Increase Security & Control Costs During Network Upgrades (by Keith Bromley)

Network Capacity Requirements Are Increasing Rapidly

While COVID-19 may have many legacies, one of them will definitely be an explosion in the amount of network capacity required. Most enterprises are experiencing the need for increased network capacity as 10 Gbps networks are pushed to expand to 40 Gbps or 100 Gbps due in large part to new video-related content.

Companies are seeing increased network capacity and security requirements for various reasons including:

· use of external video conferencing with customers in lieu of site visits

· shift to remote training activities

· massive increase to support remote teleworkers

· increased internal video conferencing for team alignment

· expansion of remote troubleshooting of network links and equipment

· increased employee and customer video clip usage

Visibility Solutions Enable Successful Network Upgrades

Network visibility solutions from Keysight Technologies offer you the help you need to make network upgrades successful. For instance, taps allow you access to data across the network. Data can be aggregated from multiple locations across the network. In addition, taps can be both physical or virtual, which means you can access every piece of data you need.

Network packet brokers (NPBs) are another crucial element for network upgrades. These devices allow you to aggregate data from both taps and SPAN ports as well as deduplicate, filter, and distribute that data to analysis tools. This includes tools running at speeds up to 100 Gbps. Features like deduplication become critically important when network speeds reach or exceed or 40 Gbps. Duplicate data can become excessive at these data rates, especially if a leaf and spine architecture and Bi-Di taps are used. Deduplication within the NPB eliminates unnecessary copies of data, thereby minimizing the amount of traffic a tool must process.

Visibility equipment like NPBs and bypass switches are also critically important to network security. Inline security tool farm complexity can be managed far more easily with an NPB (for load balancing, high availability, TLS decryption) and bypass switches (with heartbeat messaging that improves network continuity). In addition, NPBs are vital to any out-of-band security solutions like IDSs and DLPs by giving those tools access to the packet data they need to see security threats.

Controlling Costs and Maximizing the ROI From Your Upgrade

Key factors for any deployment are to reduce costs, control spending, and gain additional benefit from your network.

When deployed correctly, Keysight’s visibility solutions enable you to experience the following benefits:

· Reduce your monitoring tool upgrade costs by using an NPB to load balance data across multiple (lower rate) tools. This capability allows you to spread high-speed data across existing lower rate tools thereby delaying new tool purchases to a future budget cycle.

· Deploy enhanced survivability options, such as the ability of the Keysight NPB, to load balance data across multiple monitoring tools to create an n+1 (up to n+n) option that strengthens business continuity.

· Derive additional insight from your metadata. This includes the ability to analyze network flow data information as well as capture device type, user browser type, and geolocation of devices on the network.

Figure 1. Example of load balancing using a network packet broker.

Reach out to me (Keith Bromley) and I, along with my team, can show you how to optimize your data collection and monitoring solutions so that you can clearly achieve your goals while controlling costs. Alternatively, you can see for yourself how Keysight’s solutions can significantly enhance your company’s security architecture!