Thursday, 22 December 2016

Network Visibility: More than Just Simple Management

Tags

It seems like virtually everyone is aware of the need for greater network visibility these days, but there is very little guidance, other than from vendors selling products, as to what should be monitored, and how.

On a basic level, network visibility is about not only tracking the interplay of switches, routers and other devices, but drilling deep into network traffic and implementing deep packet inspection to glean a wealth of information regarding the carriage of enterprise data.

This offers a number of benefits beyond mere network management, says AGC Research analyst Robert Haim. Yes, it helps with resource planning and allocation, as well as fault resolution and service recovery, but it also goes a long way toward ensuring top application performance and customer satisfaction, not to mention improved security and access authorization. In addition, strong network visibility can help improve the effectiveness and extend the lifecycles of legacy monitoring systems, as well as the advanced analytics engines that are starting to leverage Big Data to optimize increasingly complex data flows.
 Indeed, from a vendor perspective, the race is on to provide the deepest levels of visibility on the block. Ixia recently expanded the capabilities of its CloudLens platform with the Virtual Packet Broker (vPB) to allow admins to peer into virtual network traffic across their private clouds. The system is intended to address the connectivity and dynamic workflow characteristics that arise with east-west, M2M traffic, particularly as volumes start to overwhelm traditional monitoring tools. The system provides data aggregation, filtering, dedupe and a host of other functions using a virtual appliance that can be deployed in conjunction with dynamic virtual networks.

Meanwhile, Brocade just added new visibility features to the SLX switch family to support the expanded Workflow Composer automation suite. The aim is to deliver broad network agility at all layers of the data center stack, allowing users to define the parameters of their networking environments and quickly adapt to new technologies and service models as they arise. Visibility is managed through the SLX Insight Architecture, which is embedded onto every switch and router in the network to provide rapid fault location and remediation. Some models like the SLX 9140 and 9240 also include a programmable ASIC that extends visibility from physical layers to virtual networks and workloads.

Different enterprises, and even different workloads, will have different needs when it comes to visibility, of course, but in general it should be implemented as a core networking function for both management and security purposes, says APCOM CEO Richard Rauch. A key element in the desire to peer directly into network traffic is the deployment of TAP (test access points) and SPAN (switch port analyzers) on all nodes. This provides full visibility in real time of both physical and virtual traffic and, provided the monitoring is kept out-of-band, ensures that data flows will not be impeded.

It might be tempting to think that too much visibility is just as bad as too little. But issues regarding data overload diminish once network management is placed on an automated footing. In fact, a steady flow of monitoring information is likely to prove vital in the near future as data environments learn to adapt and change to dynamic application requirements on the fly.



The old adage “you can’t monitor what you can’t see” is proving to be particularly accurate as network environments become more distributed and abstract, which is why the enterprise must deploy increasingly sophisticated technologies as their data footprints extend beyond the data center walls.

And since much of this distributed networking infrastructure is built and maintained by third-parties, the only way to know what’s really going on out there is to monitor traffic.


EmoticonEmoticon