Skip to content
  • Network Security Works Only If You See The Right Traffic

Security is nowadays an important part of network management. Secure networks are vital for running an uninterrupted business, preventing data loss and maintaining the overall image of the business. Security challenges are increasing because networking is getting more complex, more dynamic and virtual.

The existing approach of network visibility like in legacy times to tap a link and feed this to a tool is no longer valid. This approach is not appropriate because this “link” is not a physical link anymore. It is a virtual link on top of the physical network. The reason is that today more and more networks are designed as overlays.

​These overlay networks are actually the operating network which should be monitored but a network TAP and a classical network packet broker (NPB) is a physical device which works on one layer below the overlay.

This would not be such a problem in theory if we expect to have only one overlay technology but in reality, overlay technologies are stacked and there are different overlays on the same physical network. In some cases, dozens or even hundreds of overlays are seen in large networks.

Based on this situation we have several challenges to tackle:

​1. Current tools do not support these kinds of networks. If these tools are used, then it is necessary to separate these logical overlay networks and feed only the correct network to the tools.

  • To do this, advanced NPBs are needed, which can filter in these virtual overlay networks.
  • These virtual networks are more dynamic and are often triggered by the network itself, and unknown to the user because they are fully transparent to the overlay. “This is an advantage for usage, but a disadvantage for monitoring.”

2. Typically, such networks have more links to tap and often these links are 100 Gbit but the load is much higher. To deal with this issue, you need an NPB with features like smart filtering and steering in multiple 100 Gbit line speed. The solution to aggregate this traffic to a “smart device” and handle the traffic there will lead to other issues like:

  • overload, over subscription and loss of packets
  • extreme complex aggregation and dis-aggregation configurations
  • adding additional delay
  • cost

Thank you to Cubro for the article.

Join our Newsletter

Categories

Related Posts

The Definitive Guide to Synchronized Clock Systems in 2025

The Definitive Guide to Synchronized Clock Systems in 2025

Accurate and synchronized timekeeping is more than just a convenience—it’s a critical component of operational efficiency, safety, and compliance. Whether…
TAPs Overview: The Start of Visibility - 2024

TAPs Overview: The Start of Visibility - 2024

The Evolution of Network Visibility: Why TAPs Are Key Network change is accelerating, driven by growing complexity, new regulations, cloud…
WiFi and LAN network testing with Candela Technologies

WiFi and LAN network testing with Candela Technologies

WiFi and LAN networks are the backbone of modern businesses, and testing them is essential to prevent outages, optimize performance,…
How to Upgrade an Old School Clock System Without Breaking the Bank

How to Upgrade an Old School Clock System Without Breaking the Bank

Upgrading your old clock system can seem like a costly endeavor—between equipment, installation, and potential downtime, the expenses can add…
Mastering Time Outdoors: Sapling & Bodet Clock Solutions

Mastering Time Outdoors: Sapling & Bodet Clock Solutions

Outdoor clocks are a fantastic way to enhance the exterior of any property, whether it’s a commercial building, a public…