Monitoring Without Tears

August 16, 2012 by Ixia Blog Team

Common network monitoring issues can make even the toughest member of your team cry. The continually increasing demands for a more secure network is putting a strain on IT capabilities. How can data centers increase network security without adding expensive infrastructure? The key to delivering higher quality network security without making large capital investments into IT infrastructure is to get more out of the network monitoring equipment that you already have in place.
That can be easier said than done, however. Improving network security will require a dedicated effort to collect and analyze information about network operation so that areas for improvement can be recognized and implemented. As outlined in our white paper, realizing significant network monitoring performance improvement comes with its own set of challenges.

First, network switches typically only have oneSPANport that can be used to connect network monitoring tools. This severe limitation in the ability to connect monitoring tools means that network traffic cannot be captured or analyzed in a comprehensive way because only one network monitoring tool at a time can be connected to the network switch. One monitoring tool simply cannot provide the thorough and complete network traffic analysis needed to realize significant performance improvement. It takes a full complement of monitoring tools to fully analyze how a network operates. Network speeds continue to increase, but sometimes monitoring tools are not upgraded to keep up with the network such as, a 10G monitoring tool connected to a 40G network link. Outdated network monitoring tools can be overwhelmed, leading to lost information that could be critical in analyzing network security.

Duplicate packets generated by SPANports are another common issue leading to overwhelmed monitoring tools. Many SPANports generate duplicate network traffic packets that are then sent to monitoring tools. This excess data causes problems for many monitoring tools like capture devices – significantly reducing their capability and effectiveness. Plus, it is more difficult for network engineers to successfully use monitoring devices since so much of the data consists of duplicate packets that provide no value, not to mention inaccurate reports.
Using a network monitoring switch can solve common networking issues by providing features to:

  • Connect various diverse monitoring tools to a singleSPANport
  • Remove duplicate packets generated by theSPANport
  • Direct the right traffic to the right tool to prevent data overflows and dropped packets using filter and traffic controls

The right investment into improved monitoring can bring big returns and ensure you get the most out of your network monitoring efforts – painless and without tears!