FireScope's and Network Physics' analysis appliances give VARs, security consultants easier access to information.VARs looking for the next profitable frontier in network forensics have two widely different alternatives with the partner programs and products available from two vendors.
Network analysis appliances from FireScope and Network Physics offer divergent approaches toward better network applications intelligence. The idea is to get beyond doing packet captures, ports and protocol decodes to view and understand application-aware information. In the past, many network analyzers have relied on deep experience and intensive training before they could be deployed as troubleshooting tools for real-time threat mitigation. Products such as Network General's Sniffer and Ethereal were purposely difficult to use, and, therefore, gaining experience with them was hard.
Instead, FireScope and Network Physics have taken to aggregating network behavior patterns and making more intelligent analysis of applications across the network that can be more readily interpreted and more readily deployed by VARs and security consultants with less experience.
Custom system builders still hanging on. Click here to read more.
FireScope's appliance takes more of an open-source approach and uses an extensible framework to which other vendors can add reporting and analysis modules. The total integrated package can then be sold by the VAR. "Our idea is to concentrate on end-user usability, and it is very easy for our partners to demo without having to have a lot of training investment," said FireScope CEO Steven Cotton. "Plus, it is easy for them to see immediate value and develop a technical core competency around our product. So that enhances their margins."
To date, FireScope has mashed up its appliance with tools from A10 Networks, Actuate and Airtight Networks, and is moving down the alphabet to other networking companies. "The idea is to tailor our product to better analyze and troubleshoot problems affecting overall IT system health, at the same time shortening the overall sales cycle for the VAR," Cotton said. The company has about 20 partners.
Network Physics is taking a different direction to sell its network analysis product. "We know that for many products, you have to become an expert on how every protocol on the network works," said Scott Safe, vice president of marketing and product management for Network Physics. The company's NetSensory appliance looks at network events and tries to bring stateful inspection to the application and network behavior.
The biggest difference between FireScope and Network Physics is how they engage their partners. Network Physics uses a one-on-one, custom training and consulting approach to familiarize VARs with its product. "We put together a cross-disciplinary team from both sales and our system engineers to work with the VAR directly on their top potential opportunities," Safe said. "This is a lot better than the standard classroom or Webinars. You can learn more from the interactive sessions with the ultimate customer. It is also a great way to help them baseline their customers' networks and open up additional sales opportunities."
To date, more than 120 VARs have joined Network Physics' program, with half in North America and half in Europe. "With all the streaming audio and peer-to-peer users that are out on corporate networks today, there are a lot of non-business applications that are taking up network bandwidth," said Dwight Barker, vice president of product management for Network Physics. "We can help people with identifying that stuff, and as an example, we can show a customer all the March Madness games that are being watched over their network."
The choice is yours: an open platform on which VARs can layer additional functionality or a custom series of training to help close the sale. Either way, forensics can now be used in wider situations by VARs.
David Strom is a technology freelance writer, consultant, blogger and podcaster and can be reached at david@strom.com.
/ 1 
