By Zeus Kerravala , Network World |
Zeus Kerravala is the founder and principal analyst with ZK Research, and provides a mix of tactical advice to help his clients in the current business climate. Network Traffic Mapping
Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.
Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.
The problem with this is that managing an environment where everything connects to everything isn’t realistic (see top image below).
Enter the world of the network packet broker. These devices sit between the infrastructure and tools layer, so each tool plugs into the NPB once, as does each infrastructure element (bottom image). This greatly simplifies deployment and management of tools.
Also, adding new tools simply requires plugging into the NPB. Another benefit is that upgrades can be done easily, as the tool can be taken off line, the interface upgraded and plugged back in. This minimizes any disruption from the operations of the business.
Over time, NPBs have evolved in both their capabilities and their strategic value. The following are the different evolutionary phases for NPBs:
The current crop of NPBs plays a critical role in enabling businesses to perform several functions, such as moving to a virtual network, upgrading the network, and cost-effectively adding more advanced tools. However, infrastructure evolution continues to march on, and now it’s time for next-generation NPBs.
Next-generation NPBs are designed to meet the needs of digital businesses. A good analogy to consider is the evolution of application delivery controllers (ADCs). They started as simple load balancers and then added advanced load-balancing capabilities to become ADCs. After several years, security and cloud capabilities were introduced, and the product category shifted to advanced ADCs. The same trend is happening with NPBs as they evolve to next-generation NPBs.
Several vendors play in the NPB market today, but not all of them are equal. Most are basic products that offer the core set of features that every NPB should have today. These include:
A few vendors have stepped ahead of the rest of the field and offer products with capabilities that make it easier to deploy and upgrade tools, manage the end-to-end environment, understand user behavior, and help businesses protect themselves. This has driven the need for a new set of features. The below features define next-generation NPBs:
The form factor of NPBs also needs to change. A traditional NPB is a hardware appliance; these are still required when guaranteed performance is a must. However, this form factor must now be augmented by others that bring the functionality to cloud and virtual environments. This augmentation will enable organizations to extend the NPB functions to public, private and hybrid cloud environments, giving businesses true end-to-end visibility.
As the number of NPBs expands, the ability to manage them as discrete entities becomes increasingly difficult. Centralized management capabilities will give IT professionals the ability to make a single change and then propagate it across every next-generation NPB at once. Lastly, automation and orchestration capabilities would allow changes to be made to the next-generation NPB when a business policy dictates without having to involve IT operations. Over time, automation, orchestration, and a closed-loop data exchange will give rise to the vision of intent-based operations for next-generation NPBs, where business policies will dictate configuration changes.
The advanced capabilities of next-generation NPBs are critical to the success of digital organizations. If an organization wants to move quickly, the limited feature set and manual nature of operations in traditional NPBs will hold the business back. Next-generation NPBs modernize the packet broker and align it with current trends.
Next read this: 9 career-boosting Wi-Fi certifications What is MPLS, and why isn't it dead yet? 11 ways to list and sort files on Linux 5 free network-vulnerability scanners How-to measure enterprise Wi-Fi speeds
Zeus Kerravala is the founder and principal analyst with ZK Research.
Copyright © 2018 IDG Communications, Inc.
Inline Security Appliance Copyright © 2023 IDG Communications, Inc.