Magic Quadrant for Network Performance Monitoring and Diagnostics

Magic Quadrant for Network Performance Monitoring and Diagnostics

Network professionals support an increasing number of technologies and services. With adoption of SDN and network function virtualization, troubleshooting becomes more complex. Identify the right NPMD tools to detect application issues, identify root causes and perform capacity planning.

Market Definition/Description

Network performance monitoring and diagnostics (NPMD) enable network professionals to understand the impact of network behavior on application and infrastructure performance, and conversely, via network instrumentation. Other users and use cases exist, especially because these tools provide insight into the quality of the end-user experience. The goal of NPMD products is not only to monitor network components to facilitate outage and degradation resolution, but also to identify performance optimization opportunities. This is conducted via diagnostics, analytics and debugging capabilities to complement additional monitoring of today’s complex IT environments. At an estimated $1.1 billion, the NPMD market is a fast-growing segment of the larger network management space ($1.9 billion in 2013), and overlaps slightly with aspects of the application performance monitoring (APM) space ($2.4 billion in 2013).

Magic Quadrant

Magic Quadrant for Network Performance Monitoring and Diagnostics

Vendor Strengths and Cautions- Highlights

Ixia

Ixia was founded in 1997, specializing in network testing. Ixia entered the NPMD market through acquisition of Net Optics in 2013 and its Spyke monitoring product. The tool is aimed at small or midsize businesses (SMBs), although it can support gigabit and 10G environments. The Spyke tool has been subject to an end of life (EOL) announcement, with end of sale (EOS) beginning 31 October 2014, and EOL beginning 31 October 2017.

Given Ixia’s focus on the network packet broker (NPB) space, it can cover NPMD and NPB use cases, something only a few other vendors can claim. Ixia launched a new NPB platform, the Network Tool Optimizer (NTO) 7300 in 1H14, which provides large-scale chassis design and additional modules that help offload some NPMD capabilities. The goal of these modules is optimal use of the existing end-user NPMD tool. Modules include Ixia Packet Capture Module (PCM) with 14GB of triggered packet capture at 40GbE line rates and 48 ports of NPB, and the Ixia Application and Threat Intelligence (ATI) Processor, which provides extensive processing power in addition to 48 ports of NBP. The ATI Processor requires a subscription at an additional recurring cost. The new 7300 product and platform has no current Gartner-verified customer references. Fundamental VoIP, application visibility and end-user experience metrics are standard capabilities. While the tool provides packet inspection and application visibility, product updates have not been observed for some time and the road map remains unclear.

Ixia’s NPMD revenue is between $5 million and $10 million per year. Ixia did not respond to requests for supplemental information and/or to review the draft contents of this document. Gartner’s analysis for this vendor is therefore based on other credible sources, including previous vendor briefings and interactions, the vendor’s own marketing collateral, public information and discussions with more than 200 end users who either have evaluated or deployed each NPMD product.

Strengths

  • Ixia’s ATI Processor provides visibility of, and rules to classify, traffic based on application types and performance of applications.
  • Ixia has significant R&D resources. Of the 1,800 staff, more than 800 are engineering- and R&D-focused.
  • Ixia’s market leadership in NPB allows it to leverage scalable hardware design with software capabilities to enable NPMD and additional troubleshooting needs by offloading some of these requirements from other more comprehensive NPMD tools.

Cautions

  • With the EOS of the Spyke and Net Optics appTap platforms, Ixia appears to have discontinued investments in pure NPMD capabilities.
  • Since the launch of the NTO 7300 platform in early 2014, there has been limited traction due to existing NPB investments and high cost for the hardware buy-in.
  • Financial reporting restatements and filing delays, combined with the resignation of two senior corporate officers, may hinder overall strategic focus and vision.

JDSU (Network Instruments)

In 2014, we have witnessed the completion of JDSU’s acquisition of Network Instruments, its subsequent integration into JDSU’s Network and Service Enablement business segment, the recent release of updates to its NPMD offering, and announced plans to separate JDSU into two entities in 2015. While this action could provide additional efficiencies and focus in the future, the preceding business integration and sales enablement efforts are only now beginning to bear fruit and will have to shift once more in response to the coming changes. The Network Instruments unit has followed a well-established, vertically integrated technology development strategy, designing and manufacturing most of its product components and software. An OEM relationship with CA Technologies, which had Network Instruments providing its GigaStor products to CA customers, devolved into a referral relationship, but no meaningful challenges have been voiced by Gartner clients as a result of this. Two key parts of the NPMD solution have new product names (Observer Apex and Observer Management Server) and a new, modern UI that is a significant improvement. Network Instruments’ current NPMD solution set is now part of the Observer Performance Management Platform 17, and includes Observer Apex, Observer Analyzer, Observer Management Server, Observer GigaStor, Observer Probes and Observer Infrastructure (v.4.2).

JDSU’s (Network Instruments) NPMD revenue is between $51 million and $150 million per year.

Strengths

  • Data- and process-level integration workflows are well-thought-out across the solution’s component products.
  • Network Instruments’ recent addition of a network packet broker product (Observer Matrix) to its offerings may appeal to small-scale enterprises looking for NPMD and NPB capabilities from the same vendor.
  • Packet capture and inspection capability (via GigaStor) is well-regarded by clients.

Cautions

  • While significant business integration activities have not, to date, had a perceptible impact on support or development productivity, this process is ongoing and now part of a larger business separation action that could result in challenges in the near future.
  • The NPMD solution requires multiple components with differing user interfaces that are not consistent across products.
  • The solution is focused on physical appliances, with limited options beyond proprietary hardware.

To learn more, download the full report here

Thanks to Gartner for the article. 

Virtualization Gets Real

Optimizing NFV in Wireless Networks

The promise of virtualization looms large: greater ability to fast-track services with lower costs, and, ultimately, less complexity. As virtualization evolves to encompass network functions and more, service delivery will increasingly benefit from using a common virtual compute and storage infrastructure.

Ultimately, providers will realize:

Lower total cost of ownership (TCO) by replacing dedicated appliances with commodity hardware and software-based control.

Greater service agility and scalability with functions stitched together into dynamic, highly efficient “service chains” in which each function follows the most appropriate and cost-effective path.

Wired and wireless network convergence as the 2 increasingly share converged networks, virtualized billing, signaling, security functions, and other common underlying elements of provisioning. Management and orchestration (M&O) and handoffs between infrastructures will become more seamless as protocol gateways and other systems and devices migrate to the cloud;

On-the-fly self-provisioning with end users empowered to change services, add features, enable security options, and tweak billing plans in near real-time.

At the end of the day, sharing a common pool of hardware and flexibly allocated resources will deliver far greater efficiency, regardless of what functions are being run and the services being delivered. But the challenges inherent in moving vital networking functions to the cloud loom even larger than the promise, and are quickly becoming real.

The Lifecycle NFV Challenge: Through and Beyond Hybrid Networks

Just 2 years after a European Telecommunications Standards Institute (ETSI) Industry Specification Groups (ISG) outlined the concept, carriers worldwide are moving from basic proof of concept (PoC) demonstrations in the lab to serious field trials of Network Functions Virtualization (NFV). Doing so means making sure new devices and unproven techniques deliver the same (or better) performance when deployments go live.

The risks of not doing so — lost revenues, lagging reputations, churn — are enough to prompt operators to take things in stages. Most will look to virtualize the “low-hanging fruit” first.

Devices like firewalls, broadband remote access servers (BRAS), policy servers, IMS components, and customer premises equipment (CPE) make ideal candidates for quickly lowering CapEx and OpEx without tackling huge real-time processing requirements. Core routing and switching functions responsible for data plane traffic will follow as NFV matures and performance increases.

In the meantime, hybrid networks will be a reality for years to come, potentially adding complexity and even cost (redundant systems, additional licenses) near-term. Operators need to ask key questions, and adopt new techniques for answering them, in order to benefit sooner rather than later.

To thoroughly test virtualization, testing itself must partly become virtualized. Working in tandem with traditional strategies throughout the migration life cycle, new virtualized test approaches help providers explore these 4 key questions:

1. What to virtualize and when? To find this answer, operators need to baseline the performance of existing networks functions, and develop realistic goals for the virtualized deployment. New and traditional methods can be used to measure and model quality and new configurations.

2. How do we get it to work? During development and quality assurance, virtualized test capabilities should be used to speed and streamline testing. Multiple engineers need to be able to instantiate and evaluate virtual machines (VMs) on demand, and at the same time.

3. Will it scale? Here, traditional testing is needed, with powerful hardware systems used to simulate high-scale traffic conditions and session rates. Extreme precision and load aid in emulating real-world capacity to gauge elasticity as well as performance.

4. Will it perform in the real world? The performance of newly virtualized network functions (VNFs) must be demonstrated on its own, and in the context of the overall architecture and end-to-end services. New infrastructure components such as hypervisors and virtual switches (vSwitches) need to be fully assessed and their vulnerability minimized.

Avoiding New Bottlenecks and Blind Spots

Each layer of the new architectural model has the potential to compromise performance. In sourcing new devices and devising techniques, several aspects should be explored at each level:

At the hardware layer, server features and performance characteristics will vary from vendor to vendor. Driver-level bottlenecks can be caused by routine aspects such as CPU and memory read/writes.

With more than 1 type of server platform often in play, testing must be conducted to ensure consistent and predictable performance as Virtual Machines (VMs) are deployed and moved from one type of server to another. The performance level of NICs can make or break the entire system as well, with performance dramatically impacted by simply not having the most recent interfaces or drivers.

Virtual switches and implementations vary greatly, with some coming packaged with hypervisors and others functioning standalone. vSwitches may also vary from hypervisor to hypervisor, with some favoring proprietary technology while others leverage open source. Finally, functionality varies widely with some providing very basic L2 bridge functionality and others acting as full-blown virtual routers.

In comparing and evaluating vSwitch options, operators need to weigh performance, throughput, and functionality against utilization. During provisioning, careful attention must also be given to resource allocation and the tuning of the system to accommodate the intended workload (data plane, control plane, signaling).

Moving up the stack, hypervisors deliver virtual access to underlying compute resources, enabling features like fast start/stop of VMs, snapshot, and VM migration. Hypervisors allow virtual resources (memory, CPU, and the like) to be strictly provisioned to each VM, and enable consolidation of physical servers onto a virtual stack on a single server.

Again, operators have multiple choices. Commercial products may offer more advanced features, while open source alternatives have the broader support of the NFV community. In making their selection, operators should evaluate both the overall performance of each potential hypervisor, and the requirements and impact of its unique feature set.

Management and Orchestration is undergoing a profound fundamental shift from managing physical boxes to managing virtualized functionality. Increased automation is required as this layer must interact with both virtualized server and network infrastructures, often using OpenStack protocols, and in many cases SDN.

VMs and VNFs themselves ultimately impact performance as each requires virtualized resources (memory, storage, and vNICs), and involves a certain number of I/O interfaces. In deploying a VM, it must be verified that the host OS is compatible with the hypervisor. For each VNF, operators need to know which hypervisors the VMs have been verified on, and assess the ability of the host OS to talk to both virtual I/O and the physical layer. The ultimate portability, or ability of a VM to be moved between servers, must also be demonstrated.

Once deployments go live, other overarching aspects of performance, like security, need to be safeguarded. With so much now occurring on a single server, migration to the cloud introduces some formidable new visibility challenges that must be dealt with from start to finish:

Pinpointing performance issues grows more difficult. Boundaries may blur between hypervisors, vSwitches, and even VMs themselves. The inability to source issues can quickly give way to finger pointing that wastes valuable time.

New blind spots also arise. In a traditional environment, traffic is visible on the wire connected to the monitoring tools of choice. Inter-VM traffic within virtualized servers, however, is managed by the hypervisor’s vSwitch, without traversing the physical wire visible to monitoring tools. Traditional security and performance monitoring tools can’t see above the vSwitch, where “east-west” traffic now flows between guest VMs. This newly created gap in visibility may attract intruders and mask pressing performance issues.

Monitoring tool requirements increase as tools tasked with filtering data at rates for which they were not designed quickly become overburdened.

Audit trails may be disrupted, making documenting compliance with industry regulations more difficult, and increasing the risk of incurring fines and bad publicity.

To overcome these emerging obstacles, a new virtual visibility architecture is evolving. As with lab testing, physical and virtual approaches to monitoring live networks are now needed to achieve 100% visibility, replicate field issues, and maintain defenses. New virtualized monitoring Taps (vTaps) add the visibility into inter-VM traffic that traditional tools don’t deliver.

From There On…

The bottom line is that the road to the virtualization of the network will be a long one, without a clear end and filled with potential detours and unforeseeable delays. But with the industry as a whole banding together to pave the way, NFV and its counterpart, Software Defined Networking (SDN) represent a paradigm shift the likes of which the industry hasn’t seen since mobilization itself.

As with mobility, virtualization may cycle through some glitches, retrenching, and iterations on its way to becoming the norm. And once again, providers who embrace the change, validating the core concepts and measuring success each step of the way will benefit most (as well as first), setting themselves up to innovate, lead, and deliver for decades to come.

Thanks to OSP for the article

Mobile Network Optimization

Ixia Anue NTO 7300

Visibility Into Quality

What happens when we offload voice traffic to Wi-Fi? As user demand for high-quality anytime, anywhere communications continues growing exponentially, mobile providers are evolving core networks to higher capacity technologies such as 4G LTE. As they do so, mobile network optimization increasingly relies on detecting and preventing potential performance issues. Accomplishing this detection becomes even more challenging, given the expanding mix of tools, probes, interfaces, processes, functions, and servers involved in network monitoring and optimization.

Ixia’s network visibility solutions provide the ongoing data needed for mobile network optimization. They deliver a high-quality subscriber experience reliably and cost-effectively, despite the growing diversity of network technologies, user devices, and security threats. As operational complexity increases, network engineers at leading mobile service providers can leverage Ixia’s suite of network monitoring switches to ensure the end-to-end visibility needed to minimize OPX, sustain profitability, and safeguard quality and user satisfaction.

Ixia’s mobile network visibility solutions deliver:

  • Traffic optimized for monitoring
  • Automated troubleshooting to reduce MTTR
  • A breakthrough “drag and drop” GUI management interface that streamlines configuration
  • Expanded network monitoring capacity

Carrier-grade Mobile Network Capabilities

Ixia’s expanding suite of network visibility solutions offer a host of new capabilities that equip network engineers at telecommunications providers to achieve end-to-end network visibility—simply and efficiently. NEBS-compliant and suitable for 4G LTE packet cores, these solutions can enable such essential functions as connection of multiple network monitoring tools to a large number of 40GbE, 10GbE, and 1GbE interfaces (up to 16 40GbE ports or up to 64 10GbE ports) in an efficient form factor. Reflecting Ixia’s globally renowned monitoring innovation, these carrier-grade solutions offer such innovative features as:

  • MPLS and GTP filtering
  • Custom dynamic filtering to allow visibility into the first 128 bytes of packets
  • Uninterrupted access for high-availability network monitoring
  • NEBS certification that ensures robustness
  • Redundant, hot-swappable power supplies and fan modules
  • Local and remote alarm relay support
  • Emergency out-of-band reset
  • Intuitive drag-and-drop control panel
  • Aggregation of data from multiple network access points

Ixia provides telecommunications providers easy access to view end-to-end analyses of architected networks, validate field applications, and improve customer loyalty and support. They deliver the actionable insights needed to dynamically detect, avoid and address issues, Overall, Ixia’s robust end-to-end network visibility solutions allow engineers to evaluate and optimize network and application performance under diverse conditions, maximizing ROI and the quality of the user experience.

 

Ixia Anue NTO 7300 Ixia Anue GTP Session Controller

Net Tool Optimizers
Out-of-band traffic aggregation, filtering, dedup, load balancing

GTP Session Controller
Intelligent distribution and control of mobile network traffic

 

Thanks to Ixia for the article

Application Performance Monitoring

Ixia NTO-7300

Your network infrastructure exists for one reason: to deliver the services and applications that matter to your customers who demand access now, without interruption. Anything that affects your ability to reach customers has a serious impact on your bottom line.

High-quality application performance requires real-time awareness of what’s happening on the network. Network operators need to monitor, analyze, and report on transactions throughout the IT environment—whether physical, virtual, or in the cloud—to identify issues quickly and resolve problems before they disrupt critical services. This means understanding dependencies between applications and the network, being alerted to issues before business is affected, and accelerating troubleshooting.

For most businesses, network performance must now be evaluated and managed from an application perspective. To accomplish this, you need innovative transaction performance management capabilities that help prioritize problem resolution according to business impact.

Ixia Application Performance Monitoring (APM)

Ixia offers a spectrum of intelligent APM capabilities that work with monitoring devices to capture and analyze network traffic in a scalable solution. Ixia APM solutions accurately, efficiently, and non-disruptively direct out-of-band network traffic from multiple access points, whether SPAN ports or TAPs, to the monitoring device for analysis. The result is application awareness that dramatically raises network performance, availability, and security.

Ixia APM enables

Full network visibility. Ixia’s APM solutions deliver all required traffic from anywhere in the network to the monitoring tools, allowing fully 100 percent of traffic to be monitored and analyzed.

  • Simplified deployment. Flexible enough to work in any network environment, Ixia’s APM shares access with deployed monitoring and security tools.
  • Streamlined scalability. Ixia’s APM allows you to add 1GE, 10GE, 40GE, or 100GE ports, with filters dynamically adjusted to meet bandwidth requirements.
  • Effective security. Ixia’s APM automatically directs traffic as needed to a centralized “farm” of cost effective, high-capacity security tools to monitor distributed buildings and network segments. Traffic of interest is returned to the security tool farm for inspection.
  • Advanced Automation. Ixia’s APM solutions automatically respond in real time to network events that have an impact on applications, including event recording, security analysis, and traffic redirection. This capability improves application performance and availability.

Highlights of Ixia APM

Ixia’s APM’s advanced filtering capabilities work easily with your own monitoring systems across a range of applications. Additionally, our APM performs:

  • Load-balancing of traffic across multiple monitoring input ports
  • Dynamic tightening of filters as needed to ensure that key transactions are always analyzed when total traffic spikes over 10Gbps
  • Traffic redirecting among multiple monitoring appliances on a network to provide high availability
  • Packet capture on demand, based upon NMS/SIEM alerts

Related Products

 

Ixia NTO-7300 Net Optics Network Taps Net Optics Phantom Virtualization Tap

Net Tool Optimizers
Out-of-band traffic aggregation, filtering, dedup, load balancing

Net Optics Network Taps
Passive network access for security and monitoring tools

Phantom Virtualization Tap
Passive network access to traffic passing between VMs

Thanks to Ixia for the article. 

 

Enterprises- Ensure Application Performance and Security Resilience

Ensure Application Performance and Security Resilience

For most every enterprise, the network is your business. Your network and applications are what connects you to your customers. Maintaining network vitality for an optimal user experience is key to business growth and profitability. But today’s networks are under tremendous pressures. User expectations for high performance and innovative applications are ever-increasing. So too are the frequency, magnitude, and sophistication of security attacks that your adversaries are launching to attempt to infiltrate your network, steal data, or disrupt operations.

To achieve a secure network that is resilient to attack requires the selection and deployment of security devices such as firewalls and intrusion prevention. To meet the expectation for application performance, devices such as load balancers, application controllers and performance monitoring tools are also deployed in the network. Ixia is focused on helping to ensure security resilience and application performance in your network.

Security Resilience

The demands on the network are constant and your security must have resilience to maintain its effectiveness as it comes under attack, is challenged to maintain visibility to traffic and events across the network, or just needs an operational change to deploy the latest threat updates. Ixia’s portfolio of security solutions allow enterprises to:

  • Optimize security device investments such as IPS, Firewall, NGFW or DDoS Mitigation by helping you select the best technology with the right performance and deploying it in the network most effectively with network visibility and optimal load balancing.
  • Minimize downtime and improve operational change control for security upgrades by validating security updates and changes and providing the inline deployment tools to ensure that these changes are not disruptive to network operations.
  • Train and prepare for realistic cyber security exercises with systems that can create the real-world application loads and attack traffic required for a cyber range and also provide the visibility required to stream high volumes of events to SOC tools to monitor the exercises.

Application Performance

It has become critical to assess applications and their performance not only before going live to ensure they are customer-ready, but that performance is maintained over time by monitoring the network — ensuring visibility into key application flows, anywhere on the network. Ixia’s portfolio of application performance solutions allow enterprises to:

  • Validate and assess application performance across your network with real-world application load testing and simulate applications for thousands of wireless or wired endpoints
  • Gain confidence for virtualization migrations by testing new deployments and removing any of the network visibility blind spots created by adoption of virtualization
  • Maintain application performance and ease of operation by getting the right information to the right application performance and network monitoring tools
  • Extend the life of IT tool investments and maximize the usefulness of the current tool capacity with the deployment of physical taps, virtual taps, bypass switches, and network packet brokers

Thanks to Ixia for the article. 

Network Performance Monitoring

Ixia's Net Tool Optimizer

Visibility Into the Business

With virtualization, “Big Data,” and the sheer complexity of enterprise networks on the rise, dynamic network monitoring of performance and security provides a critical business advantage. Ixia’s network visibility solutions deliver ongoing insight into production networks to help maximize your company’s productivity and profitability, as well as its return on new and existing IT investments.

Leveraging state-of-the-art technology and techniques, Ixia’s powerful, high-performance network monitoring switches equip network engineers to meet the growing challenge of testing, assessing and monitoring complex, high-performance networks with limited access points. These solutions add intelligence between network access points and sophisticated monitoring tools to streamline the flow of data, ensuring that each tool receives the exact information it needs. Data from multiple TAP and SPAN ports is aggregated and multicast to performance and security monitoring tools, providing network operators with maximum visibility into both physical and virtual networks.

Ixia network visibility solutions:

  • Optimize traffic for monitoring with advanced filtering, aggregation, and replication
  • Extend investments in 1G monitoring tools to 10G and 40G deployments
  • Automate troubleshooting to reduce MTTR
  • Introduce “drag and drop” simplicity to streamline configuration and management
  • Expand network monitoring capacity enabling simultaneous monitoring of multiple connection points from a single port

Poor application performance leads to poor business performance: lost sales, missed opportunities, inefficient operations, and disgruntled customers, weakening the corporate brand. Mitigating this risk, Ixia’s network visibility solutions equip network engineers to leverage actionable insight—maximizing network and application performance while helping to optimize security, compliance, management, scalability, and ROI.

 

Ixia's Net Tool Optimizer Net Optics Network Taps

Net Tool Optimizers
Out-of-band traffic
aggregation, filtering,
dedup, load balancing

Net Optics Network Taps
Passive network access for
security and monitoring tools

 

Thanks to Ixia for the article. 

Ixia Brings Application and Threat Intelligence to Network Visibility

Ixia announced enhancements to its network visibility product portfolio, which extends the capabilities of its Visibility Architecture™. With the latest releases incorporating Ixia’s Application and Threat Intelligence, comprehensive solutions come together to meet the needs of enterprises for simplified and actionable network insight.

In an increasingly dynamic environment, network administrators are striving for complete network visibility. This level of awareness requires a robust visibility architecture that is able to apply context and correlation to network applications incorporating factors such as user location, granular application action, operating system, browser, and handset type across physical- and virtual-source traffic. The addition of these capabilities to Ixia’s Visibility Architecture marks a significant advancement in the tools that IT professionals can leverage to better understand the application performance and security implications of network events.

Updates to Ixia’s Visibility Architecture include:

  • Application filtering technology – Using Ixia’s ATI Processor, administrators are able to select precise geo-tagged application traffic for forwarding to specific monitoring tools. File transfers to suspicious locations or VoIP connections from a branch office with performance problems can be automatically highlighted and directed to the appropriate tools for immediate analysis.
  • New high-density platform – Ixia’s ATI Processor is available in the new NTO 6212 packet broker, which enhances Ixia’s NTO family with application brokering and NetFlow generation in an efficient 48-port 1U package.
  • Advanced packet processing and 100G supportIxia’s NTO 7300 now supports 100Gb interfaces and 1.8Tb of advanced processing (such as header stripping and deduplication), the highest capacity and density in the industry by a substantial margin.
  • Monitoring of financial feeds – Ixia’s recent TradeView release allows for the monitoring of market data down to the channel level providing early warning of health issues with channel feeds that can save millions in revenue lost to trading errors.

Industry Commentary:

“As the number of data sources and customer expectations for always-on access continue to rise, its imperative that IT professionals have the right tools to keep networks running securely and at optimal performance,” said Jim Rapoza, Senior Research Analyst, Aberdeen Group. “To accomplish this, organizations must have visibility solutions that provide immediate insight into events in order to capture more accurate application and network data.”

“Application Intelligence is the next wave of network visibility, yielding deeper insight and faster resolution times,” said Scott Register, Senior Director, Product Management for Ixia. “Our recent advances demonstrate our commitment to providing our customers with the most advanced, efficient and comprehensive visibility solution in the industry.”

Thanks to Ixia for the article. 

Security & Compliance Monitoring

Ixia's Net Tool Optimizer

High-stakes Monitoring

Global finance moves fast. When data and transactions don’t take place as smoothly or securely as expected, the company’s revenues and reputation may instantly suffer, causing valued customers to seek more reliable providers. Regulatory requirements are also growing, creating a greater need for security and compliance monitoring.

To mitigate risk and ensure performance, Ixia’s network visibility solutions deliver the ongoing data needed to dynamically detect, avoid, and address issues that affect production networks, private clouds, and applications. With security and compliance monitoring requirements increasing and physical networks becoming more complex, the Ixia suite of network monitoring switches optimizes use of network monitoring access points and overcomes hardware limitations for increased visibility at reduced cost.

Leveraging industry-leading network visibility technology, Ixia’s solutions enable engineers running the world’s most demanding networks to:

  • Minimize latency and speed transaction times
  • Prevent fraud and secure data across multiple networks and private cloud infrastructures
  • Maintain compliance with rigorous regulatory standards associated with PCI-DSS and other governance
  • Maximize existing investments while evolving to 40Gbps and beyond
  • Demonstrate fairness to customers and compliance with requirements tied to Service Level Agreements

Ixia’s suite of solutions also supports testing, assessing and optimizing of network and application performance, security, compliance, and management under diverse conditions. These breakthrough solutions deliver:

  • Increased network visibility by efficiently providing network, application, and security monitoring tools the exact data they need
  • Expanded network monitoring capacity with aggregation, filtering, and replication of data enabling simultaneous monitoring of multiple connection points from a single port
  • Maximum tool utilization extending 1Gbps monitoring tools to 10Gbps and 40Gbps networks to defer costly upgrades
  • Automated troubleshooting that reduces mean time to repair (MTTR)
  • Industry-first “drag and drop” interface that speeds and simplifies configuration and management

Related Products

Ixia's Net Tool Optimizer Net Optics Network Taps Net Optics Phantom Virtualization Tap Net Optics Network Packet Brokers Ixia's Application and Threat Intelligence Processor

Net Tool Optimizers
Out-of-band traffic
aggregation, filtering, dedup, load balancing

Net Optics Network Taps
Passive network access for security and monitoring tools

Phantom Virtualization Tap
Passive network access to traffic passing between VMs

Net Optics Network Packet Brokers
Inline traffic aggregation,
filtering, deduplication and
load balancing for monitoring
tools

Ixia Application and Threat Intelligence Processor
Better data for better
decisions

Resources

The Real Secret to Securing your Network

Ixia's- The Real Secret to Securing your Network

Thanks to Ixia for the article. 

BYOD Monitoring

Ixia's Net Tool Optimizers

A Corporate Conundrum

With possession being 9/10th of the law, the bring your own device (BYOD) trend creates a conundrum for enterprises. BYOD is the policy of allowing employees to bring personally owned mobile devices to their place of work and use them to access company resources such as email, file servers, and databases. It is also fairly common to mix personal and professional data on single device or across multiple mobile options.

BYOD is becoming increasingly prevalent in enterprises, as employees enjoy using their familiar technology of choice over corporate-mandated equipment. But since employees actually own the devices they’re using to perform corporate work and send or receive business-related communications, how can IT control the security and performance of corporate applications and assets?

There are more questions than answers currently as IT struggles to deal with the impacts of BYOD. The move away from standard, corporate-controlled endpoints is fraught with peril.

BYOD Challenges

  • With employee-owned devices, the amount of control IT has over the endpoints is a gray area. Can they monitor it, or does monitoring violate employee privacy? Can they take actions to protect the device without employee permission?
  • Privacy rights of the employee are extremely sticky when dealing with BYOD, especially in certain parts of Europe where employers are subject to strict privacy laws.
  • When an employee-owned device is lost or stolen, does IT have the right to remotely wipe the device? What about personal data the employee has on the device?
  • With BYOD, instead of IT worrying about one device per employee, a single employee might use 2-3 or more devices to access corporate resources.
  • It should be assumed that BYOD endpoints are security risks, due to a lack of corporate control over the devices.
  • BYOD users expect the speed and performance they are accustomed to on their local desktops, so IT planning for sufficient capacity is key. SLAs must be defined for the BYOD infrastructure, as well as a centralized management capability.
  • A successful BYOD strategy must also take compliance under consideration and build in the auditing and reporting capabilities that are crucial to compliance.

The Ixia BYOD Solution

The Ixia BYOD solution is an essential element of a BYOD strategy. We help enterprises planning or already maintaining BYOD by remediating security and performance impacts on corporate networks due to uncontrolled endpoints.

With Ixia’s BYOD solution, you can monitor the corporate network actively, with no sacrifice of network access for your security and performance tools. Our BYOD line:

  • Protects corporate IT assets responsibly
  • Aggregates, filters and replicates traffic so all security tools get the right data
  • Increases monitoring tool performance and improves tool accuracy
  • Speeds incident remediation, delivering granular access control to network data and automated responses for adaptive monitoring when anomalous behavior is detected
  • Reduces exposure of sensitive data with filtering and stripping capabilities

Ixia enables the real-time monitoring to address critical business needs at gigabit speeds, while providing insights and analysis on a sub-minute level. We provide the application-specific intelligence that’s critical to timely root cause analysis for BYOD security—including identification of actual user names, individual VoIP calls, and deep visibility of email traffic. With a near real-time and historical view of key performance indicators (KPIs)—including traffic volume, top talkers, application and network latency, and application distribution—IT can monitor bandwidth usage and acquire needed information to quickly resolve application performance issues. IT can also perform capacity planning and trend analysis to see how the BYOD program affects the baseline of network resources.

Related products

Ixia's Net Tool Optimizers Net Optics Network Taps

Net Tool Optimizers
Out-of-band traffic aggregation,
filtering, dedup, load balancing

Net Optics Network Taps
Passive network access
for security and monitoring tools

 

Thanks to Ixia for the article

Ixia’s new Ebook- The Network Through a New Lens: How a Visibility Architecture Sharpens the View

“Enter the Visibility Architecture”

“Buying more tools to deal with spiraling demands is counter-productive – it’s like trying to simplify a problem by increasing complexity. Visibility merits its own architecture, capable of addressing packet access and packet stream management. A visibility architecture that collects, manages, and distributes packet streams for monitoring and analysis is ideal for cost-savings, reliability, and resilience. The economic advantages of such end to-end visibility are beyond debate.

An architectural approach to visibility allows IT to respond to the immediate and long-range demands of growth, management, access, control, and cost issues. This architecture can optimize the performance and value of tools already in place, without incurring major capital and operational costs. With the ability to see into applications, a team can drill down instantly from high-level metrics to granular details, pinpoint root causes and take action at the first—or even before the first – sign of trouble – lowering Mean Time to Repair (MTTR) dramatically.

A scalable visibility architecture provides resilience and control without adding complexity. Because lack of access is a major factor in creating blind spots, a visibility architecture provides ample access for monitoring and security tools: network taps offer reliable access points, while NPBs contribute the advanced filtering, aggregation, deduplication, and other functions that make sure these tools see only traffic of interest.

Application- and session-aware capabilities contribute higher intelligence and analytical capabilities to the architecture, while policy and element management capabilities help automate processes and integrate with existing management systems. Packet-based monitoring and analysis offers the best view into the activity, health, and performance of the infrastructure. Managing a visibility architecture requires an intuitive visual/ graphical interface that is easy to use and provides prompt feedback on operations – otherwise, architecture can become just another complexity to deal with.”

Ixia Visibility Architecture

The Ixia Network Visibility Architecture encompasses network and virtual taps, as well as inline bypass switches; inline and out-of-band NPBs; application-aware and session aware monitoring, and a management layer.

Download the ebook here

Ixia The Network Through a New Lens

Thanks to Network World for the article.