& cplSiteName &

Network Visibility Architectures: One Size Does Not Fit All

Jeff Harris
5/15/2017
50%
50%

The term "network visibility" has been in the networking space for ages, but has never been as important or relevant as it is today. New and exciting methods of automation -- whether virtualization, the cloud, IoT or even best practices like network segmentation -- tend to emphasize innovation over visibility. As such, networks develop blind spots that mask network problems and even faulty devices.

In this environment, understanding what visibility truly means is just as important as having it. Visibility is what allows IT to control and optimize the network, along with applications and IT services. Without it, organizational speed decreases, network problems take longer to resolve and security threats increase. Knowing how to measure what "good" looks like is critical in modern, complex networking environments. Determining the best strategy to accomplish this requires serious consideration.

Here are a few tips for making your decision.

End-to-end visibility architecture
An end-to-end visibility architecture lets you see across physical and virtual network elements, into cloud environments, and of course, into your network traffic. Achieving it requires a plan. Many organizations grow into their networks, adding on components, analytics, compliance and security, one appliance at a time. While it is possible to piecemeal visibility components along the way, the method can create its own blind spots while leading to unnecessary complexity and higher costs. Instead of waiting until a problem arises, it is important to annually reevaluate network visibility infrastructure and plan accordingly. Assess network segments to make sure they are being monitored -- look into virtual cloud monitoring for your public cloud resources and test your existing infrastructure with realistic high-volume traffic.

If done well, a strong visibility architecture will dramatically increase your visibility depth and breadth, whether it is physical, virtual, out-of-band or inline security. And depending on the solution, scaling doesn’t have to be a problem. VaaS can scale up or down, with cost based on consumption.

Setting up for immediate return
Visibility architectures typically yield immediate benefits that improve security, from reduced troubleshooting times to decreased network downtime. Realizing a return on investment (ROI) typically takes less than a year and can happen in as little as six months when visibility is applied effectively.

To start, there needs to be access to the proper data. This usually involves physical or virtual taps capable of being implemented at any switch point to access data from relevant segments of your network. When implemented correctly, it removes the bottleneck caused by limited access points (e.g., SPAN ports). And if you have planned well and overprovisioned your SPAN ports, it is recommended to intelligently aggregate them before getting them to your performance monitoring and compliance tools.

Next comes the filtering component to optimize the flow of relevant data to the right monitoring tools. Intelligent network packet brokers (NPBs) aggregate data, as well as filter, de-duplicate, time-stamp and even load balance the data sources to ensure monitoring tools are not overwhelmed. NPBs provide greater control while extending the life of existing network, application and security tools housed in the network -- especially for higher speed networks. When selecting a network packet broker, be sure it is the right size for your network.

Most NPBs have some level of context-aware data handling capabilities, though some perform at high speeds better than others. Having security intelligence awareness is very rare. By authenticating applications at high speeds, it is possible to send good traffic, like Netflix or Amazon Prime streams, for lower levels of security analysis. This is not possible if you cannot identify those applications at full network speed. Security intelligence can also identify what applications are running, the bandwidth used by each, the geolocation of application use, device types, routing of information and perform SSL decryption -- all within the visibility infrastructure layer.

Why it matters
Complex networks need good visibility to keep them safe. Besides the obvious, there are four typical and important use cases for a strong visibility architecture.

  1. Strengthening security defenses. If your network infrastructure is dropping packets at high network speeds, it is only a matter of time before an attacker will sneak in and exploit this weakness. Network and troubleshooting visibility needs to keep up with these high speeds and easily digestible insight into traffic sources and destinations.

  2. Network failure prevention. Prevention (not remediation) should be the goal on any network. The right visibility approach will have bypasses for inline devices, high availability failover paths that revert immediately, and can tell you which applications or network segments are underperforming.

  3. Faster time to repair. The two biggest fears of every IT manager is (1) being breached and (2) network downtime. Remediation of either of these is all about troubleshooting time, which is driven by your visibility layer. Having a properly sized, intelligent visibility layer can reduce mean time to repair by up to 80%.

  4. Test your network periodically. A good practice is periodic network testing, which requires capturing data for analysis. It makes isolating issues and resolving anomalies much easier and faster. To do this, you need to capture the data and have the ability to play it back within your network staging area. This kind of "traffic rewind" capability is simple to implement but can only be done with proper planning.

Ultimately, one-size does not fit all in terms of visibility architectures. You need one that is sized to your network’s specific configuration and needs. When done effectively, though, it can prevent and solve a lot of the daily problems faced by your network operations and security teams. Not all visibility architectures perform equally.

— Jeff Harris, Vice President, Solutions Marketing, Ixia


CALLING ALL TEST, ASSURANCE AND MONITORING COMPANIES:
Make sure your company and services are listed free of charge at Testapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the telecom test and measurement industry.



(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Column
An insider's perspective on how 4G and 5G standards get created.
Even in the cloud, location matters thanks to regulation, as Ashwin Krishnan of Hytrust explains.
Who benefits from the new Ethernet protocol and why? Ixia Chief Marketing Officer Jeff Harris has some suggestions.
Status and next steps on spectrum policy for Gigabit LTE and 5G in the US and beyond.
Will social media platforms be the next big disruptor of the pay-TV industry? Could be, but pay-TV providers have ways to respond to this and other threats.
From The Founder
NFV's promises of automation and virtualization are intriguing, but what really excites service providers is the massive amount of money they could save.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
Women in Comms Introduction Videos
VMWare VP Brings Women Up With Her

8|16|17   |   6:49   |   (1) comment


It's an art and a science to make mentorship, inclusive leadership, diversity and promotion of high-potential women work, says Honore' LaBourdette, vice president of Global Market Development at VMWare.
LRTV Documentaries
5G Spectrum Wars – The Recap

8|15|17   |   2:22   |   (0) comments


Service provider 3 has filed a lawsuit against Ofcom over 5G spectrum auction in the UK.
LRTV Custom TV
Say What? Facebook Unleashes AI Anarchy – The Recap

8|7|17   |     |   (0) comments


A recap of the week's talking points on Light Reading's sister site, telecoms.com. Facebook AI programmers had a bit of a brain-fade as they allowed one of its AI applications to invent its ...
Women in Comms Introduction Videos
Fujitsu's Women Band Together to Help Girls Do STEM

8|2|17   |   9:35   |   (1) comment


Supporting women both inside and outside of Fujitsu is a top priority of the telecom vendor. Yanbing Li, Fujitsu Network Communication's director of System Software Development & Delivery, shares why it's important, but why there's still a long road ahead.
LRTV Custom TV
If You're Not First, You're Last – The Recap

7|31|17   |   08:18   |   (1) comment


In case you missed it, Amazon's 1% stock increase helped Jeff Bezos dethrone Bill Gates as the richest man in the world. Also, Taiwanese electronics manufacturer
Women in Comms Introduction Videos
AT&T's Tech President Preps Workforce for the Future

7|26|17   |   5:47   |   (10) comments


AT&T is focused on the software-defined network of the future and is reskilling its workforce to get ready too, according to AT&T's President of Technology Development Melissa Arnoldi.
Women in Comms Introduction Videos
Cisco: Mentoring Critical to Attract & Retain Women

7|19|17   |   6:40   |   (1) comment


Liz Centoni, senior vice president and general manager of Cisco's Computing System Product Group, shares why mentoring in all its forms is important for women and what Cisco is doing that's made a difference for women in tech.
LRTV Custom TV
Gigabit LTE With Snapdragon 835

7|12|17   |     |   (1) comment


At an event in Wembley stadium, EE used its live network to demonstrate gigabit LTE using a Sony Xperia XZ Premium smartphone with a Qualcomm Snapdragon 835 chip.
LRTV Custom TV
Implementing Machine Intelligence With Guavus

7|12|17   |     |   (0) comments


Guavus unites big data and machine intelligence, enabling many of the the largest service providers in the world to save money and drive measureable revenue. Learn how applying Machine Intelligence substantially reduces operational costs and in many cases can eliminate subscriber impact, meaning a better subscriber experience and higher NPS.
LRTV Custom TV
Unlocking Customer Experience Insights With Machine Intelligence

7|12|17   |     |   (0) comments


When used to analyze operational data and to drive operational decisions, machine intelligence reduces the number of tasks which require human intervention. Guavus invested in Machine Intelligence early. Learn about the difference between Machine Learning and Machine Intelligence.
Women in Comms Introduction Videos
Verizon VP Talks Network, Career Planning

7|12|17   |   4:49   |   (0) comments


Heidi Hemmer, vice president of Technology, Strategy & Planning at Verizon, shares how bold bets and the future of tech define her career.
Telecom Innovators Video Showcase
Masergy's NFV Journey

7|11|17   |     |   (0) comments


Ray Watson, vice president of global technology at Masergy, discusses the advantages and challenges in entering the still-maturing NFV market for the past three years.
Upcoming Live Events
September 28, 2017, Denver, CO
October 18, 2017, Colorado Convention Center - Denver, CO
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 30, 2017, The Westin Times Square
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Intel CEO Leaves Trump Biz Advisory Board
Dan Jones, Mobile Editor, 8/15/2017
Are Cord-Cutting's Days Numbered?
Alan Breznick, Cable/Video Practice Leader, Light Reading, 8/14/2017
Orchestration Startup UBiqube Pivots Away From NFV
Carol Wilson, Editor-at-large, 8/15/2017
Verizon Video Woes Pile On
Mari Silbey, Senior Editor, Cable/Video, 8/14/2017
WiCipedia: Dolly Babes, Manifesto Backlash & 'Brotastic' Failures
Eryn Leavens, Special Features & Copy Editor, 8/18/2017
Like Us on Facebook
Twitter Feed
Animals with Phones
We Know a Tough Day When We See One Click Here
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.