& cplSiteName &

Network Visibility Architectures: One Size Does Not Fit All

Jeff Harris

The term "network visibility" has been in the networking space for ages, but has never been as important or relevant as it is today. New and exciting methods of automation -- whether virtualization, the cloud, IoT or even best practices like network segmentation -- tend to emphasize innovation over visibility. As such, networks develop blind spots that mask network problems and even faulty devices.

In this environment, understanding what visibility truly means is just as important as having it. Visibility is what allows IT to control and optimize the network, along with applications and IT services. Without it, organizational speed decreases, network problems take longer to resolve and security threats increase. Knowing how to measure what "good" looks like is critical in modern, complex networking environments. Determining the best strategy to accomplish this requires serious consideration.

Here are a few tips for making your decision.

End-to-end visibility architecture
An end-to-end visibility architecture lets you see across physical and virtual network elements, into cloud environments, and of course, into your network traffic. Achieving it requires a plan. Many organizations grow into their networks, adding on components, analytics, compliance and security, one appliance at a time. While it is possible to piecemeal visibility components along the way, the method can create its own blind spots while leading to unnecessary complexity and higher costs. Instead of waiting until a problem arises, it is important to annually reevaluate network visibility infrastructure and plan accordingly. Assess network segments to make sure they are being monitored -- look into virtual cloud monitoring for your public cloud resources and test your existing infrastructure with realistic high-volume traffic.

If done well, a strong visibility architecture will dramatically increase your visibility depth and breadth, whether it is physical, virtual, out-of-band or inline security. And depending on the solution, scaling doesn’t have to be a problem. VaaS can scale up or down, with cost based on consumption.

Setting up for immediate return
Visibility architectures typically yield immediate benefits that improve security, from reduced troubleshooting times to decreased network downtime. Realizing a return on investment (ROI) typically takes less than a year and can happen in as little as six months when visibility is applied effectively.

To start, there needs to be access to the proper data. This usually involves physical or virtual taps capable of being implemented at any switch point to access data from relevant segments of your network. When implemented correctly, it removes the bottleneck caused by limited access points (e.g., SPAN ports). And if you have planned well and overprovisioned your SPAN ports, it is recommended to intelligently aggregate them before getting them to your performance monitoring and compliance tools.

Next comes the filtering component to optimize the flow of relevant data to the right monitoring tools. Intelligent network packet brokers (NPBs) aggregate data, as well as filter, de-duplicate, time-stamp and even load balance the data sources to ensure monitoring tools are not overwhelmed. NPBs provide greater control while extending the life of existing network, application and security tools housed in the network -- especially for higher speed networks. When selecting a network packet broker, be sure it is the right size for your network.

Most NPBs have some level of context-aware data handling capabilities, though some perform at high speeds better than others. Having security intelligence awareness is very rare. By authenticating applications at high speeds, it is possible to send good traffic, like Netflix or Amazon Prime streams, for lower levels of security analysis. This is not possible if you cannot identify those applications at full network speed. Security intelligence can also identify what applications are running, the bandwidth used by each, the geolocation of application use, device types, routing of information and perform SSL decryption -- all within the visibility infrastructure layer.

Why it matters
Complex networks need good visibility to keep them safe. Besides the obvious, there are four typical and important use cases for a strong visibility architecture.

  1. Strengthening security defenses. If your network infrastructure is dropping packets at high network speeds, it is only a matter of time before an attacker will sneak in and exploit this weakness. Network and troubleshooting visibility needs to keep up with these high speeds and easily digestible insight into traffic sources and destinations.

  2. Network failure prevention. Prevention (not remediation) should be the goal on any network. The right visibility approach will have bypasses for inline devices, high availability failover paths that revert immediately, and can tell you which applications or network segments are underperforming.

  3. Faster time to repair. The two biggest fears of every IT manager is (1) being breached and (2) network downtime. Remediation of either of these is all about troubleshooting time, which is driven by your visibility layer. Having a properly sized, intelligent visibility layer can reduce mean time to repair by up to 80%.

  4. Test your network periodically. A good practice is periodic network testing, which requires capturing data for analysis. It makes isolating issues and resolving anomalies much easier and faster. To do this, you need to capture the data and have the ability to play it back within your network staging area. This kind of "traffic rewind" capability is simple to implement but can only be done with proper planning.

Ultimately, one-size does not fit all in terms of visibility architectures. You need one that is sized to your network’s specific configuration and needs. When done effectively, though, it can prevent and solve a lot of the daily problems faced by your network operations and security teams. Not all visibility architectures perform equally.

— Jeff Harris, Vice President, Solutions Marketing, Ixia

Make sure your company and services are listed free of charge at Testapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the telecom test and measurement industry.

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Column
The future of roaming in Europe is all about superior quality of service.
The shift to 400G is not only imminent but possible, argues Ciena's Helen Xenos.
As multi-access edge computing becomes a reality, operators will need to consider how to gain visibility into their ever-expanding networks and why that's important.
In a special webinar next week, a panel of cable operators, vendors and analysts will look at where the commercial services market is heading and how cable can stay competitive in it.
IoT technologies are now enabling cable operators and other service providers to offer 'quint play' bundles with smart home services for subscribers.
Featured Video
From The Founder
Light Reading founder Steve Saunders recently visited the University of North Carolina Charlotte (UNCC) where Cisco's Tetration application is providing data center analytics, simplifying SDN, helping with cloud migration and overseeing white-list security policy.
Flash Poll
Upcoming Live Events
March 20-22, 2018, Denver Marriott Tech Center
March 22, 2018, Denver, Colorado | Denver Marriott Tech Center
March 28, 2018, Kansas City Convention Center
April 4, 2018, The Westin Dallas Downtown, Dallas
April 9, 2018, Las Vegas Convention Center
May 14-16, 2018, Austin Convention Center
May 14, 2018, Brazos Hall, Austin, Texas
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
AT&T Likens DoJ Suit to Shaved Persian Cat
Mari Silbey, Senior Editor, Cable/Video, 3/12/2018
Trump Blocks Broadcom's Qualcomm Acquisition
Dan Jones, Mobile Editor, 3/12/2018
John Deere Bets the Farm on AI, IoT
Scott Ferguson, Editor, Enterprise Cloud, 3/12/2018
Rumor Mill: SoftBank Still Eyeing Charter
Mari Silbey, Senior Editor, Cable/Video, 3/12/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed