) for IT Operations Video

Archived ExtraHop Reveal(x) for IT Operations Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
reviewer1068483
User
Real User
Leaderboard
Instrumental in finding the root cause of problems that have been difficult to solve

Pros and Cons

  • "There are many valuable features in this product, but probably the biggest is the customization capability it has."
  • "This solution would be improved if it had the ability to retain data longer."

What is our primary use case?

Our primary use case is to seek out the root cause of problems that have been difficult to find. We use it for security anomaly monitoring, as well as performance monitoring.

How has it helped my organization?

We have been able to improve the mean time to resolution by several hours in some cases. We have also used it to make architectural decisions based on traffic patterns. It has been instrumental in finding problems that have been difficult to solve. 

What is most valuable?

There are many valuable features in this product, but probably the biggest is the customization capability it has.

What needs improvement?

This solution would be improved if it had the ability to retain data longer. Also, there should be more training on the best way to use the product. 

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Bintang Parlindungan  Siagian
Operations Team Member at Putra Perdana International
Reseller
Leaderboard
We can see everything that happens in the network, from Layer 2 to Layer 7

Pros and Cons

  • "The most valuable feature is the way it handles data, from Layer 2 up to Layer 7. We can see everything that happens in the network."
  • "They have a new solution, ExtraHop Reveal(x), and I think it needs improvement."

What is our primary use case?

We are using it for IT operations monitoring and it's great. From our point of view, it's a very good product.

How has it helped my organization?

The biggest benefit is that our customers can assess what happens in their networks. For example, they can see why an application is slow.

What is most valuable?

The most valuable feature is the way it handles data, from Layer 2 up to Layer 7. We can see everything that happens in the network. It's a great feature.

What needs improvement?

There is room for improvement in the security part. They have a new solution, ExtraHop Reveal(x), and I think it needs improvement.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is very good. We have had no problems when we do PoCs.

What do I think about the scalability of the solution?

The scalability is also great. We can expand the solution if we want to and integration is also quite easy.

How are customer service and technical support?

We usually do the technical parts ourselves because the deployment and the integration are quite easy. We haven't used technical support yet.

Which solution did I use previously and why did I switch?

We think this solution is better than whatever current solution our customer has.

How was the initial setup?

I was involved in the initial setup and it's very straightforward, it's easy to deploy.

What's my experience with pricing, setup cost, and licensing?

The pricing is higher than other solutions, but with such good features, I think it's worth it. Licensing is based on the throughput and they provide several options.

What other advice do I have?

This is a must-try product. Try it to see the benefits and features. It has many features that other solutions don't have.

Our most important criteria when selecting vendor are the product itself - the stability, the scalability - as well as the support. We need to have good support that is easy to reach.

I would rate ExtraHop at nine out of ten. It's a good product, easy to deploy and easy to expand.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Find out what your peers are saying about ExtraHop Networks, Splunk, Moogsoft and others in IT Operations Analytics. Updated: October 2021.
552,305 professionals have used our research since 2012.
Sid Roy
Vice President - Operations & Client Support at Scicom Infrastructure Services
Real User
Top 5Leaderboard
It has a straightforward deployment and implementation model, even for extremely dynamic and complex network environments.

What is our primary use case?

Enterprise applications and heavy network performance analysis. Specific focus on n tier applications with heavy reliance on L7 protocols

How has it helped my organization?

Must-have tool for advanced network/enterprise operation centers to fill in the performance gaps that host based and network performance management solutions leave. Provides the ability to execute systems and application management without being dependent on application language or APM agent qualifications.

Extensive use cases on joint workflow using ExtraHope ITOA and 3rd party APM toolsets- including real-time visualizations of business services performance mashed up and merged against L7 dependent protocols- this allows us to understand the correlation of business services degradation with performance issues with L7 protocols including HTTP, FTP and additional network services.

What is most valuable?

It has a straightforward deployment and implementation model, even for extremely dynamic and complex network environments.

There's unbelievable capability around wired data analysis; analyzing unstructured data at a sizzling rate, rationalizing it and delivering it as consumable, structured data. It's a big data solution in a plug-and-play implementation mode.

It's a must-have solution for large IT Operations, providing the ability to analyze infrastructure and application-related performance and data from the wire perspective. Very strong use cases around L7 application level analysis; at least 15 different security related use cases (including SSL and CIFS usage); significant capability for network focused groups specifically around analysis of L2 - L7 metrics; powerful tool for enterprise server management groups as well (analyze database, application, ICA, storage related metrics to name a few).

What needs improvement?

Additional out-of-the-box solutions and use cases would be nice. This is less a product improvement as opposed to aligning this powerful solution to common and uncommon industry use cases in order to become more vertically aligned.

The solution is so powerful, and because it analyzes wired data, the potential applications and use cases are limitless. ExtraHop will be better served by creating industry specific views and deployments to accelerate deployments and mindshare with users. As an example, they should have a retail package ready which provides the key views for a retail use case scenario. Same for casino/gaming; finance; ISV usage; NoC operations. So basically, creating the correct views for the market as opposed to saying we can do everything.

For how long have I used the solution?

Three to five years.

What other advice do I have?

Very powerful capabilities related to business parameter and analysis business level reporting if inclined to leveraged the ITOA for analytics

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user459633
Technical Manager at a tech services company with 201-500 employees
Consultant
Valuable features include wire data analytics and programmability of the platform.

What is most valuable?

Wire data analytics Programmability of the platform You cannot hide from the wire. All truth lives in the packets, and ExtraHop gets them to talk!

How has it helped my organization?

It has greatly reduced our MTTR and root cause.

What needs improvement?

I would improve the Rule-Based Access Control (RBAC) by providing granular access control to the data.

For how long have I used the solution?

We have been using the solution for four years.

What do I think about the stability of the solution?

We did not encounter any issues with stability.

What do I think about the scalability of the solution?

We did not encounter any issues with scalability.

How are customer service and technical support?

I would rate the technical support as very good. …

What is most valuable?

  • Wire data analytics
  • Programmability of the platform

You cannot hide from the wire. All truth lives in the packets, and ExtraHop gets them to talk!

How has it helped my organization?

It has greatly reduced our MTTR and root cause.

What needs improvement?

I would improve the Rule-Based Access Control (RBAC) by providing granular access control to the data.

For how long have I used the solution?

We have been using the solution for four years.

What do I think about the stability of the solution?

We did not encounter any issues with stability.

What do I think about the scalability of the solution?

We did not encounter any issues with scalability.

How are customer service and technical support?

I would rate the technical support as very good.

Which solution did I use previously and why did I switch?

We did not use a previous solution.

How was the initial setup?

The initial setup was straightforward. You just need to feed it a copy of network traffic and there are no agents or other nonsense.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair considering the value provided.

Which other solutions did I evaluate?

What other advice do I have?

Do it now and you’ll be glad you did.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user278256
Senior Solutions Engineer at a tech services company with 51-200 employees
Consultant
It is completely agentless, passive, and requires zero configuration on any end device for it to work.

What is most valuable?

Auto discovery and auto classification of the entire data-center application environment allows ExtraHop to be functional within hours of providing the EDA with a data feed. There is no product I have seen that even comes close to the speed at which it becomes operational.

The administrative overhead to install and manage the tool is ridiculously low. It is completely agentless, passive, and requires zero configuration on any end device for it to work. The only engineering required is providing the data feed. The time administrators normally spend on system administration can be funnelled into customization instead.

The degree to which the tool can be customized is near limitless. Just about anything on the wire can be a metric or a transaction record. It is most broadly used for operational analytics, but has many use cases for security, clinical, and business analytics as well.

The big data back end is a game changer. Every single network flow and application transaction can produce records. The EXA is still in its initial version having only been released a few months ago, and is already very useful. There are numerous improvements already in the pipeline for the next releases that will make it an even better analytics tool.

How has it helped my organization?

Like most organizations, the one where I worked had no functional tier 2. This is because systems are so complex the vast majority of support required engineering resources. This also means that any performance ticket could wind up with just about any engineering group and often multiple groups would have to be engaged for troubleshooting. ExtraHop provides metrics and dashboards that allow IT staff to quickly triage issues and get them to the right group for remediation without having to play hot potato with multiple tickets. It makes the idea of building an effective tier 2 operations team a feasible one.

What needs improvement?

The improvement that would make the most impact would be expanding on the new EXA big data back end. Currently the queries are limited to simple ones and visualization of the query results does not exist. That being said, it is still incredibly useful and unlike anything else out there. As one would expect, developers have been working on features since before the initial release and there will be many improvements in the near future.

The second criticism I have is the Activity Map. This tool allows one to see all device and protocol connectivity with a selected device or group of devices. It is a fantastic tool for defining client types and tiers in an application. My criticism is that the maps cannot currently be added to a dashboard. Logical application connectivity maps are very nice to have and I would always want one on an application dashboard, given the option.

For how long have I used the solution?

I was a customer or prospective customer for nearly two years. I was so impressed that, when offered the opportunity to work with the platform as a major part of my job description, I left my stable, well-paying job to go to work for a VAR who is an ExtraHop partner. We've used both the EDA and EXA versions.

What was my experience with deployment of the solution?

Deployment is entirely dependent upon the data feeds. The difficulty in engineering those feeds varies widely depending upon the network architecture. My organization already had a Gigamon visibility fabric in place so, in our case, engineering the feeds properly was fairly simple – ‘done before lunch’ simple. The mid-sized appliance had a 10GBPS limit, which was fine since traffic was generally under six GBPS. When data domain replication or large NetBackup jobs ran, we could just filter that out on the Gigamon to prevent saturating the single link.

What do I think about the stability of the solution?

I have had no problems with stability.

What do I think about the scalability of the solution?

The appliances are scalable up to 40GBPS and can scale horizontally as well through the use of a command appliance, so no issues there.

How are customer service and technical support?

Both customer service and support were outstanding when I was a customer. During our POC, they actually developed a new built-in metric based on our input which was in the wild before we had even completed the purchase. Support has always been responsive and knowledgeable.

Which solution did I use previously and why did I switch?

I was looking to reduce the large amount of time I was spending in deep capture analysis sessions to diagnose application issues. I had some Omni Engines in place to make that job easier – which is a great analyser, by the way – but capture analysis was still a long process of finding the needle in the stack of needles. I was looking for a tool that not only made the analysis easier, but empowered the application owners to do their own analysis. I did an extensive bake-off between ExtraHop and NetScout. The conclusion was that they were two very different products. It took a week of banging on NetScout to get it functional in the first place and, once it was up, I realised that it would be a useful tool for me, but would ensure that every issue would continue to come to me because I would be the only one who could leverage it. ExtraHop, on the other hand, was useable the afternoon I plugged it in and solving problems immediately. Not only that, but it was useable by all the IT silos. While engaged in troubleshooting activities I would provide reports generated from ExtraHop, which would usually result in someone asking where that amazing data was coming from. The conversation often resulted in my creating accounts for new users. It was clearly a tool that empowered others.

How was the initial setup?

The logical setup is extremely simple. There is also a large body of customization that is simple to deploy thanks to the community bundles that can be downloaded and installed. ExtraHop also has a process called a quick start, which is a week-long engagement where an ExtraHop engineer executes or validates the install and builds a few dashboards to operationalize the most important applications. The process of defining and dashboarding applications can be a bit time consuming to get it just right, but that is normal for deep customization. The more dashboards there are to provide templates, the easier future ones become. Customization can be as complex as one wants to get – even to the point of bubbling up business analytics from the wire data.

The only engineering challenge is the data feed. As I mentioned, the organization where I worked had a Gigamon, which simplified things. A couple of SPAN ports on core data center switches usually gets the majority of the visibility. If there are challenges in getting east-west traffic to the data feed (server to server traffic on the same subnet and hypervisor, for instance) there are numerous approaches to getting those packets; it’s doable but sometimes a bit challenging depending on the architecture of the data center. That isn’t an issue with the platform, though, just a challenge in accessing wire data in general.

What about the implementation team?

I implemented myself, although the ExtraHop SE was extremely helpful and responsive throughout the POC process. I have since learned that I was an outlier and a grabby customer. I have witnessed several engagements since then and the SEs are always actively engaged in the process and build customization in before a purchase is even made. After purchase, they have a quick-start process which involves a solutions architect spending a week or two getting the appliance operationalized and building the first few pieces of application customization for the customer.

What was our ROI?

ROI is tricky, because it depends on how well the tool is worked into the support workflow. In most cases, when used properly, it can reduce root cause from weeks to hours. Sometimes minutes. It can eliminate the majority of the “all-hands” trouble shooting sessions and war rooms by quickly isolating the real issues. It can also proactively identify issues and help prevent outages. In the organization where I worked (and in most others I have seen), there was not a central operations team that handled triaging so adoption was by individual silos. My day job was on the networking team, so I don’t know first-hand the extent to which it was adopted by each group. I do know that requests for packet capture analysis almost entirely dried up and I could spend much more of my time on that day job which, I am afraid, was the primary metric I was concerned with at the time.

What other advice do I have?

ExtraHop is far ahead of anything comparable in the industry. As a matter of fact, there isn’t anything that really compares. It is a wire-data driven operational analytics platform that provides network flow and application transaction performance monitoring out of the box. That description really doesn’t do it justice, though.

The ExtraHop website has a demo environment that will walk someone through numerous scenarios. It is well put together, but can be a bit overwhelming without some context or experience. I recommend having a look, but then scheduling a demo with ExtraHop, or with a VAR like the one for which I work. All that being said, these are demo environments and what it the platform can do seems a bit unbelievable at times. As a customer, I know I wouldn’t have believed it without seeing it. The real proof is in the POC. If you can set up SPAN sessions on the core data center switches, ExtraHop would be delighted to send you an appliance and help to get it deployed so you can see for yourself. Don’t take my word for it in any case. Do a POC.

Disclosure: My company has a business relationship with this vendor other than being a customer: I work for a VAR who is an ExtraHop partner.
Buyer's Guide
Download our free IT Operations Analytics Report and find out what your peers are saying about ExtraHop Networks, Splunk, Moogsoft, and more!