command your data center - net optics/ixia

COMMAND YOUR DATA CENTER

How to Thrive In the Changing Landscape The demands to virtualize, scale, and implement new applications while conducting security, forensics, compliance and performance monitoring activities are adding to the list of hurdles facing IT teams.

These network visibility best practices provide insights into the solutions needed to manage and optimize network monitoring to solve many of these challenges.

Best Practices Guide I Data Center

NETWORK VISIBILITY PRESSURESAs the network becomes critical to the success of an organization, network security and performance groups are challenged to gain greater insight into that network. Network administrators must enable access to network traffic for the monitoring tools used by these teams. IT trends such as increased reliance on SaaS applications, BYOD and the transition to 10/40/100G are also increasing complexity and vendor diversity within the data center. Meeting these challenges calls for an increasingly broad set of monitoring tools, which frequently require visibility into specific network segments or types of traffic. For these tools, 100% visibility of network traffic is vital to effectively securing and monitoring the network.

*Source: Net Optics survey of 1,235 IT professionals conducted at RSA 2013 Conference

Monitor and manage application performance throughout the network

Improve network bandwidth utilization

Improve cyber-threat identification and response

Optimize performance of network hardware

Meet regulatory compliance requirements

Improve the accuracy of network design

Enhance existing and future network topologies

Evaluate ability of network to accommodate additional applications and traffic

31%

16%

11%

10% 6%

9%

8%

9%

CHALLENGEDRIVING THE NEED FOR NETWORK MONITORING* SOLUTION

Network Layer

Instrumentation and Tool Layer

Security Team Performance Team

BYPASS SWITCHES AND NETWORK TAPS

Inline Fail-SafeNetwork Access

Access, Aggregation andRegeneration

PerformanceMonitoring

SecurityMonitoring

Visibility Layer

Network Layer

??? ??

?




SecurityMonitoring

SPAN

x

Network Layer


?? ? ?

??

FAIL-SAFE ACCESS AND 100% VISIBILITYNet Optics access products, including Network Taps and Bypass Switches, provide passive and fail-safe access for tools deployed in either inline (IPS) or out-of-band (IDS) configurations. Utilizing Network Taps, Aggregation and Regeneration Taps, Bypass Switches, and Virtualization Taps, network admins are able to evolve beyond zero or limited SPAN visibility. 100% network visibility allows teams to analyze the specific traffic of interest they require in order to monitor and secure the network.

PHASE I: NO VISIBILITYNetwork management teams initially lack visibility into the network and the insight needed for effective security and performance monitoring.

PHASE II: SPAN / PORT MIRRORING VISIBILITYUsing SPAN or Port Mirroring provides limited visibility into the network but is susceptible to oversubscription and mis-configuration.

PHASE III: 100% VISIBILITYNet Optics Access products provide a ‘Visibility Layer’ to the network to achieve 100% visibility.

CHALLENGESOLUTION

Learn more about Network Taps, visit the Network Tap web page.

OPTIMIZATION OF NETWORK SECURITY AND PERFORMANCE MONITORING TOOLSWhen network monitoring solutions are deployed as isolated point solutions or configured to receive non-optimized traffic, they are susceptible to degradation in their efficiency and effectiveness. Increasing network speeds and application diversity also creates new hurdles. Network administrators are faced with the challenge of ensuring that their network monitoring infrastructure is manageable, comprehensive and optimized to perform under these diverse loads without affecting network performance.

*Source: Net Optics survey of 822 IT professionals conducted at CiscoLive 2013 Conference

CHALLENGE

100G

40G10G

1G100M

10G, 40G AND 100G NETWORK EQUIPMENT SHIPMENTS GREW 62% IN 2012

DATA CENTER INTERFACE SPEEDS HAVE SOARED SINCE 2000, WITH NO END IN SIGHT

TOP 3 STRATEGIC GOALS FOR NETWORK MANAGERS*

2000 2009 2015 2019 2022

UPGRADE IT INFRASTRUCTURE

ENABLE ROLL-OUT OF NEW TECHNOLOGIES

IMPROVE USER EXPERIENCE

34.8%

34.6%

34.4%

SOLUTION

CHALLENGE

Network Layer (Location 2)


Network, Security & Performance Management Teams

SecurityMonitoring

ComplianceMonitoring Application

Monitoring


NETWORK PACKET BROKERS (NPB)

Load BalancingAggregation andRegeneration

Packet Filtering

Network Layer (Location 1) Network Layer (Location 3)

Optimized Network Monitoring Tra�c










SOLUTIONCENTRALIZED CONTROL AND OPTIMIZATION Net Optics Total Visibility Solutions provide a layer of control as to which tool receives specific traffic. Capabilities such as flow-mapping, de-duplication, aggregation, filtering and load-balancing optimize network traffic before it reaches a monitoring tool. The benefits of adding this Visibility Layer to your deployment include: manageability, reduced overhead, increased utilization and better performance from your entire set of network monitoring tools. High Availability (HA) configurations are also possible for your monitoring deployment, a major benefit for networks under pressure to deliver always-on performance.

Learn more about Network Packet Brokers, visit the NPB solutions web page.

CHALLENGEMONITORING INTER-VM TRAFFIC WITH EXISTING SECURITY AND PERFORMANCE TOOLSData Centers are on the path to either converged or full virtualization. However, many monitoring tools designed for traffic flowing over the physical network don’t have the ability to inspect traffic between two Virtual Machines. Not only does this situation leave security administrators blind to possible malicious activity within this growing segment of the network, but achieving an integrated approach to total network visibility becomes next to impossible. Achieving visibility into your virtualized traffic that is comparable to that of your physical network requires extensive redeployment—or the purchase and implementation of an entire new set of virtualization-specific tools.

*Source: Net Optics survey of IT professionals conducted at VMworld2013 Conference

SYSTEM/VM ADMINISTRATOR’S MOST IMPORTANT SECURITY CHALLENGES*

1

2

3

Preventing sensitive data from creeping into less secure virtual environments

Integrating virtualization security with current physical security tools and practices

Maintaining compliance with

regulatory and audit requirements

SOLUTION

VIRTUALIZATION TAP FOR TOTAL VISIBILITY AND HYPERVISOR SUPPORT Net Optics Phantom Virtualization Tap™ bridges the physical and virtual, so that you can monitor the virtualized network with your existing set of tools. Phantom is capable of capturing and then sending inter-VM traffic of interest to the tools that are already monitoring your physical network.

The landmark Phantom Virtualization Tap supports all best-of-breed hypervisors. It works not only in ESX environments (“VMsafe Certified”) and with internal VMware vSwitches, but also with the Cisco Systems Nexus 1000V virtual switch; MS Hyper-V 2012, Xen, Oracle VM and KVM hypervisors. Simple to deploy and engineered for the virtual environment, the Phantom Tap extends the visibility of your monitoring tools into the blind spots created by virtualization.

Learn more about Phantom Virtualization Tap, visit the Phantom product web page.

CHALLENGE

Network Layer Virtualization Layer



SecurityMonitoring


Monitoring




Packet Filtering





VIRTUALIZATION TAP

Source PacketFiltering

VirtualizationTap

EncapsulatedTunneling

SOLUTION

CHALLENGEMANAGING NETWORK PERFORMANCEToday’s network administrators face the challenge of meeting increasingly stringent SLAs that call for increased reliability and uptime. To quickly identify existing or potential issues that might affect uptime, the network team requires monitoring tools that provide a comprehensive view of data center performance—including every packet traversing a host and all inter-vm traffic. Monitoring to ensure peak network performance is key to consistent application delivery and a quality end-user experience.

*Source: Net Optics survey of 312 IT professionals conducted at Interop Las Vegas 2013 Conference

>20HOURS

AVERAGE TIME SPENT PER WEEK BY NETWORK ADMINS TROUBLESHOOTING NETWORK ISSUES*

19%OF TIME IS SPENT

MEASURING LATENCY

AND DELAY

19%OF TIME IS SPENT

MONITORING BANDWIDTH

CONSUMPTION56%OF RESPONDENTS FEEL

LIMITED BY THE QUALITY OF

INFORMATION PROVIDED BY EXISTING

MONITORING TOOLS

24%OF TIME IS SPENT

DETERMINING ROOT

CAUSES

CHALLENGENET OPTICS SPYKE BRINGS INSIGHT AND PERFORMANCE MANAGEMENT TO YOUR NETWORKQuick and easy to install and configure, this sophisticated yet simple solution offers your data center the ability to discover, diagnose and resolve problems before they can damage your core business. With practically no learning curve, the Spyke™ Application-Aware Network Performance Monitoring (AA-NPM) solution reduces operations costs even as it cuts time spent on problem identification and resolution.

Spyke uses DPI technology and root cause analysis to let users drill down instantly from high-level metrics to granular detail of every application and function, plus track bandwidth usage. You can identify actual user names and individual VoIP calls, and gain deep transparency into email traffic—all at a glance. This vital information can lower your MTTR substantially. Spyke does it all through a “single pane of glass” interface for ultimate convenience and control.

Learn more about Spyke, visit the Spyke product web page.

3 KEY STEPS TO NETWORK TROUBLESHOOTING AND RESOLUTION

PROBLEM DETECTION

Is there a problem in your network? Net Optics Spyke provides network managers insight into the current status of their network to know whether a problem exists.

PROBLEM ISOLATION AND DIAGNOSIS

Spyke’s ability to drill down into protocol, device, server or client data allows network managers to quickly identify the location, scope and nature of a network issue.

PROBLEM RESOLUTION

Gaining awareness of any network issues, their nature and causes helps network managers rapidly respond and resolve those issues.

Network Layer

Network Performance Management Teams

APPLICATION AWARE NETWORK PERFORMANCE MONITORING

Problem Identi�cation

BandwidthMonitoring

VoIP QualityMonitoring

!

Visibility Layer

1

2

3

SOLUTION

COMPLEX NETWORK SECURITY DEPLOYMENTS ACROSS MULTIPLE LOCATIONSAs they add virtualized infrastructures, organizations must also build in management layers to protect the data traversing those networks. For many, the effort to unify and centralize the management of monitored traffic becomes a nightmare.

*Source: Net Optics survey of 1,216 IT professionals conducted at RSA 2013 Conference

WHAT SECURITY PRACTICES ARE YOU IMPLEMENTING?*

70.9% Firewalls

48.0% Data encryption

34.4% Endpoint protection (antivirus, anti-spyware)

32.3% Email security/spam filtering

31.3% Gateway antivirus/anti-malware

30.6% Intrusion prevention/intrusion detection

24.2% Web application firewalls

24.0% Vulnerability assessment/penetration testing

21.2% Wireless security

21.1% Log analysis/security event management/security information management

19.7% Data loss prevention

19.1% Identity management

18.2% VPN

12.2% Strong passwords

11.9% Patch management

7.6% End user awareness programs

4.8% Network access control

4.5% Secure development processes/source code auditing

4.3% Portable-device security

CHALLENGESOLUTION

UNIFIED VISIBILITY MANAGEMENTNet Optics Indigo Pro™ is a unified management platform that enables centralized monitoring and configuration of few or many Net Optics devices, including network controller switches, Network Packet Brokers (NPBs), physical and virtual network taps and third party devices. From a single management console, Indigo Pro provides device configuration and element management, event and fault management, bulk upgrades of device software, an integrated device view, and rich graphical visualization of network statistics.

Using Indigo Pro together with Net Optics taps, controller switches and NPBs simplifies administration complexity associated with configuring and upgrading each device separately. This capability helps organizations attain a higher ROI gained from overall time and cost savings.

Automatic Discovery

Indigo Pro automatically identifies supported Net Optics and third-party devices throughout the network and quickly adapts to any device added, removed or taken offline. A dynamic topology map displays the devices and provides detailed device status and configuration information. This allows for easy deployment and immediate access to managed devices.

Device Configuration Management

Indigo Pro provides many configuration options, including filter settings, port management, user authentication, software updates, event management and graphical display of network activity. These enable complete visibility and control over the data flowing in and out of supported Net Optics devices and optimize administration and maintenance.

Learn more about Indigo Pro, visit the Indigo Pro product web page.

CHALLENGE

VISIBILITYMANAGEMENTSYSTEM (VMS)


VIRTUALIZATION TAPSource Packet

FilteringVirtualization

TapEncapsulated

Tunneling



SecurityMonitoring


Monitoring




Packet Filtering


BYPASS SWITCHES AND NETWORK TAPS Inline Fail-SafeNetwork Access


SOLUTION

RAPIDLY EVOLVING NETWORK THREATSNetwork security demands Defense in Depth, an approach that keeps the network ahead of proliferating threats. Defense in Depth calls for multiple security systems working together and delivering instantaneous feedback for conducting forensics. Defense in Depth strategies combine, cascade and join multiple security solutions to work in concert transparently. Each component of this solution addresses specific risk factors and attack vectors. The next evolutionary step in Defense in Depth strategy will address the need for various security layers to respond dynamically to a detected threat. They can then reorganize or re-deploy in the ideal configuration for eliminating or minimizing that threat.

Centralized Controller

(SDN)Management

Policies and RulesIndustry Standards

Network Packet Broker

Network VisibilityThreat Mitigation

Agility

CHALLENGE

AGILE SECURITY RESPONSE Security-Centric SDN: A Scalable, Cost-Effective Security Architecture

Net Optics Security-Centric SDN enables the scaling of existing security and other monitoring tools without a costly overhaul. An organization can now achieve total network visibility and protection across the entire breadth and depth of physical, virtual, and private cloud environments.

This new approach separates network elements from security and monitoring devices; it also enables automation and provisioning of monitoring applications and tools based on real-time traffic behavior. Security-Centric SDN provides end-to-end network monitoring and improves security, along with simplifying operation.

Security-Centric SDN marries an SDN controller with NPBs and a customer’s chosen security tools. NPBs, with their ability to “chain” solutions, integrate multiple systems, and distribute traffic, provide the ideal means for provisioning a dynamic response. Such chaining of security solutions supports and enables Defense in Depth. It embodies dynamic attack monitoring; the use of NPBs for traffic distribution; and use of the network controller for assessing the network, provisioning SDN, and reacting to network activity.

Learn more about Security-Centric SDN, download the eBook “Security-Centric SDN - A New Approach to Implement Network Security That Works.”

SecurityEnforcement

SecurityMonitoring


VIRTUALIZATION TAP

Source PacketFiltering

VirtualizationTap

EncapsulatedTunneling

SDN CONTROLLER

NETWORK PACKETBROKER

Centralized Management

Automated ProvisioningDefense in DepthHigh Availability




CHALLENGESOLUTION

APPLICATIONCONTROL

SERVICEASSURANCE TROUBLESHOOTING

AGGREGATION ANDREGENERATION FILTERINGLOAD BALANCE

INTER-VMMONITORING

HYPERVISOR ANDvSWITCH AGNOSTIC

FILTERING ANDTUNNELING

AGGREGATION ANDREGENERATION

FAIL-SAFENETWORK ACCESS

TOTAL APPLICATION AND NETWORK VISIBILITY™

APPLICATION AWARE NETWORK PERFORMANCE MONITORING (AA-NPM)


VIRTUAL AND CLOUD

NETWORK TAPS AND BYPASS

VISIBILITY MANAGEMENT SYSTEM (VMS)

ORGANIZATIONAL GROUPS

Performance

Security

Audit andPrivacy

IT and NetworkOperations

IT / ServerAdministration

Forensics

NETWORK INFRASTRUCTURE

Data Center

Remote Branches

Virtual Network

Private Cloud

THE NET OPTICS VISIBILITY ARCHITECTURE FOR ENTERPRISE NETWORKS

VISIBILITY ARCHITECTURE Net Optics delivers scalable, end-to-end visibility solutions to achieve peak performance and optimization of your physical, virtual, private cloud, and branch office monitoring deployments.

Total application and monitoring visibility lets you overcome threats, prevent data loss and deny unauthorized use. Net Optics’ plug-and-play AA-NPM, NPB, Virtual/Cloud and Visibility Management System solutions deliver quick results and time-to-value with a convenient, easy-to-use interface.

As your user base and data volumes grow, our compact and scalable solutions keep your network monitoring deployments cost-efficient and productive.

Learn more about Net Optics Visibility Architecture, watch the video.

The Net Optics network visibility architecture enables you to streamline and manage network and performance monitoring.

TOTAL

DISCOVER HOW DATA CENTERS ARE USING NET OPTICS SOLUTIONS TO RAISE PERFORMANCE AND PRODUCTIVITY WHILE LOWERING COST

www.netoptics.comNet Optics is the leading provider of Total Application and Network Visibility solutions that deliver real-time IT visibility, monitoring and control. As a result, businesses achieve peak performance in network analytics and security. More than 8,000 enterprises, service providers and government organizations—including 85 percent of the Fortune 100—trust Net Optics’ comprehensive smart access hardware and software solutions to plan, scale and future-proof their networks through an easy-to-use interface.

5303 Betsy Ross Drive

Santa Clara, CA 95054, USA

Tel: +1 (408) 737-7777

www.netoptics.com

TOTAL APPLICATION

AND NETWORK VISIBILITY

TOTALSOLUTION

Net Optics® is a registered trademark of Net Optics, Inc. Copyright 1996-2014 Net Optics, Inc. All rights reserved. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.