Network Critical - The Window to your Network

I’ve got 99 problems but this GLITCH ain’t one!

We just wanted to share this great blog by Mike Simmonds of Axial Systems, one of our premier partners at Network Critical!


Glitches - you need to measure and monitor your network to spot themIf you can’t see it, you can’t monitor it, and if you can’t monitor it, you can’t measure it, and if monitoring and measuring are not possible, then glitches will happen, people will complain, and your service credibility will be hit.

Deploying a network tap on a copper or fibre Ethernet connection will uncover low level link layer problems such as physical link interruptions, and also accurately mirror layer three, and above, communication protocol issues to your analysis tools as they happen.  This is the ONLY reliable way of seeing the glitches in their native environment and it allows you to discover how issues occur and what they look like on the wire when they affect normal operational behaviour.  This insight lets you set about resolving the root of the issues; other methods of observation simply highlight the sympathetic effects of these types of issue, so you are never really “squaring down” on the cause.

A span or mirror port cannot unearth the cause of ‘errored’ packets, in turn causing multiple retries that simply consume bandwidth and slow everything else held up behind them, or 1G links refusing to run faster than 100M with no-one knowing that it is simply due to a physical link error, amongst a variety of other issues; whereas properly placed network taps will unearth all of these low level types of issues.

With the other problems you have in your 100% “full-on” day, it’s nice to know that you might have 99 other problems, but that network glitch that was addressed with a network tap and just got sorted wasn’t one of them.

Apologies to Jay-Z!

Posted: 11/11/2015 11:23:23 by Global Administrator with 0 comments

Packet Brokers for Net Management and High Availability: Have your Cake and Eat it Too

Have your cake and eat it - Packet Brokers for Net Management and High AvailabilityNetwork availability and network performance are at odds with each other.  In order to maximize network performance for optimum availability and increased throughput, the conventional solution would be to minimize external tools and maximize bandwidth.  The problem with that solution, however, is that higher bandwidth requires aggressive management and vigilant security.  This can only be accomplished by inserting more tools.

The math tells us that availability decreases with each new device that is inserted in-line on the network.  Assume we have two network management tools connected to a link, the availability of the weakest, least reliable device times the availability of the more reliable tool becomes the system reliability.  For example, if device one is available 99% of the time and device two is available 99.99% of the time the system availability becomes 98.99%, less than either device on its own.  This example is one link and two tools.  This serial connectivity can have quite a dramatic impact on availability in larger networks with many links and tools.

IT departments are currently deploying 3-5 network tools per link or group of links in a network running applications such as security, compliance, analytics and performance management.  Further complicating the availability conundrum is the fact that these devices must be taken off-line periodically for feature, firmware and rule updates.

How can network managers utilize the benefits of specialized tools while maintaining high network availability?  The answer to this question is also the answer to the question, “Why is the tap and packet broker market exploding?”  Deploying tools through taps and packet brokers eliminates the serial degradation of availability while increasing the operational efficiency of the connected tools.

Packet brokers act as traffic cops enabling tools to have visibility into network links without the risk of availability degradation.  Taps connect to network links then send the data flow into the Packet Broker for aggregation, filtering and packet distribution.  The tools connect to the packet broker, not directly to the network link.  The taps provide fail-safe connectivity to keep the networks up even if the tool goes down or is taken off-line for maintenance.  The packet broker also provides many sophisticated features that increase network management efficiency and economy, including:

  • Aggregation – This allows many smaller links to consolidate traffic going to a single tool port and enables dramatic savings on expensive tool resources.
  • Load Balancing – This provides for even distribution of packets from a single high-speed link to less expensive tools designed for lower throughput.   It is particularly useful to networks in transition from 1G to 10G links.
  • Filtering – This removes non-critical packets improving the efficiency of the tools.  It is important when monitoring higher speed links where the storage capacity of the tool must be scaled to its computing capacity.

By creating an architecture where tools are connected to networks with taps and managed with packet brokers, network managers can efficiently utilize multiple network tools without impacting network availability.

Network Critical is the premier innovator of TAP and Packet Broker technology. The SmartNA-X and SmartNA-X HD product portfolio offers unmatched simplicity, efficiency, flexibility and value.

Posted: 10/11/2015 14:30:43 by Global Administrator with 0 comments

Why Span’s loss is Taps’ gain

Taps are now a permanent architectural element in network monitoringDuring the last couple of years, there has been a quiet storm brewing in the network monitoring solutions space: the network tap market has been growing dramatically.  The primary driver for this revolution has been broad market acceptance of taps as a permanent architectural element in network monitoring and management solutions.

Why are networks universally transitioning from Span ports to tap solutions?  Here are five key variables influencing this transformation:

  1. Too few Span ports – With the introduction of many specialized network appliances that all need 24/7 link access, there are not enough Span ports to go around.
  2. In-line access – Many new security appliances provide network protection by taking immediate action to resolve threats.  These appliances are installed risk-free on network links by connecting reliable, hardware based in-line taps.  Span ports provide traffic duplication but do not provide real time link access to tools so they are not adequate in supporting these security appliances.
  3. Data switching and port aggregation – As link speeds continue to migrate from 1 Gbps to 10 Gbps and beyond, there is an increasing need to aggregate multiple lower speed links up to higher end tools.  Conversely, there is also a need to distribute packets from core high speed links to multiple lower speed tools.  Packet brokers provide many sophisticated packet distribution features such as filtering unimportant packets and load balancing streams evenly across multiple tools.  Span ports send mirror copies of all the data to a specific destination but do not provide filtering or load balancing.
  4. Packet priority – Taps are designed to pass 100 percent of the packets passing through the tap to the designated monitor port.  Taps are non-blocking and non-buffering.  There is no contention for this traffic and no additional delay added into the network.  Span mirror traffic is the lowest priority traffic in a switch.  If the switch becomes congested with network traffic, Span traffic is dropped and the switch does not tell you what was dropped.  Therefore you never know if all the traffic has reached your analyzer.  How can you have confidence in your analysis if you do not have confidence in your input?
  5. Packet error filtering – Corrupt packets and low layer errors are automatically filtered out by the switch prior to being mirrored to the Span port.  Complete packet analysis needs to see all the packets, even the bad ones.  Span ports do not pass all packets.   

Network Critical, a global innovator of permanent, modular and high speed Taps and packet brokers is leading the network access revolution.  Complete network visibility, from simple access to complex aggregation, selective filtering and high speed core distribution solutions can be found in the Network Critical product portfolio.

As network operators develop plans for upgrading to Next-Generation Firewalls, high speed port aggregation, in-line security appliances and other specialized access applications, Network Critical will be supporting their access requirements.

Posted: 09/11/2015 14:33:44 by Global Administrator with 0 comments