Need Assistance?

Newsletter

For a Free Quote...

Network Packet Brokers

Ixia Logo

 

Advanced Features for Packet Brokers

Advanced features on network packet brokers (NPB) allow you to do additional functional grooming to the packets before they are sent to your application and security tools.  Some of the common features that may be useful.

1. Packet De-Duplication - Safe Removal of Redundant Data 

advanced feat NPB

When you are trying to troubleshoot and identify points of delay in application performance more capture points using TAPS or span ports is always better.  This along with a redundant network architecture leads to duplicate packets being sent and overloading your tools.

To save time, and processing power, duplicate packets, and other redundant data can be removed before reaching network monitoring and security tools. During this process, it’s imperative that relevant original data isn’t accidentally dropped.

Advanced NPBs offer zero-loss advanced packet processing at full line rate. This means redundant data is carefully sifted out, while all important, original data packets are preserved and provided to your tools.

2. Application Intelligence and Filtering

Managing the network means knowing what’s on the network. Large networks can have hundreds of applications running, especially with the growth in BYOD. Intelligent NPBs can identify the applications in use on the network and provide that intelligence to any of your tools.

Many tools in use only need to monitor or inspect specific types of applications. Intelligent NPBs can easily “broker” or “deal” traffic out to monitoring and security tools by application flow.  This makes your monitoring and security tools much more efficient, and it makes life much easier for administrators.

3.  SSL Decryption

Secure Socket Layer (SSL) encryption is the standard technology used to send private information. While it helps protect sensitive data, it also comes with network security risks.

SSL hides sensitive data – but it can end up encrypting and hiding malicious cyber threats too. For network safety, organizations must decrypt and examine SSL traffic.

But decryption takes up valuable processing power. If decryption is left to security tools to perform, time is wasted unraveling code, rather than scanning, and keeping your network safe from threats.

Intelligent NPBs can perform SSL decryption, passing on the decrypted data to your monitoring tools. This gives them the ability to see all the traffic, and the freedom to get on with protecting your network.

4.  Data Masking

One drawback to SSL decryption is it makes all data visible to anyone that has access to your monitoring tools. Some of this unencrypted data may be quite sensitive and protected by regulatory requirements.  Data like personally identifiable information (PII), or credit card information must be protected and not exposed to unauthorized individuals.

Thus, advanced NPBs can mask unencrypted sensitive data that should not be, and does not need to be exposed to monitoring and security tools or their administrators. This data masking can be a critical NPB feature that makes monitoring activities safe.

5. Packet Slicing

Traditionally done at the analyzer, packet slicing allows you to truncate the packet at different offsets for each packet or the type of packet to be sliced. This can be useful when the analysis you require is centered on nodes, protocols and flows but not the payload information.

Benefits of using a Packet Broker for Packet Slicing

• Reduces bandwidth going to your monitoring or security toolsNPB Advanced feat 2

• Allows you to perform this function at the packet capture level anywhere in the network.

• Can specify the type of traffic that is being sliced.

• Reduces the amount of data that is collected and analyzed by the security or network monitoring tools.

• Reduces the storage required by the security or network analysis tool

• Greater Security – by removing confidential data like passwords, financial accounts, or media data at the point of capture, reduces your chance for a privacy breach.

• Regulation Compliance – Hidden confidential information allows you to remain complaint with regulations mandating privacy best practices such as SOX, HIPAA and PCI DSS.

6. Time Stamping

NPB Advanced feat 3Timestamping packets has long been the key to accurate timing analysis when tuning network performance. Financial institutions running automated trading environments, need to understand the latency and delay as the packet travels over the network operating on these high speed networks.  The goal is to measure the network latency to prove that you are providing the lowest possible latency.

Time Stamping will record the precise time that the first bit of packet arrives at the input port. Timestamping will lose accuracy if stamped on the outgoing port due to variable delays through the device. 

7. Load Balancing

Two big challenges in monitoring 10Gig networks is the security gap it creates and the overall performance of the monitoring tools. Existing security tools cannot keep up with the throughput and bandwidth of the network.

Security attacks are also getting more sophisticated, and as a result the rules in the security devices are getting more complex. This means a lot of resources are being allocated to content inspection.

Adding load balancing at the Packet Broker is a cost-effective way to share the increasing traffic load among multiple inline tools. By load balancing you can deploy two or more appliances in parallel with traffic balanced between them.

Advantages of Load Balancing

• Tool sharing technology allows you to even traffic distribution maintaining session delivery across multiple tools.

• Build efficiency of inline appliances by sharing a pool of them across multiple independent network links.

• Heartbeat and link fault detect ensure that all monitoring devices deployed have high availability and advanced redundancy.

• Relieve overloaded monitoring tools by distributing traffic, by flow, to multiple replicated tools working in parallel.

• Prevents oversubscription/packet loss (eg. monitoring 10 GigE traffic with Gigabit tools),

Load Balancing Inline Applications

Using Load Balancing with bypass switching technology we take full-duplex traffic and route it through the bypass bridge before distributing the traffic across multiple inline tools.

Load Balancing Out of Band Application

Traffic from the network flows into the Load Balancer and is aggregated and then load balanced to a number of data recorders and forensic traffic recorders. So when you need to capture specific or confidential information you are able direct traffic in one direction which does not go back to the network being taped.