Network Visibility & the Bigger Picture
Network visibility needs to extend into the virtual domain and enable visibility across virtual and physical environments in a uniform and consistent manner.
August 7, 2018
Network visibility is a major focus for operators, having an end-to-end view of the network and its functions form a major part of delivering a high quality of service to the customer. As such, implementing a comprehensive solution which enables improved visibility is a top priority.
With the quantities of traffic and data growing at an exponential rate, operators need to adopt strategies for on-demand filtering, monitoring and the capturing of data. Doing so will allow operators to focus on how to collect the traffic, smartly filter and detect the problematic traffic, enabling them to efficiently troubleshoot issues before they affect customers. With operators transitioning more and more services to cloud networks, network visibility needs to extend into the virtual domain and enable visibility across virtual and physical environments in a uniform and consistent manner, making a cloud-native solution, critical. A system that is robust and agile enough to adapt in real-time to this constantly changing environment is therefore, required, correlating data from across virtual and hybrid networks.
Seeing things clearly
Virtual network functions present us with many opportunities, but they are not without their challenges. Their dynamic nature mean that operators need to deploy a system which can adapt on the fly. In a cloud-native environment, the network packet broker (as part of a wider network visibility solution) and the other service assurance functions are deployed as VNFs just like the network functions that they monitor, so they are also instantiated in minutes and managed by the NFV Management and Orchestration (NFVO). This means that network changes are automatically reflected in the visibility layer, and specifically the visibility system of virtual packet brokers and virtual filters is required to scale according to the scale of the network that it monitors.
The basic function of any network packet broker is to control the flow of traffic across the network. For the larger scale operators, deploying network packet brokers to filter and effectively load balance traffic is just one part of the solution, but as ever they are looking to deliver full network visibility which highlights issues on the network in real-time, enabling proactive resolutions before the customer is even aware of the problem. Achieving this is a necessity for operators wanting to improve their customer experience, which is, an evolving challenge. As such, a virtualized network packet broker solution is required to automate how the traffic flows through the system and more importantly, troubleshoot where required. The volume and the types of traffic can put immense strain on the network, creating a problem for the operator who is trying to identify issues and act swiftly.
Combined with effective filtering and load balancing, troubleshooting at the network packet broker level with a fully virtualized solution, helps increase the efficiency of the overall network, stopping unwanted mirrored traffic from circulating through the network and reaching the service assurance layer.
A multiple virtualized network packet broker deployment, which in a cloud-native environment can be entirely automated, helps to provide a clear view of the traffic flowing through the network. Yet, the ability to manage such vast quantities of network elements is equally crucial.
Greater than the sum of its parts
Larger scale operators are dealing with traffic flowing through multiple clouds for specific applications or locations and through many interfaces in any given cloud environment. Monitoring such networks requires dynamic deployment of multiple virtual packet brokers and filters, distributed in multiple clouds and orchestrators. Therefore, the operator needs a solution which allows a unified view to manage the entire visibility network, so that relevant traffic is always being monitored, in order to assure the end-to-end service quality as well as the customer experience. To do this, operators need to employ a large-scale visibility management solution which we at RADCOM call, “Management at scale.”
This refers to the simultaneous management of high volumes of traffic flowing through multiple cloud environments, using multiple virtual filters, which are placed within the clouds to monitor the network. As a fully cloud-native system, this can be launched in a matter of minutes with the filters controlling traffic and sending information back to a central monitoring point almost immediately.
From the earliest stages of network planning, operators should be using the Network Configuration Protocol (NETCONF) and Yet Another Next Generation (YANG), a data modeling language for defining the semantics of operational data, configurations and notifications. Together they allow for a more service orientated approach to network management by removing manual steps involved in the network element configuration, and therefore making it more efficient, reproducible and scalable. For legacy systems, which were manually configured, CLI scripts were perfectly adequate. However, in an NFV age where networks elements require automation and flexibility, NETCONF/ YANG offers a broad solution to meet the growing needs of the operator and network architects.
Having a unified view is especially important when trying to troubleshoot a network-wide problem. An operator has access to the whole picture with the filters acting as dormant agents within each cloud environment, controlled by one centrally managed server, and sends traffic for a centralized monitoring point on-demand. When an issue arises, which affects the whole network, the operator has widescale control across the various clouds and instances. Because of the large number of virtual packet brokers and filters, instant troubleshooting at this level is only possible when a “Management at scale” solution is deployed, as retrieving the relevant traffic for inspection can only be achieved when these functions are automated, as they would be in a cloud-native environment.
“Management at scale” goes beyond troubleshooting. Due to the fact it is virtualized and managed from a central point, “Management at scale” can group certain filters, even if they are located on different cloud networks. Similarly, groups of traffic filters can also be managed from a centralized point, assigning rules and filters to effectively control the flow of traffic. Rules, and even groups of rules can be edited and applied to groups of virtual filters at once. Additional filter can be added further refining the data, which can then be collected and managed centrally. Groups can also be configured using multiple filters such as geography, type of network equipment or the version of network element used. A specialized pivot table-like user interface provides the operator with a clear view of the virtual packet brokers and filters, and their distribution across the network. The table uses easy drag functions, so the operator can apply new filters to any sub-group of virtual filters that they require. Each virtual filter has its own calculated set of filters that are based on the tags assigned to it by its orchestrator, so for example, an operator could filter first by the vFilter ID, then the interface it monitors, the region it is located in etc. taking in a view of the network from above and providing that crucial end-to-end view.
The management of thousands, even tens of thousands of virtual filters, and the ability to be able to instantly send out a filtering or forwarding rule to thousands of instances at the click of a mouse, is a major tool in an operator’s arsenal, and whilst these small filters may only focus on a specific set of data or instance, bringing them together through one centrally managed system is a crucial part in creating the cross-network vision in true end-to-end visibility, therefore, making it greater than the sum of its parts.
Conclusion
A fully virtualized network visibility solution which includes a virtualized network packet broker, virtual packet filters, and a “Management at scale” component is crucial for operators deploying NFV. It ensures the smart management of traffic by controlling a high number of rules and filters, all working together to create an optimized visibility network. This complete view of how traffic is moving through the system works in unison with service assurance to create that complete network and customer experience view. Learn how RADCOM’s Network Visibility solution with “Management at Scale” can help you gain full network visibility today.
You May Also Like