This deep visibility allows ExtraHop to provide insights across the entire network stack, from basic connectivity to application-level transactions.
“The benefit of going all the way through Layer 7 is I can actually see a database transaction going through on the wire,” Vasani said. “If you have application teams complaining about database query latency, we can map it to what session was that tied to and what flows was it tied to from a network perspective and is this really an app server issue, or is it a network issue, or is it an endpoint issue?”
The new sensor integrates with ExtraHop’s RevealX platform, feeding telemetry into the company’s cloud-scale ML/AI engine that powers its detection and analysis capabilities.
“The sensor collects the telemetry, feeds it into an ML/AI engine that sits in the cloud, and then we layer in workflow engines on top to enable the various use cases,” Vasani said.
How the ExtraHop unified sensor is deployed across hybrid environments
In modern distributed enterprise environments, network visibility must extend beyond traditional data centers. ExtraHop’s all-in-one sensor is designed to address this reality with deployment options that span physical appliances, virtual machines and cloud environments.
ExtraHop has both virtual and physical hardware appliances for sensor deployment. ExtraHop sensors can plug into a network through multiple methods including, Network Tap, SPAN (Switched Port Analyzer) port, packet broker or a cloud provider’s vTAP capabilities.
