Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Intelligent Filters, the Modern Data Traffic Cop

Modern Networks Need Smart Filtering Tools that Boost Performance of Monitoring, Analytics and Security

Modern Networks Need Smart Filtering Tools that Boost Performance of Monitoring, Analytics and Security

The popularity of Software-as-a-Service (SaaS) applications combined with continuous additions of newly networked devices have added a strain to the traditional data center making it crucial for businesses to better manage the growing volume of network traffic. According to Cisco, annual global data center IP traffic will reach 10.4 zettabytes by the end of 2019, up from 3.4 zettabytes per year in 2014—that’s a three-fold growth in five years. Overall, data center workloads are expected to more than double by 2019. This will surely raise problems within the organizations accessing them if not properly managed.

Organizations that establish a solid network foundation today will out-secure, out-perform and outgrow their competition. That foundation starts with better management, control and filtering of traffic within highly congested data centers. Like designing traffic control systems to avoid vehicle gridlock at rush hours, a proper network foundation does the same for your data. Technologies like network packet brokers (NPBs) have emerged to address these issues, but just like your experience on your commute to work, some traffic control approaches are more effective than others. Here’s how can you tell the difference.

Facing the Need for Change 

Network Data CenterMonitoring and securing modern network flows requires granular insight, only possible through sophisticated and automated analytics and security tools. It is no longer feasible to manually monitor and protect our networks without these tools, but each analysis, compliance and security appliance also add layers of complexity. That complexity could end up costing more than it contributes if it is not configured smoothly into the network. Enter smart filtering solutions.

Security and analytics tools can add a lot of value to your business—if they actually see the data they are supposed to see. But that’s no longer easy. Today, the goal is to gather, identify and intelligently distribute data in a way that gives simple but impactful choices to the network or security administrator. Sending every piece of data to every tool is not an effective solution. Why should each tool sift through an entire haystack of data looking for a needle when you can easily remove half before your search?

Sure, this may sound optional. Many could get by for months or even years without implementing any kind of intelligent filtering. They would just spend more time sifting the reams of data and false alerts at their tool end points. But there’s a better alternative: collect the data completely, then filter it intelligently. 

For out-of-band performance monitoring, intrusion detection systems or analytics, network taps are used to replicate data flowing across individual segment points and send it to the necessary tools. Depending on where the taps are placed, you could end up with as much as 50 percent or more duplicate packets that each tool would then need to sort through. These duplicate packets are an unnecessary distraction, preventing the traffic monitoring tools from working at peak efficiency. Worse, it gives the illusion that there is more traffic than there really is, leading to additional investment in more tools to handle the perceived increased traffic load.

Distribution – the Foundation for Growth

Advertisement. Scroll to continue reading.

We are all used to being forced to do more with less. One simple change at the foundation of your network could open a world of growth possibilities. If you could see more and secure more with less, why wouldn’t you? 

When there is too much duplicate traffic, an NPB’s deduplication filter can significantly improve performance. With so many applications running in different locations, an NPB capable of identifying genuine applications using application filtering allows an organization to craft security policies that boost the performance of security tools like firewalls. And as bulk traffic migrates to SSL encryption, an NPB can decrypt the traffic and distribute clear traffic to monitoring tools, freeing them to focus on analysis

The NPB dramatically reduces troubleshooting time as “on-the-fly” rerouting to forensic tools and built-in packet capture are now possible. This significantly speeds the fault isolation and resolution process. In short, intelligent filtering in a network packet broker allows organizations to get more out of their security and monitoring tool investments. Easy programming, effective filtering, and intelligent data distribution lead to more effective network operation. 

In the end, performance matters and customer satisfaction is key. Sending the right data to the right tool is critical for business success or issue resolution. Handling mass data distribution from a lot of sources can no longer be a manual process. The modern network needs smart filtering tools that boost the performance of network monitoring, analytics and security. Without a grid of traffic lights and a complex traffic control system working behind the scenes to manage them, city traffic gridlock would be exponentially worse. Why would you think it would be any different in the modern data center?

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.