Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Intelligent Filters, the Modern Data Traffic Cop

Modern Networks Need Smart Filtering Tools that Boost Performance of Monitoring, Analytics and Security

Modern Networks Need Smart Filtering Tools that Boost Performance of Monitoring, Analytics and Security

The popularity of Software-as-a-Service (SaaS) applications combined with continuous additions of newly networked devices have added a strain to the traditional data center making it crucial for businesses to better manage the growing volume of network traffic. According to Cisco, annual global data center IP traffic will reach 10.4 zettabytes by the end of 2019, up from 3.4 zettabytes per year in 2014—that’s a three-fold growth in five years. Overall, data center workloads are expected to more than double by 2019. This will surely raise problems within the organizations accessing them if not properly managed.

Organizations that establish a solid network foundation today will out-secure, out-perform and outgrow their competition. That foundation starts with better management, control and filtering of traffic within highly congested data centers. Like designing traffic control systems to avoid vehicle gridlock at rush hours, a proper network foundation does the same for your data. Technologies like network packet brokers (NPBs) have emerged to address these issues, but just like your experience on your commute to work, some traffic control approaches are more effective than others. Here’s how can you tell the difference.

Facing the Need for Change 

Network Data CenterMonitoring and securing modern network flows requires granular insight, only possible through sophisticated and automated analytics and security tools. It is no longer feasible to manually monitor and protect our networks without these tools, but each analysis, compliance and security appliance also add layers of complexity. That complexity could end up costing more than it contributes if it is not configured smoothly into the network. Enter smart filtering solutions.

Security and analytics tools can add a lot of value to your business—if they actually see the data they are supposed to see. But that’s no longer easy. Today, the goal is to gather, identify and intelligently distribute data in a way that gives simple but impactful choices to the network or security administrator. Sending every piece of data to every tool is not an effective solution. Why should each tool sift through an entire haystack of data looking for a needle when you can easily remove half before your search?

Sure, this may sound optional. Many could get by for months or even years without implementing any kind of intelligent filtering. They would just spend more time sifting the reams of data and false alerts at their tool end points. But there’s a better alternative: collect the data completely, then filter it intelligently. 

For out-of-band performance monitoring, intrusion detection systems or analytics, network taps are used to replicate data flowing across individual segment points and send it to the necessary tools. Depending on where the taps are placed, you could end up with as much as 50 percent or more duplicate packets that each tool would then need to sort through. These duplicate packets are an unnecessary distraction, preventing the traffic monitoring tools from working at peak efficiency. Worse, it gives the illusion that there is more traffic than there really is, leading to additional investment in more tools to handle the perceived increased traffic load.

Distribution – the Foundation for Growth

Advertisement. Scroll to continue reading.

We are all used to being forced to do more with less. One simple change at the foundation of your network could open a world of growth possibilities. If you could see more and secure more with less, why wouldn’t you? 

When there is too much duplicate traffic, an NPB’s deduplication filter can significantly improve performance. With so many applications running in different locations, an NPB capable of identifying genuine applications using application filtering allows an organization to craft security policies that boost the performance of security tools like firewalls. And as bulk traffic migrates to SSL encryption, an NPB can decrypt the traffic and distribute clear traffic to monitoring tools, freeing them to focus on analysis

The NPB dramatically reduces troubleshooting time as “on-the-fly” rerouting to forensic tools and built-in packet capture are now possible. This significantly speeds the fault isolation and resolution process. In short, intelligent filtering in a network packet broker allows organizations to get more out of their security and monitoring tool investments. Easy programming, effective filtering, and intelligent data distribution lead to more effective network operation. 

In the end, performance matters and customer satisfaction is key. Sending the right data to the right tool is critical for business success or issue resolution. Handling mass data distribution from a lot of sources can no longer be a manual process. The modern network needs smart filtering tools that boost the performance of network monitoring, analytics and security. Without a grid of traffic lights and a complex traffic control system working behind the scenes to manage them, city traffic gridlock would be exponentially worse. Why would you think it would be any different in the modern data center?

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet