The End of Days is Here for Network Blind Spots
Author: Keith Bromley. Have you heard the term network blind spots? It’s becoming more and more common in the networking and security industries. But what does it mean?
Network blind spots refers to an IT organizations inability to see what’s happening on the network, especially as it pertains to application reliability, performance and security. And it’s often in these blind spots where outages, performance issues, security threats and compliance problems arise. So, you obviously want to eliminate these blind spots – unless you like dealing with unplanned outages, angry customer calls and security breaches.
There are many reasons that contribute to a lack of network visibility – or network blind spots. Think about which of the following examples might apply to your organization.
- Lack of monitoring access – Monitoring and security tools need access to application data from across the entire network to provide an end-to-end view of what’s happening in the network. This includes both the physical and virtualized networks. Do your monitoring tools have an end-to-end view?
- SPAN port shortages – SPAN ports are usually in short supply for monitoring purposes. They can also be easily misconfigured resulting in incorrect or missing data captures. And they aren’t always available at the points in the network where data collection is needed. Are SPAN ports giving your monitoring tools all the data they need? Here’s an example of a customer that ran into SPAN port contention issues – >National Pharmacy Case Study.
- SPAN port overloading – Unlike network taps, SPAN ports can drop packets if the switch CPU gets overloaded. This can seriously reduce the effectiveness of performance and security monitoring. Are SPAN port drops giving you blind spots? Learn more about how SPAN ports compare to network taps here.
- Monitoring virtualized environments – According to Gartner, up to 80% of data center traffic can be east-west traffic. In a virtualized data center, this means a lot of VM-to-VM traffic. Such traffic may never reach the top of the rack switch. Virtual network taps can be used for monitoring virtualized network environments, but according to an Ixia 2015 virtualization study, 51% of IT personnel don’t aren’t familiar with virtual taps. Is your virtualized data center a big blind spot?
- Silo’ed IT teams – Often security, networking and compliance teams aren’t good about working together and sharing data. Lack of coordination between these teams can lead to erroneous decision making and poor compliance policies. Are your IT teams working together to eliminate blind spots?
- Rogue IT – When users add their own Ethernet switches, access points (e.g. from an iPhone), use offsite data storage (like Box), or add other elements to the network, company security policies are often subverted. By definition rogue IT is a major blind spot. Are you monitoring for rogue IT?
- Addition of new network equipment – When new equipment gets added to the network, there’s often no record of who owns it or what it does. The equipment gets lost and forgotten about. But lost equipment that is still functioning can be a source of security vulnerabilities. Is equipment getting lost in your network?
- New equipment complexity – New equipment can be complex. What it does and how best to use it may not always be obvious. The more we introduce, the more complex the overall system. David Cappuccio from Gartner states that every 25% increase in functionality, results in a 100% increase in complexity. If IT systems become too complex, they don’t get used and they’re forgotten. Is your IT environment too complex?
So, where are your blind spots? If some of the blind spots listed above apply to you, you can respond in a proactive or reactive manner. The reactive approach is straight forward, just wait until something happens and then fix it. A proactive approach takes a bit more thought.
Unknown issues and soon to be problems exist in every network to some degree. A proactive approach to eliminating these blind spots means improving visibility. We recommend implementing a visibility architecture. It’s not hard or complicated, it just requires a little planning to get it right. But the benefits can be significant as the 100% ROI shown in this University of Texas Case Study shows.
Ixia’s Visibility Architecture is a great way to implement a visibility architecture that helps eliminate your network and security blind spots.