QP & PureInsight Use Case

 

QP + PureInsight Use Cases

 

      QP + PureInsight Use Cases      

With industry-leading performance and technology, Quantea provides network recording and network forensics solutions to customers worldwide. Quantea’s products have a broad range of uses and benefits in various industries such as IT, telecommunications, healthcare and education.

Cybersecurity

Extract Top Talker Information with Quantea

Case Study

 

 

DNS Services

Resolve Domain Name System (DNS) Issues with Quantea

Case Study

LTE Networks

Conduct Deep Network Analysis with Quantea

Case Study

 

 

Quality of Service

Improve Quality of Service (QoS) with Quantea

Case Study

 

 

More Use Cases

Click to jump to a use case.

Telecommunications Company
Monitor and Alerts for Quality of Services

The customer is an ISP and mobile carrier that provides access to millions of subscribers to online or internal services. Their reach spans across several countries in Southeast Asia.

telecom

Problem: 

This carrier has issues with inconsistent content delivery to their subscribers especially with high bandwidth applications such as IPTV, cloud applications and online gaming. They need a solution that can monitor their environment (PON G/XG), send alerts and at the same time be able to quickly identify the source of the incident with 24/7 availability and record all traffic information beyond just the header. 

Solution:

With the QP, they were able to monitor areas of interest such as IGMP join/leave frequency, successful joins, alerts based on DNS queries/response, DHCPv4/v6 discovers/requests. In addition, they can visualize their network traffic and quickly distinguish between broadcast, multicast or unicast traffic. With the QP, they are able to make quicker and more effective actions upon any performance or Quality of Service issues. (See other use cases)

Mobile Service Provider
Real Time Traffic Splitting by MNC/LAC Using Virtualized Capturing and Filtering

A large network operator needs to isolate several areas of their service network to inspect VoLTE issues. For each area, a network services group is responsible for handling that particular voice data. They need to inspect the voice data for quality issues as well as test the deployment of a real-time language interpreter service.

mobile-service-provider-2

Problem:

There is no effective way of splitting aggregated traffic by MCC/MNC/LAC and compartmentalizing them to multiple volumes where service groups can access them. Doing this with conventional tools will require dozens of appliances per area.

Solution:

Using Quantea’s capability of virtualized capturing and filtering, a physical link is able to be fully utilized as it can handle several capture sessions concurrently while being stored separately. That way, large amounts of traffic does not have to be processed again once it has been stored. They are able to inspect smaller chunks of data to discover issues with in-house services such as language interpretation. This reduces the amount of resources required by at least 10x. 

By using Quantea’s solution, the large operator was not only able to harness large amounts of VoLTE data, but they are also able to reduce the amount of effort needed to compartmentalize all that information using parameters such as MNC and LAC. (See other use cases)

Regional Service Provider
Capture with DNS Monitoring

An internet service operator provides broadband services to consumers and businesses.

dns-capturing

Problem:

They encountered a lot of truncated DNS requests, which slowed down their services. A typical request for youtube.com takes, for example, 2 seconds or more (this adds up). They have been using APM tools, but that’s not enough because it can’t keep up with the number of requests/responses that occur during peak hours (4 PM to 9 PM). In addition, they want to search outside the packet headers which requires more data retention.

Solution:

With QP, they can record their entire DNS traffic even during peak hours. In addition, PureInsight and QManager’s packet search capability make it easy to analyze their traffic on our system – at least 10 times faster than previous tools.

QP and PureInsight have proved to be promising solutions to their problems. In addition, this will help simplify the problem resolution process. (See other use cases)

Large Enterprise Company
Determine Network Top Talkers in a Large Enterprise

For every large enterprise, most security issues happen from the internal device rather than an external device connected remotely.

large-enterprise

Problem:

Large enterprises had an issue with BYOD (bring your own device) since they were not able to assure that these devices have Splunk logging software installed on them.

Solution:

In conjunction with the QP and PureInsight, they were able to collect large amounts of network traffic and determine the top talkers in the network and determine the application being used. Using the QP’s API, they were able to integrate it to Splunk and into their existing traffic monitoring dashboards. 

The result is that they were able to visualize their network’s top talkers, consolidate all the traffic information and integrate with their existing dashboard setup. (See other use cases)

Healthcare Provider
Switch Migration Project in a Large Data Center 

The project started off as a network migration project of old systems to new systems and new software versions. Due to the capabilities of the Quantea QP, many other issues were discovered during this project and the system was also used to investigate other areas on the network and is currently integrated in the network full time to ensure network optimization, QoS, and enhance security. (See other use cases)

Old Solution

healthcare-old-solution

New Solution

healthcare-new-solution

Problem:

The network is built on a Cisco switching and routing platform made up of hundreds of Cisco devices. The network had been having issues for a long time and the current analysis and troubleshooting process had been going on for over a month, incorporating almost 30 people without any success!

Solution:

Due to Quantea’s unique capture and search capabilities, the resulting PCAP files were able to be searched quickly in full detail. This led to the use of matching unique strings of information that identified issues such as misconfigured switches and defective devices.

This project was done in only in two days with only 5 network administrators! (See other use cases)

Logistics and Transportation Company
Pinpoint Culprits During an Attempted DDoS Attack

delivery-services-solution

Problem:

Conventional tools (that stores a smaller sample of network traffic data) such as NetFlow and traditional network monitoring tools are not able to obtain critical information when a network experiences a surge in bandwidth utility. This company has experienced a significant surge in their network that deprived some of their network devices (e.g. firewalls, routers) from functioning normally.

Solution:

This company was well prepared for this type of situation. By leveraging the full packet versatility of the QP, they were able to deploy network data collectors,9 such as the QP4000 and QP500, so that they can gain 24/7/365 visibility before and after network traffic passes the firewall. The QP’s ”absorbed ” whole packet data. Using collected full packet data they found out that hundreds of unsolicited large file transfers are targeting a public server. The traffic was blocked to stop the DDoS from growing. (See other use cases)

Entertainment Content Provider
IPTV Multicast Out-of-Sync detection

IPTV is used by millions across the U.S. and provides a variety of entertainment programming.

iptv-muticast

Problem:

A flicker on video and delay between the sound and the picture in the screen happens because of a buildup caused by a multicast out-of-sync error. The service provider needs to know immediately when and where in their network this issue happened and whether this issue happened due to a software application or hardware (i.e. network equipment).

Solution:

By using the QP, they will know right away which time and which PCAP file contains the out-of-sync error. When the error is detected, the QP will automatically notify them of the time and the PCAP file. They will use PureInsight to verify that it was in fact an out-of-sync error and continue to look into the packets. 

With the QP’s high performance and fast drill down capabilities, they were able to figure out the cause of the issues right away and since the QP is not prone to losing packets, the integrity of the data is ensured. (See other use cases)

Internet Services Provider
SNMP Cross Validation

The service provider’s onsite network engineers experienced issues with their large (an expensive) networking switching equipment. Their 10A modules within the Alcatel ESS switches’ sometimes do not work properly; however, the SNMP messages sent out by the module are sent as an ‘Online – Port Up’ status.

snmp-cross-validation

Problem:

They are using Solarwinds SNMP monitoring software however it did not detect the failed hardware that the engineers are witnessing. They need a way to record both instances of actual network traffic being sent by the 10A modules and the SNMP messages so that they are able to cross validate and provide the information to the manufacturer (i.e. Alcatel). 

Solution:

By using QP and PureInsight, there are able to classify the SNMP as a flow and the network traffic (coming from module 10A) as a range of flows; using PureInsight’s dashboard, they were able to visualize the SNMP sending out ‘Good’ status while the module failed sending reliable network traffic. The service provider was able to collect all the information into PCAP and report with dashboard screenshots and sent it to the manufacturer.

Since the evidence of a defective switch (captured by the QP) was more than satisfactory, the manufacturer used that information to determine the issue quickly and addressed it with their client. The QP proved to be the “perfect insurance” for the network. (See other use cases)

Finance Company
Blockchain Rejected Node Traffic Capture

Nodes within the blockchain can be compromised. Compromised nodes can prevent, delay or even reverse  transactions. In addition, hackers are coming up with new ways of distributing malware which includes leveraging the blockchain mechanism.

blockchain-2

Problem:

There is no solution that can provide a wide and thorough insight to remediate these vulnerability issues in a timely manner. 

Solution:

By using QP and PureInsight, we can find out the cause of these blocks to be rejected. We can determine whether the node(s) involved in validating the transactions have been compromised. We use that information so that any updates the local node(s) contributed has a much lesser chance of being delayed. 

By using Quantea’s solution an additional layer of protections is made to ensure that the nodes within the blockchain ecosystem cannot be affected by compromised nodes within the decentralized system. (See other use cases)

Internet Services Provider
DNS Phishing Forensics

A large service provider needed a device that can help resolve issues on their DNS network while being able to use it 24/7 without causing any interference on the network. In addition,  they needed a solution that had to work with their deployed security solution by allowing their security system to request information from it at any time.

dns-services

Problem:

The solution has to be able to capture DNS traffic in such a way that shows every bit of information about what was happening during the DNS query process, while also being able to store the data to run analyses on the data. They need to record whole packets long term so that they can also resolve issues such as: DOS attacks, Cache Poisoning, DNS amplification.

Solution:

The QP was strategically placed within the data center to capture DNS query and response traffic from two data sources: DNS cache servers and the name servers. The QP was able to store long term data and provide weeks worth of historical look-back for analysis.

With the QP, the large service provider was able to reduce the time to discover issues by leveraging long term packet capture data with fast search and analytics. Also the QP provided interoperability with their current security system and event workflow. With the capability of storing a 1PB or more of traffic through storage amplification, the QP was able to provide more with less hardware. (See other use cases)

IoT (Smart Cities)
Network Traffic Auditing

The Internet of Things will automate crucial infrastructure such as industrial or municipal functions. However, there will be much more complex issues regarding the network(s) that it will utilize.

Problem:

The tremendous amount of data all of these devices generate can create a visibility fog that will hinder any performance and security related issues, even a typical device outage will be a challenge.

Solution:

Revealing the insight using large amounts of data is key. By utilizing Quantea’s ability to dive deep into the network traffic quickly and effectively, for example extracting the messages between IoT devices, Quantea provides a better understanding of the network beyond the topology.

With Quantea’s approach, we can harness data coming from a multitude of IoT devices utilizing different networks across multiple domains. (See other use cases)

Network Visibility is Greater with Quantea

Faster network remediation time, prevent loss of revenue and better cybersecurity posture is what Quantea can offer. Please contact us for more information. 

© Quantea 2024