Network Critical - Home
Italian
German
French
English
English
Language
EUR
+44 (0) 1189 543210
USA
+1 716-558-7280
LinkedIn
YouTube
Wordpress
Facebook
Twitter
Home
Products
Smart Network Access Modular System (SmartNA™)
Breakout/ Aggregation/ Regeneration TAPs
Aggregating Backplane TAPs
Fully Configurable Filtering TAPs
Virtually Inline (V-Line™) Bypass TAPs
10 Gigabit Products
Virtually Inline (V-Line™) Bypass TAPs
Fixed Products
Solutions
Network Analyzers
Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS)
Bandwidth Management
Computer Forensics/Data Capture
Content Filtering
Data Leakage Prevention (DLP)
Lawful Interception
News/Events
Latest News
Articles
Whitepapers
Press Releases
Newsletters
Events
Case Studies
Webinars
Partners
Technology Partners
Support
Open a Support Case
Resource Library
FAQs
What Are TAPs?
How To Videos
Application Drawings
End of Life Policy
RoHS Statement
About Us
Contact Us
Testimonials
Awards
Green IT
Careers
Search for:
Articles
News/Events
Latest News
Articles
Whitepapers
Press Releases
Newsletters
Events
Case Studies
Webinars
Get the
Network Critical (NetworkCritical) on Twitter
widget and many other
great free widgets
at
Widgetbox
! Not seeing a widget? (
More info
)
Cloud Pilot Architecture
Wednesday 27 July 2011
Many Service Providers (SP) are considering plans to provide cloud computing services.
This new business model allows SPs to increase ARPU, add to their service offerings, differentiate themselves from their competitors, increase their customer base and become a strategic partner to their large business customers. This move makes perfect business sense and much of the infrastructure is already in place.
However, as these Service Providers moves from a model of information transit to comprehensive information management there are many new issues to be addressed.
In the information transit model, the Service Provider SLA includes such guarantees as acceptable delay, network availability, bandwidth allocation and QoS parameters. In the new cloud model, the Service Provider becomes an Information Manger as well. Customer data is now resident on SP servers and located in SP data centers. Access must be managed and secured; the data must be protected and partitioned accurately and absolutely.
The provider of cloud services is now responsible for the protection of their customer’s data, not only the transit of that information.
There are high level business process models being discussed in the
TM Forum
today as well as a wide variety of high level business model issues that need to be addressed. However, time to market will be a key determinant of who will be the leaders and who will be the laggards in this new frontier. In addition to understanding the business practices surrounding this new opportunity, it is important for SP’s to get their feet wet sooner rather than later. It is necessary to find some willing and friendly customers to pilot cloud models and to patiently work through the inevitable hitches and snags that will be present in any new service.
When company data is involved, however, it is important that the access to this content is protected and the information flow is understood.
Fortunately, there are many excellent tools available today that can help manage, analyze and protect network data flows. There are three key areas of information flow that need to be closely managed:
1. Ingress information –
Access from outside the cloud must be managed and secured to prevent attacks and malicious programs. Specialized tools for this fall into the IPS/IDS category.
2. Egress information –
Attacks do not always come from external sources. Many SP and client company employees will have access to the network, the servers and company information for a variety of reasons. These authorized users include, SP service and support technicians, network engineers and managers are a just few. Any one of this group has the potential to maliciously or accidentally compromise confidential and proprietary data. There are tools to prevent data leakage that fall into the appliance group called DLP.
3. Network Forensics –
It is important to understand application performance, network performance and overall data flow. There are many sniffers and probes available to analyze and report on network activity and performance. These are the base line appliances necessary for management of any network.
There are other tools to manage such issues as regulatory compliance, consumer experience management, network performance and others. By simply focusing on the three tools above, we can cover attacks from outside the firewall, breaches from inside the firewall, and overall comprehensive network analysis.
There are two primary ways for these tools to connect to network links. First is to directly connect each appliance inline on the link.
This is where you connect the tool between the router and the switch directly in the path of the data flow. This allows all the data to flow through the tool. The tool can then analyze the data and perform protective functions when is sees anomalies or rule violations.
However, there are two problems with this method.
First, is simply that the more potential points of failure you insert into a link, the higher your probability of failure becomes. Second is that these appliances are very intelligent, software intensive products. With any stacked software product, and with embedded hard drives, “stuff happens.” Further, as rules need to be updated or new versions are released, the product must be taken off-line for updates and reboots. The constant scheduling of network downtime is unacceptable in many of today’s 7/24/365 networks.
The solution is to connect a hardware based tap inline on the network link.
Being hardware based products with no software operating system, taps are inherently very reliable. Beyond this, taps have fail-safe technology built in that will maintain the network link even in the event of a power failure to the device.
When you have a tap inserted into a network link you have many options available for connecting appliances or network tools. Depending on the function of the tool, it may need to see the data real time as it flows through the network or it may need to only look at a mirror copy of the data out of band. In either case, the ports needed to connect all these appliances are available using a network tap.
Taps can aggregate the information from many links to a single tool. This provides efficiency and potentially huge savings in the procurement of the necessary network appliances.
The use of regeneration features in a tap allow for the same data on a link to be sent to many different appliances. Finally, by using filtering and distribution techniques, the tap can provide only the pertinent information to each tool as needed. This enhances the speed and efficiency of operation for the network tools.
The new leaders in cloud services will jump in quickly with pilots and beta customers to develop and test real product and service offerings. These market leaders will have the advantage of experience, brand awareness and an early customer base as competitive offerings start to crowd the market. In order to become an early leader in this market, the time to develop cloud services and plan for a reliable and secure network infrastructure is right now.
Learn more about Network Critical’s reliable line of TAPs, visit our
Products Page
.
Contact Us
Name
Company
Email
Phone Number
Country
Afghanistan
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bermuda
Bhutan
Bolivia
Bosnia-Herzegovinia
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Canada
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Congo
Cook Islands
Costa Rica
Croatia
Cuba
Cyprus
Czech Republic
Denmark
Djibouti
Dominica
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guinea
Guinea-Bissau
Guyana
Haiti
Heard and McDonald Islands
Holy See
Honduras
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Ivory Coast
Jamaica
Japan
Jordan
Kazakhstan
Kenya
Kiribati
Korea (Democratic Republic of)
Korea (Republic of)
Kosovo
Kuwait
Kyrgyz Republic
Laos
Latvia
Lebanon
Lesotho
Liberia
Libyan Arab Jamahiriya
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia
Moldavia
Monaco
Mongolia
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Norway
Oman
Pakistan
Palau
Panama
Papua-New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Re union
Republic of Dominica
Romania
Russian Federation
Rwanda
Saint Helena
Saint Kitts and Nevis
Saint Lucia
Saint Pierre and Miquelon
Saint Vincent and the Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
Spain
Sri Lanka
Sudan
Suriname
Svalbard and Jan Mayen Islands
Swaziland
Sweden
Switzerland
Syrian Arab Republic
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Turks and Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United Kingdom
United States Minor Outlying Islands
Uruguay
USA
Uzbekistan
Vanuatu
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis and Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zaire
Zambia
Zimbabwe
Zip/Post Code
Enquiry
Verification