Advanced Packet Filtering with Ixia’s Advanced Filtering Modules (AFM)

An important factor in improving network visibility is the ability to pass the correct data to monitoring tools. Otherwise, it becomes very expensive and aggravating for most enterprises to sift through the enormous amounts of data packets being transmitted (now and in the near future). Bandwidth requirements are projected to continue increasing for the foreseeable future – so you may want to prepare now. As your bandwidth needs increase, complexity increases due to more equipment being added to the network, new monitoring applications, and data filtering rule changes due to additional monitoring ports.

Network monitoring switches are used to counteract complexity with data segmentation. There are several features that are necessary to perform the data segmentation needed and refine the flow of data. The most important features needed for this activity are: packet deduplication, load balancing, and packet filtering. Packet filtering, and advanced packet filtering in particular, is the primary workhorse feature for this segmentation.

While many monitoring switch vendors have filtering, very few can perform the advanced filtering that adds real value for businesses. In addition, filtering rules can become very complex and require a lot of staff time to write initially and then to maintain as the network constantly changes. This is time and money wasted on tool maintenance instead of time spent on quickly resolving network problems and adding new capabilities to the network requested by the business.

Basic Filtering

Basic packet filtering consists of filtering the packets as they either enter or leave the monitoring switch. Filtering at the ingress will restrict the flow of data (and information) from that point on. This is most often the worst place to filter as tools and functionality downstream from this point will never have access to that deleted data, and it eliminates the ability to share filtered data to multiple tools. However, ingress filtering is commonly used to limit the amount of data on the network that is passed on to your tool farm, and/or for very security sensitive applications that wish to filter non-trusted information as early as possible.

The following list provides common filter criteria that can be employed:

  • Layer 2
    • MAC address from packet source
    • VLAN
    • Ethernet Type (e.g. IPv4, IPv6, Apple Talk, Novell, etc.)
  • Layer 3
    • DSCP/ECN
    • IP address
    • IP protocol ( ICMP, IGMP, GGP, IP, TCP, etc.)
    • Traffic Class
    • Next Header
  • Layer 4
    • L4 port
    • TCP Control flags

Filters can be set to either pass or deny traffic based upon the filter criteria.

Egress filters are primarily meant for fine tuning of data packets sent to the tool farm. If an administrator tries to use these for the primary filtering functionality, they can easily run into an overload situation where the egress port is overloaded and packets are dropped. In this scenario, aggregated data from multiple network ports may be significantly greater than the egress capacity of the tool port.

Advanced Filtering

Network visibility comes from reducing the clutter and focusing on what’s important when you need it. One of the best ways to reduce this clutter is to add a monitoring switch that can remove duplicated packets and perform advanced filtering to direct data packets to the appropriate monitoring tools and application monitoring products that you have deployed on your network. The fundamental factor to achieve visibility is to get the right data to the right tool to make the right conclusions. Basic filtering isn’t enough to deliver the correct insight into what is happening on the network.

But what do we mean by “advanced filtering”? Advanced filtering includes the ability to filter packets anywhere across the network by using very granular criteria. Most monitoring switches just filter on the ingress and egress data streams.

Besides ingress and egress filtering, operators need to perform packet processing functions as well, like VLAN stripping, VNtag stripping, GTP stripping, MPLS stripping, deduplication and packet trimming.

Ixia’s Advanced Feature Modules

The Ixia Advanced Feature Modules (AFM) help network engineers to improve monitoring tool performance by optimizing the monitored network traffic to include only the essential information needed for analysis. In conjunction with the Ixia Net Tool Optimizer (NTO) product line, the AFM module has sophisticated capability that allows it to perform advanced processing of packet data.

Advanced Packet Processing Features

  • Packet De-Duplication – A normally configured SPAN port can generate multiple copies of the same packet dramatically reducing the effectiveness of monitoring tools. The AFM16 eliminates redundant packets, at full line rate, before they reach your monitoring tools. Doing so will increase overall tool performance and accuracy.
  • Packet Trimming – Some monitoring tools only need to analyze packet headers. In other monitoring applications, meeting regulatory compliance requires tools remove sensitive data from captured network traffic. The AFM16 can remove payload data from the monitored network traffic, which boosts tool performance and keeps sensitive user data secure.
  • Protocol Stripping – Many network monitoring tools have limitations when handling some types of Ethernet protocols. The AFM16 enables monitoring tools to monitor required data by removing GTP, MPLS, VNTag header labels from the packet stream.
  • GTP Stripping – Removes the GTP headers from a GTP packet leaving the tunneled L3 and L4 headers exposed. Enables tools that cannot process GTP header information to analyze the tunneled packets.
  • NTP/GPS Time Stamping – Some latency-sensitive monitoring tools need to know when a packet traverses a particular point in the network. The AFM16 provides time stamping with nanosecond resolution and accuracy.

Additional Resources:

Ixia Advance Features Modules

Ixia Visibility Architecture

Thanks to Ixia for the article. 

Introducing the First Self-Regulating Root Cause Analysis: Dynamic Rule Generation with StableNet® 7

Infosim®, a leading manufacturer of automated Service Fulfillment and Service Assurance solutions for Telcos, ISPs, MSPs and Corporations, today announced a proprietary new technology called Dynamic Rule Generation (DRG) with StableNet® 7.

The challenge: The legacy Fault Management approach includes a built-in dilemma: Scalability vs. Aggregation. On the one hand, it is unfeasible to pre-create all possible rules while on the other hand, not having enough rules will leave NOC personnel with insufficient data to troubleshoot complex scenarios.

The solution: DRG expands and contracts rules that automatically troubleshoot networks by anticipating all possible scenarios from master rule sets. DRG is like cruise control for a network rule set. When DRG is turned on, it can robotically expand and contract rule sets to keep troubleshooting data at optimum levels constantly without human intervention. It will also allow for automatic ticket generation and report alarms raised by dynamically generated rules. DRG leads to fast notification, a swift service Impact Analysis, and results in the first self-regulating Root Cause Analysis in today’s Network Management Software market.

Start automating Fault Management and stop manually creating rules! Take your hands off the keyboard and allow the DRG cruise control to take over!

Supporting Quotes:

Dr. Stefan Köhler, CEO for Infosim® comments:

“We at Infosim® believe you should receive the best value from your network, and exchange of information should be as easy as possible. The way we want to achieve these goals, is to simplify the usage and automate the processes you use to manage your network. Rules creation and deletion has been an Achilles’ heel of legacy network management systems. With DRG (Dynamic Rule Generation), we are again delivering another new technology to our customers to achieve our goal of the dark NOC.”

Marius Heuler, CTO for Infosim® comments:

“By further enhancing the already powerful Root Cause Analysis of StableNet®, we are providing functionality to our users that will both take care of ongoing changes in their networks while automatically keeping the rules up to date.”

ABOUT INFOSIM®

Infosim® is a leading manufacturer of automated Service Fulfillment and Service Assurance solutions for Telcos, ISPs, Managed Service Providers and Corporations. Since 2003, Infosim® has been developing and providing StableNet® to Telco and Enterprise customers. Infosim® is privately held with offices in Germany (Würzburg – Headquarters), USA (Austin) and Singapore.

Infosim® develops and markets StableNet®, the leading unified software solution for Fault, Performance and Configuration Management. StableNet® is available in two versions: Telco (for Telecom Operators and ISPs) and Enterprise (for IT and Managed Service Providers). StableNet® is a single platform unified solution designed to address today’s many operational and technical challenges of managing distributed and mission-critical IT infrastructures.

Many leading organizations and Network Service Providers have selected StableNet® due to its enriched features and reduction in OPEX & CAPEX. Many of our customers are well-known global brands spanning all market sectors. References available on request.

At Infosim®, we take pride in the engineering excellence of our high quality and high performance products. All products are available for a trial period and professional services for proof of concept (POC) can be provided on request.

ABOUT STABLENET®

StableNet® is available in two versions: Telco (for Telecom Operators and ISPs) and Enterprise (for IT and Managed Service Providers).

StableNet® Telco is a comprehensive unified management solution; offerings include: Quad-play, Mobile, High-speed Internet, VoIP (IPT, IPCC), IPTV across Carrier Ethernet, Metro Ethernet, MPLS, L2/L3 VPNs, Multi Customer VRFs, Cloud and FTTx environments. IPv4 and IPv6 are fully supported.

StableNet® Enterprise is an advanced, unified and scalable network management solution for true End-to-End management of medium to large scale mission-critical IT supported networks with enriched dashboards and detailed service-views focused on both Network & Application services.

Thanks to Infosim for the article. 

Security Breaches Keep Network Teams Busy

Network Instruments study shows that network engineers are spending more of their day responding to breaches and deploying security controls.

This should come as no big surprise to most network teams. As security breaches and threats proliferate, they’re spending a lot of time dealing with security issues, according to a study released Monday.

Network Instruments’ eighth annual state of the network report shows that network engineers are increasingly consumed with security chores, including investigating security breaches and implementing security controls. Of the 322 network engineers, IT directors and CIOs surveyed worldwide, 85% said their organization’s network team was involved in security. Twenty percent of those polled said they spend 10 to 20 hours per week on security issues.

Security Breaches Keep Network Teams Busy

Almost 70% said the time they spend on security has increased over the past 12 months; nearly a quarter of respondents said the time spend increased by more than 25%.

The top two security activities keeping networking engineers busy are implementing preventative measures and investigating attacks, according to the report. Flagging anomalies and cleaning up after viruses or worms also are other top time sinks for network teams.

“Network engineers are being pulled into every aspect of security,” Brad Reinboldt, senior product manager for Network Instruments, the performance management unit of JDSU, said in a prepared statement

Security Breaches Keep Network Teams Busy

Network teams are drawn into security investigations and preparedness as high-profile security breaches continue to make headlines. Last year, news of the Target breach was followed by breach reports from a slew of big-name companies, including Neiman Marcus, Home Depot, and Michaels.

A report issued last September by the Ponemon Institute and sponsored by Experian showed that data breaches are becoming more frequent. Of the 567 US executives surveyed, 43 percent said they had experienced a data breach, up from 33% in a similar survey in 2013. Sixty percent said their company had suffered more than one data breach in the past two years, up from 52% in 2013.

According to Network Instruments’ study, syslogs were as the top method for detecting security issues, with 67% of survey respondents reporting using them. Fifty-seven percent use SNMP while 54% said they use anomalies for uncovering security problems.

In terms of security challenges, half of the survey respondents ranked correlating security and network performance as their biggest problem.

The study also found that more than half of those polled expect bandwidth to grow by more than 51% next year, up from the 37% from last year’s study who expected that kind of growth. Several factors are driving the demand, including users with multiple devices, larger data files, and unified communications applications, according to the report.

The survey also queried network teams about their adoption of emerging technologies. It found that year-over-year implementation rates for 40 Gigabit Ethernet, 100GbE, and software-defined networking have almost doubled. One technology that isn’t gaining traction among those polled is 25 GbE, with more than 62% saying they have no plans for it.

Thanks to Network Computing for the article.

What if Sony Used Ixia’s Application and Threat Intelligence Processor (ATIP)?

Trying to detect intrusions in your network and extracting data from your network is a tricky business. Deep insight requires a deep understanding of the context of your network traffic—where are connections coming from, where are they going, and what are the specific applications in use. Without this breadth of insight, you can’t take action to stop and remediate attacks, especially from Advanced Persistent Threats (APT).

To see how Ixia helps its customers gain this actionable insight into the applications and threats on their network, we invite you to watch this quick demo of Ixia’s Application and Threat Intelligence Processor (ATIP) in action. Chief Product Officer Dennis Cox uses Ixia’s ATIP to help you understand threats in real time, with the actual intrusion techniques employed in the Sony breach.

Additional Resources:

Ixia Application and Threat Intelligence Processor

Thanks to Ixia for the article.

End User Experience Testing Made Easier with NMSaaS

End user experience & QoS are consistently ranked at the top of priorities for Network Management teams today. According to research over 60% of companies today say that VoIP is present in a significant amount of their networks, this is the same case with streaming media within the organization.

As you can see having effective end user experience testing is vital to any business. If you have a service model, whether you’re an actual service provider like a 3rd party or you’re a corporation where your IT acts as a service provider you have a certain goal. This goal is to provide assured applications/services to your customers at the highest standard possible.

The success of your business is based upon your ability to deliver effective end user experience. How many times have you been working with a business and have been told to wait because the businesses computers systems were “slow”. It is something which we all have become frustrared with in the past.

b2ap3_thumbnail_angry-user-post-size.jpg

To ensure that your organization can provide effective and successful end user experience you need to be able to proactively test your live environment and be alerted to issues in real time.

This is comprised of 5 key elements:

1) Must be able to test from end-to-end

2) Point to Point or Meshed testing

3) Real traffic and “live” test, not just “ping” and trace route

4) Must be able to simulate the live environments

  • Class of service
  • Number of simultaneous tests
  • Codecs
  • Synthetic login/query

5) Must be cost effective and easy to deploy.

NMSaaS is able to provide all of these service at a cost effective price.

If this is something you might be interested in, or if you would like to find more about our services and solutions – why not start a free 30 day trial today?

b2ap3_thumbnail_file-2229790027.png

Thanks to NMSaaS for the article.

Avoid Network Performance Problems with Automated Monitoring

Network administrators can streamline the troubleshooting process by deploying automated monitoring systems.

With automated monitoring in place, admins can get early warnings about emerging problems and address them before the adverse effects continue for too long. In addition, automated monitoring can help maintain up to date information about network configuration and devices on the network that can be essential for diagnosing network performance problems.

An automated network monitoring regime requires a combination of tools along with policies and procedures for utilizing those tools.

Network hardware vendors and third party software vendors offer a wide range of tools for network management. Here are some tips for identifying the right tool, or set of tools, for your needs.

The first step in setting up automated monitoring system is having an accurate inventory of devices on your network. A key requirement for just about any automated network tool set is automated discovery of IP addressable devices. This includes network hardware, like switches and routers, as well as servers and client devices.

Another valuable feature is the ability to discover network topology. If you cringe every time someone erases your network diagram from the whiteboard, it’s probably time to get a topology mapping tool. Topology discovery may be included with your device discovery tool but not necessarily.

Device and topology discovery tools provide a baseline of information about the structure of your network. These tools can be run at regular intervals to detect changes and update the device database and topology diagrams. As a side benefit, this data can be useful for compliance reporting as well.

Once you have an inventory of devices on your network, you will need to collect data on the state of those devices. Although IT organizations often separate network administration and server administration duties, it is often helpful to have performance data on servers and the network.

The Simple Network Management Protocol (SNMP) and the Windows Management Instrumentation (WMI) protocols are designed to collect such device data. Network performance monitoring tools can be configured to poll network devices and collect data on availability, latency and traffic volumes using SNMP. WMI is a Microsoft protocol designed to allow monitoring programs to query Windows operating systems about the state of a system. Network performance monitoring tools can collect, consolidate and correlate network and server information from multiple devices.

In addition to monitoring the state of servers, some tools support running Powershell monitoring and action scripts for Windows devices and SSH support for administering Linux servers.

Thanks to Tom’s IT Pro for the article.

Will You Find the Needle in the Haystack? Visibility with Overlapping Filters

When chasing security or performance issues in a data center, the last thing you need is packet loss in your visibility fabric. In this blog post I will focus on the importance of how to deal with multiple tools with different but overlapping needs.

Dealing with overlapping filters is critical, in both small and large visibility fabrics. Lost packets occur when filter overlaps are not properly considered. Ixia’s NTO is the only visibility platform that dynamically deals with all overlaps to ensure that you never miss a packet. Ixia Dynamic Filters ensure complete visibility to all your tools all the time by properly dealing with “overlapping filters.” Ixia has over 7 years invested in developing and refining the filtering architecture of NTO, it’s important to understand the problem of overlapping filters.

What are “overlapping filters” I hear you ask? This is easiest explained with a simple example. Let’s say we have 1 SPAN port, 3 tools, and each tool needs to see a subset of traffic:

Will You Find the Needle in the Haystack? Visibility with Overlapping Filters

Sounds simple, we just want to describe 3 filter rules:

  • Tool 1 wants a copy of all packets on VLAN 1-3
  • Tool 2 wants a copy of all packets containing TCP
  • Tool 3 wants a copy of all packets on VLAN 3-6

Notice the overlaps. For example a TCP packet on VLAN 3 should go to all three tools. If we just installed these three rules we would miss some traffic because of the overlaps. This is because once a packet matches a rule the hardware takes the forwarding action and moves on to examine the next packet.

This is what happens to the traffic when overlaps are ignored. Notice that while the WireShark tool gets all of its traffic because its rule was first in the list, the NikSun and Juniper tools will miss some packets. The Juniper IDS will not see any of the traffic on VLANs 1-6, and the Niksun will not receive packets on VLAN 3. This is bad.

Will You Find the Needle in the Haystack? Visibility with Overlapping Filters

To solve this we need to describe all the overlaps and put them in the right order. This ensures each tool gets a full view of the traffic. The three overlapping filters above result in seven unique rules as shown below. By installing these rules in the right order, each tool will receive a copy of every relevant packet. Notice we describe the overlaps first as the highest priority.

Will You Find the Needle in the Haystack? Visibility with Overlapping Filters

Sounds simple but remember this was a very simple example. Typically there are many more filters, lots of traffic sources, multiple tools, and multiple users of the visibility fabric. As well changes need to happen on the fly easily and quickly without impacting other tools and users.

A simple rule list quickly explodes into thousands of discrete rules. Below you can see two tools and three filters with ranges that can easily result in 1300 prioritized rules. Not something a NetOps engineer needs to deal with when trying to debug an outage at 3am!

Will You Find the Needle in the Haystack? Visibility with Overlapping FiltersConsider a typical visibility fabric with 50 taps, eight tools, and one operations department with three users. Each user needs to not impact the traffic of other users, and each user needs to be able to quickly select the types of traffic they need to secure and optimize in the network.

With traditional rules-based filtering this becomes impossible to manage.

Ixia NTO is the only packet broker that implements Dynamic Filters; other visibility solutions implement rules with a priority. This is the result of many years of investment in filtering algorithms. Here’s the difference:

  • Ixia Dynamic Filters are a simple description of the traffic you want, without any nuance of the machine that selects the traffic for you, other filter interactions, or the complications brought by overlaps.
  • Priority-based rules are lower level building blocks of filters. Rules require the user to understand and account for overlaps and rule priority to select the right traffic. Discrete rules quickly become headaches for the operator.

Ixia Dynamic Filters remove all the complexity by creating discrete rules under the hood, and a filter may require many discrete rules. The complex mathematics required to determine discrete rules and priority are calculated in seconds by software, instead of taking days of human work. Ixia invented the Dynamic filter more than seven years ago, and has been refining and improving it ever since. Dynamic Filtering software allows us to take into account the most complex filtering scenarios in a very simple and easy-to-manage way.

Another cool thing about Ixia Dynamic filter software is that it becomes the underpinnings for an integrated drag and drop GUI and REST API. Multiple users and automation tools can simultaneously interact with the visibility fabric without fear of impacting each other.

Some important characteristics of Ixia’s Dynamic Filtering architecture:

NTO Dynamic Filters handle overlaps automatically—No need to have a PhD to define the right set of overlapping rules.

NTO Dynamic Filters have unlimited bandwidth—Many ports can aggregate to a single NTO filter which can feed multiple tools, there will be no congestion or dropped packets.

NTO Dynamic Filters can be distributed—Filters can span across ports, line cards and distributed nodes without impact to bandwidth or congestion.

NTO allows a Network Port to connect to multiple filters—You can do this:

Will You Find the Needle in the Haystack? Visibility with Overlapping Filters

NTO has 3 stage filtering—Additional filters at the network and tool ports.

NTO filters allow multiple criteria to be combined using powerful boolean logic—Users can pack a lot of logic into a single filter. Each stage supports Pass and Deny AND/OR filters with ‘Source or Destination’, session, and multi-part uni/bi-directional flow options. Dynamic filters also support passing any packets that didn’t match any other Pass filter, or that matched all Deny filters.

NTO Custom Dynamic Filters cope with offsets intelligently—filter from End of L2 or start of L4 Payload skipping over any variable length headers or tunnels. Important for dealing with GTP, MPLS, IPv6 header extensions, TCP options, etc.

NTO Custom Dynamic Filters handle tunneled MPLS and GTP L3/L4 fields at line rate on any port—use pre-defined custom offset fields to filter on MPLS labels, GTP TEIDs, and inner MPLS/GTP IP addresses and L4 ports on any standard network port interface.

NTO provides comprehensive statistics at all three filter stages—statistics are so comprehensive you can often troubleshoot your network based on the data from Dynamic filters alone. NTO displays packet/byte counts at the input and output of each filter along with rates, peak, and charts. The Tool Management View provides a detailed breakdown of the packets/bytes being fed into a tool port by its connected network ports and dynamic filters.

In summary the key benefits you get with Ixia Dynamic filters are:

  • Accurately calculates required rules for overlapping filters, 100% of the time.
  • Reduces time taken to correctly configure rules from days to seconds.
  • Removes human error when trying to get the right traffic to the right tool.
  • Hitless filter installation, doesn’t drop a single packet when filters are installed or adjusted
  • Easily supports multiple users and automation tools manipulating filters without impacting each other
  • Fully automatable via a REST API, with no impact on GUI users.
  • Robust and reliable delivery of traffic to security and performance management tools.
  • Unlimited bandwidth, since dynamic filters are implemented in the core of the ASIC and not on the network or tool port.
  • Significantly less skill required to manage filters, no need for a PhD.
  • Low training investment, managing the visibility fabric is intuitive.
  • More time to focus on Security Resilience and Application Performance

Additional Resources:

Ixia Visibility Architecture

Thanks to Ixia for the article. 

Flow-Based Network Intelligence You Can Depend On

NetFlow Auditor is a complete and flexible toolkit for flow based network analysis, which includes real-time analysis, long-term trending and base-lining.

NetFlow Auditor uses NetFlow based analysis as opposed to the traditional network analysis products which focus on the health of network gateway devices with basic information and overview trends.

Netflow analysis looks at end-to-end performance using a technological approach that is largely independent of the underlying network infrastructure thus providing greater visibility of the IP environment as a whole.

NetFlow Auditor provides an entire team in a box and is focussed on delivering four main value propositions for reporting for IP based networks:

NetFlow Auditor Network Performance

Network Performance

 NetFlow Auditor Network Security

Network Secutiry
NetFlow Auditor Anomaly Detection

Network Intelligence

 NetFlow Auditor Network Team in a Box

Network Accounting

Network Performance

Bandwidth management, bottleneck identification and alerting, resource and capacity planning, asset management, content management, quality of service

Network Security

Network data forensics and anomaly detection, e-security surveillance, network abuse, P2P discovery, access management, Compliance, track and trace and risk management

Network Intelligence

Network Anomaly Detection and Data metrics.

Network Accounting

Customer billing management for shared networks which translates to other costs, invoicing, bill substantiation, chargeback, 95th Percentile, total cost of ownership, forecasting, Information Technology ROI purchases substantiation.

How NetFlow Auditor Shines

Scalability – NetFlow Auditor can handle copious amounts of flows per second and therefore key data won’t be missed when pipes burst or when flows increases. Auditor can analyze large network cores, distribution and edge points. This includes point solutions or multi-collector hierarchies.

Granularity- NetFlow Auditor provides complete drill down tools to fully explore the data and to perform Comparative Base-lining in real time and over long term. This gives users the ability to see Network data in all perspectives.

Flexibility – NetFlow Auditor allows easy customization of every aspect of the system from tuning of data capture to producing templates and automated Reporting and Alerting thus decreasing the workload for engineers, management and customers.

Anomaly Detection – NetFlow Auditor’s ability to learn a baseline on any kind of data is unsurpassed. The longer it runs the smarter it becomes.

Root Cause Analysis – NetFlow Auditor’s drill filter and discovery tool allows real-time forensic and trending views, with threshold alerting and scheduled reporting.

QoS Analysis – NetFlow Auditor can help analyze VoIP impact, and Multicast and Separate traffic by Class of Service and by Location.

Key Issued Solved using Flow-Based Network Management

Absolute Visibility – As businesses use their data networks to deliver more applications and services, the monitoring and managing the network for problems performance can become a challenge. NetFlow Auditor real time monitoring and improve reaction times to solve network issues such as identifying and shutting down malicious traffic when it appears on the network.

Compliance and Risk – System relocations, Business and System Mergers.

Convergence – Organizations that are moving disparate networks to a converged platform in an effort to streamline costs and increase productivity can use NetFlow Auditor to understand its impact on security and to address security blind spots in the converged network

Proactive Network Management – NetFlow Auditor can be used as a tool by Risk Management to reduce risk and improve incident management by comparing normal network behaviours and performance at different times of the day to compare the current problems with a baseline.

Customers include Internet Service Providers, Banks, Education, Healthcare and Utilities such as:

  • Bell Aliant
  • KDDI
  • BroadRiver
  • First Digital
  • NSW Department of Education and Training
  • IBM
  • StreamtheWorld
  • Desjardins Bank
  • Commonwealth Bank of Australia
  • Miami Dade County
  • Miami Herald
  • Sheridan College
  • Mitsui Sumitomo
  • Caprock Energy
  • Zesco Electricity
  • Self Regional Healthcare

Thanks to NetFlow Auditor for the article.

Avoid the VM Blackout: A Guide to Effective Server Monitoring

When it comes to IT services, business value and user satisfaction are both dependent upon the server, network, and applications all working together seamlessly.

Failure to adequately monitor each of these and their interactions, means that you could be flying blind – susceptible to degraded service levels.

While application and network monitoring receive a lot of the attention, it is important to also understand what’s going on with the server.

Virtualization changes the face of service delivery

The environment in which modern services run is complex. Superficially, it appears as though we’ve traveled back to the 1960s, with data centers again appearing like big monolithic constructs (whether cloud or internally hosted) with highly-virtualized server farms connecting through large core networks.

The emergence of virtualized clients (with most computing done remotely) takes the analogy a step further and makes it feel as if we are on the set of “Mad Men” with the old dumb terminals connected to the mainframe.

But that may be where the analogy ends. Today’s IT service delivery is almost never performed in a homogeneous vendor setting—from a hardware or software perspective. Likewise, the diversity of complex multi-tier applications and methods by which they are accessed continues to proliferate.

To learn more, download the white paper.

Avoid the VM Blackout: A Guide to Effective Server Monitoring

Thanks to Network Instruments for the article.

Ixia Study Finds That Hidden Dangers Remain within Enterprise Network Virtualization Implementations

Ixia (Nasdaq: XXIA), a leading provider of application performance and security resilience solutions, announced global survey results demonstrating that while most companies believe virtualization technology is a strategic priority, there are clear risks that need to be addressed. Ixia surveyed more than 430 targeted respondents in South and North America (50 percent), APAC (26 percent) and EMEA (24 percent).

The accompanying report titled, The State of Virtualization for Visibility Architecture™ 2015 highlights key findings from the survey, including:

  • Virtualization technology could create an environment for hidden dangers within enterprise networks. When asked about top virtualization concerns, over one third of respondents said they were concerned with their ability (or lack thereof) to monitor the virtual environment. In addition, only 37 percent of the respondents noted they are monitoring their virtualized environment in the same manner as their physical environment. This demonstrates that there is insufficient monitoring of virtual environments. At the same time, over 2/3 of the respondents are using virtualization technology for their business-critical applications. Without proper visibility, IT is blind to any business-critical east-west traffic that is being passed between the virtual machines.
  • There are knowledge gaps regarding the use of visibility technology in virtual environments. Approximately half of the respondents were unfamiliar with common virtualization monitoring technology – such as virtual tap and network packet brokers. This finding indicates an awareness gap about the technology itself and its ability to alleviate concerns around security, performance and compliance issues. Additionally, less than 25 percent have a central group responsible for collecting and monitoring data, which leads to a higher probability for a lack of consistent monitoring and can pose a huge potential for improper monitoring.
  • Virtualization technology adoption is likely to continue at its current pace for the next two years. Almost 75 percent of businesses are using virtualization technology in their production environment, and 65 percent intend to increase their use of virtualization technology in the next two years
  • Visibility and monitoring adoption is likely to continue growing at a consistent pace. The survey found that a large majority (82 percent) agree that monitoring is important. While 31 percent of respondents indicated they plan on maintaining current levels of monitoring capabilities, nearly 38 percent of businesses plan to increase their monitoring capabilities over the next two years.

“Virtualization can bring companies incredible benefits – whether in the form of cost or time saved,” said Fred Kost, Vice President of Security Solutions Marketing, Ixia. “At Ixia, we recognize the importance of this technology transformation, but also understand the risks that are involved. With our solutions, we are able to give organizations the necessary visibility so they are able to deploy virtualization technology with confidence.”

Download the full research report here.

Ixia's The State of Virtualization for Visibility Achitectures 2015

Thanks to Ixia for the article.