NC1811
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
TECHNOLOGYUPDATE<br />
LAYER X: THE VISIBILITY LAYER<br />
NETWORK TRAFFIC HAS ALWAYS BEEN IMPORTANT,<br />
AND INCREASING COMPLEXITY IS REINFORCING THE<br />
FACT. YORAM EHRLICH, VP PRODUCTS AT NIAGARA<br />
NETWORKS EXPLAINS THE ROLE OF NETWORK<br />
PACKET BROKERS IN VIRTUAL SWITCHING FABRIC<br />
According to Gartner, "The need for<br />
tools that require packet data shows a<br />
steady upward trajectory as network<br />
bandwidth and capabilities continue to grow<br />
faster than processing and storage<br />
technologies." Network packet brokers<br />
(NPBs) are just one component of a visibility<br />
layer, but they help to solve this problem and<br />
play a critical role as active devices that<br />
direct raw data packets from SPAN ports and<br />
tap points to specific security, performance<br />
management, and monitoring tools. Gartner<br />
adds, "These mediators are becoming critical<br />
to build-out and upgrade projects."<br />
As networks become increasingly complex,<br />
NPBs are required for three reasons. First,<br />
they enable total network visibility to identify<br />
known, suspicious and unknown traffic.<br />
Second, they support network robustness<br />
with data loss prevention, advanced filtering<br />
and high availability and thirdly, they provide<br />
greater control to network management,<br />
allowing administrators to map and analyse<br />
traffic flows.<br />
Not all NPBs are created equal, so be clear<br />
about the use case you want to address and<br />
how to deliver it most effectively. Some<br />
considerations for the best type of packet<br />
broker to use include number of ports, feeds<br />
and speeds (1/10Gb, 40Gb, 100Gb), port<br />
density, modularity for bypass and tap<br />
support, and functionality.<br />
NPB USE CASE<br />
The following use cases highlight important<br />
NPB features, including filtering,<br />
aggregation/replication and load balancing.<br />
They also show how NPBs are an invaluable<br />
piece of network architecture.<br />
Preventing performance erosion: All too<br />
often, network capacity outstrips the<br />
capabilities of monitoring, performance<br />
management and security tools. Raw data<br />
volumes will only increase. Using NPBs, you<br />
can filter network traffic so you're only<br />
sending appropriate traffic to each tool. You<br />
can load balance across multiple lower<br />
capacity tools, distributing the traffic to<br />
maximise resource utilisation.<br />
Pay-as-you-grow deployment: NPB load<br />
balancing capabilities help to create the<br />
most cost-effective deployment plan rather<br />
than investing in the highest-capacity tools: it<br />
can reduce total cost of ownership by paying<br />
only for the tools required. As traffic<br />
increases, you can incrementally add tools<br />
without interrupting existing data flows.<br />
Resilient network design: Tool redundancy<br />
with the help of integrated bypass solutions<br />
ensures network services remain available<br />
even in cases of disruption or maintenance.<br />
If one tool fails, traffic bypasses the<br />
disruption and is redistributed to remaining<br />
tools using NPB load balancing.<br />
Upgrade avoidance: In the past,<br />
upgrading network infrastructure required<br />
investments in new networking tools.<br />
However, NPBs allow you to distribute highrate<br />
traffic across lower-rate tools until<br />
you're ready to upgrade.<br />
A sound NPB should be able to meet both<br />
intermediate and long-term needs. When<br />
contemplating future needs, it's important to<br />
consider the impact that an SDN-framework<br />
could have on the network visibility layer.<br />
FROM STATIC TO DYNAMIC<br />
WITH SDN<br />
Traditionally, visibility layers have been semifixed<br />
and static, manually setting mapping<br />
configurations between sources and<br />
destinations. In the past, you could eliminate<br />
network blind spots without too much difficulty,<br />
but now, complexity has reached a point<br />
where dynamic, responsive mapping<br />
configurations are essential.<br />
When SDN architecture is built in, network<br />
packet brokers and other visibility components<br />
can achieve a level of flexibility that enables<br />
automatic reconfigurations to block suspicious<br />
traffic from passing through NPBs, dynamic<br />
traffic forwarding for analysis by different tools<br />
based on specific network events and<br />
intelligent failover to maximise uptime, despite<br />
system events.<br />
Deploying NPBs on a visibility layer should<br />
be built with SDN in mind. That way, you<br />
can deploy monitoring, performance<br />
management and security tools from<br />
different manufacturers, while streamlining<br />
orchestration and enabling more advanced<br />
services in the future. Networking's future<br />
lies in a virtual switching fabric across all<br />
your connected devices. Network packet<br />
brokers are a core piece of making that<br />
future a reality. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards NOVEMBER/DECEMBER 2018 NETWORKcomputing 27