Advanced Monitoring using Physical Layer Devices
Enterprise Network Aggregation and Filtering Switches
Many physical layer network devices are deployed when connecting a monitoring solution to a network. They may be called network taps, passive taps, physical layer switch, intelligent network monitoring switch, monitoring switch, aggregation switch, physical layer switch, filtering switch and network packet broker.
The monitoring solutions such as protocol analyzers, intrusion detection, intrusion prevention, or application monitor have one thing in common, and that is the tool must look at packet information.
A comprehensive and effective advanced network monitoring service program in a modern enterprise data center involves complex and subtle understanding of the nature of Ethernet networks. Network engineers must be sensitive to issues of data security, application performance, and business requirements. To achieve 100% network visibility and direct the right data to the right tool, advanced monitoring switches offer features such as packet aggregation and filtering, packet slicing and de-duplication, data rate conversion and load balancing. These features are not widely understood, even among many networking professionals.
Intelligent Network Monitoring
In the standard network monitoring paradigm, each monitoring point in the network is associated with a specific analysis, intrusion detection, intrusion prevention, or recording tool. In many cases, there is no specifically assigned tool and a portable analyzer is moved between monitoring ports for temporary use.
Intelligent Network Monitoring involves many advanced monitoring features developed to support 100% network visibility:
Packet aggregation is simply the merging of multiple data streams from SPANs and Taps, creating a single unified data stream that can be routed to a monitoring tool. APCON IntellaFlex blades support flexible any-to-any packet aggregation for increased monitoring tool efficiency.
Packet slicing and packet de-duplication are designed to clean up aggregated data streams and reduce the volume of data delivered to a given monitoring tool. In many cases only the packet header is analyzed, so packet slicing removes the packet payload, delivering only the required data. Packet de-duplication removes duplicate copies of packets that are generated by SPAN and Tap data sources.
Time stamping enables network engineers to precisely measure network latency on a packet-by-packet basis. Latency-sensitive services such as high-speed stock trading, VoIP, and video streaming all require a network monitoring system that can accurately measure latency.
Data rate conversion, filtering, and load balancing allow you to monitor 10G links with less expensive 1G tools. By filtering out irrelevant packets, changing the data rate, and dividing a high-bandwidth data stream among several similar tools, equipment purchases may be delayed or eliminated.
Advanced Monitoring Services
By aggregating data streams from across your network and routing filtered output streams to your tools, you can achieve maximum utility from your existing tool set.
Advanced network monitoring services such as packet slicing, packet de-duplication, data rate conversion, and load balancing allow you to save capital expenses such as expensive 10G tools. By reducing the volume of data to just the information needed for each tool, you can monitor new 10G links with existing 1G appliances.
Application of TAP's and Monitoring Switches
Monitoring Virtualized Environments
Enhanced Network Security