The network visibility attributes that protect your business
What is the key to running an efficient, secure network? Visibility – the ability to view your data, voice and video traffic and web services end-to-end, and to deliver filtered streams of this network traffic to tools for further analysis – is one of the cornerstones of effective network and security operations.
Network visibility helps you understand all aspects of your business better, as it provides the critical link between the network infrastructure and your network and security tools. Visibility solutions collect, filter, load balance the data and eliminate non-essential information, helping to expose the threats facing your business and enabling teams to improve operational efficiency.
Gartner’s network analysts Andrew Lerner, Danellie Young and Vivek Bhalla wrote in their research note, ‘Avoid these ‘Bottom Ten’ Networking Worst Practices’ that: “Limited Visibility is one of four operational worst practices,” and recommended that “Infrastructure leaders should reprioritize network visibility and invest in tools to aid such insight.”
But what are the key attributes of a best-in-class visibility solution that should be explored when choosing the right platform for your business? Here’s our guide:
- Overall performance
Performance is the critical attribute for a visibility solution. Networks experience dramatic increases in traffic volumes, especially during peak operational periods, and you need throughput and network performance to be operationally efficient and effective at the highest possible level. Every provider of visibility solutions will claim that theirs offers top- performance, so you need to examine independent test results. Remember, the greater the throughput a visibility solution can handle without dropping data packets, the more you can do with the same rackspace and datacenter resource.
Testing by the Tolly Group revealed that Ixia’s Network Packet Broker, when compared with the rival solution from Gigamon, was able to perform at up to 160Gbps with no loss of packets – four times the stated capabilities of Gigamon. Gigamon was not able to be tested beyond their stated capacity of 40Gbps, and even then dropped between 20 and 70% of packets – creating significant blind spots.
- No dropped packets
Related to the above, it is vital that your visibility solution does not drop any data packets, particularly at higher bandwith, otherwise you are simply not seeing into your entire network infrastructure. What if the missing traffic contains malware or other threats? As the old Ixia message goes, you cannot secure what you cannot see. The same Tolly Group tests referenced above revealed that Ixia’s Net Tool Optimizer (NTO) network packet brokers processed 100% of the traffic at every speed – with no blind spots - even while running the most advanced features.
- Simultaneous leverage of advanced visibility features
Visibility “grooming” and packet optimization of traffic typically employs multiple advanced intelligence features. Typical advanced features include time-stamping of packets, data “masking” to hide sensitive customer information like account numbers, packet trimming and, of course, de-duplication. Importantly, they can all be used simultaneously with SSL encryption and Netflow generation – vital in a world in which more than half of data is now encrypted.
But what if your visibility solution only supports one or two features used in parallel? This is a more common problem than you might think, and it drastically reduces the effectiveness of visibility solutions. As such, Ixia’s ability to extract and forward metadata for Security Indicators of Compromise and application troubleshooting is a powerful tool.
- Ease of use
It’s all too easy to focus on the technical capabilities of your visibility solution and forget that, in terms of day-to-day operations, the ability of your staff to use it while maximizing productivity and minimizing manual intervention is also crucial. Ease of use translates to three major benefits: first, it requires little to no upfront training; second, it reduces human error and misconfiguration; and third, it enables faster, on-demand changes to traffic filtering, which can potentially enhance the customer experience.
To find out more about how to select the right visibility solution for your network, download our white paper from here.