|
|
| Tap related Monitoring Tools |
 prev | index | next  |
 |
| Performance Analysis |
|
Network Management Challenges
Managing multiple mission critical applications such as eCommerce, Video and VoIP is becoming more difficult in today's corporate network. Networks are being revamped with new technologies to include everything from wireless to 10 gigabit while existing architectures are evolving to accommodate network expansion for international offices, vendors, customers and investors. Service level agreements place further demands on connectivity and infrastructural performance. The current outlook: Network complexity will continue to grow exponentially.
Performance degradation and outages are problems that negatively affect an organization as a whole. Companies cannot afford to hamper employee productivity or lose the satisfaction of customers due to network failures, particularly when those customers have been provided SLA's. Increasing pressure is placed on IT management to ensure constant connectivity and 24/7 reliability. Without this assurance, an organization's operational efficiency and competitive performance is severely impaired.
The importance of Network Analysis and Monitoring
Network monitoring and performance analysis is critical in order for companies to provide reliable internal and external service and meet their stated SLA's. Solutions that will empower IT professionals to quickly identify, monitor, measure, manage and resolve performance issues and bottlenecks are required. There is a need for integrated strategies that span multiple networks and allow remote management and constant visibility. Network managers need distributed monitoring solutions that will allow them to take charge over the network and accommodate ever growing business needs.
Designing the Monitoring Architecture
A wide variety of analyzers exist for different network types, speeds, sizes and performance capacities, ranging from Branch office to Telecommunications grade. They also range by type of service provided, such as protocol analysis or application performance analysis. With the commoditization of IDSes, hybrid analyzers have emerged to include network security as well as management tools. The choice of network analyzer is being dictated by the scale of network to be monitored and the types of data to be viewed. In some cases several kinds of analyzers are used simultaneously.
One commonality among these monitoring tools is their need to view network data in order to generate performance results. The greater the access analyzers have into the raw data, the bigger the view into the network the administrator is going to have, allowing the scale of optimizing the network to be more noticeable and troubleshooting to be performed more quickly. The bottom line is a faster, more robust network with less down time.
Building a scalable solution
When deploying analyzers and other network monitoring equipment, there are several implementations that IT managers focus on achieving:
- Providing pervasive network visibility with fewer analyzers
- Getting access to the biggest volume of raw data without dropping any packets
- Aggregating data from multiple locations and devices for view by the analyzers
- Enabling a greater view into the network by tapping into multiple network points and segments
- Connecting analyzers to networks running on different media (ex. copper / fiber)
- Selecting data to view on a per port basis
- Creating an effective event correlation system
- Determining whether or not to use existing span ports
- Filtering traffic for view by the analyzer(s)
VSS can add all of these functionalities to create a robust analyzing solution that will accommodate even the most demanding enterprise requirements. VSS has a record of success in helping companies create deployment architectures that enable pervasive network visibility while reducing the overall cost of deployment by up to 80% (see Case Studies).
Traditional analyzer installations and techniques
Traditionally, companies installed monitoring devices in multiple network locations using span ports, hubs and taps. Very often network technicians would be required to travel from one location to another with the analyzer in order to collect the necessary data for troubleshooting. Using span ports and hubs are not desirable due to multiple inherent issues.
Problems with span ports include:
- Packet loss
- No visibility into layer 1 and 2 errors
- Potential point of failure
- Problems related to configuration and setup
Using hubs is also not advisable for the following reasons:
- False collisions
- Potential point of failure
- Reduces link bandwidth by half
- No gigabit solutions
Why use Network Taps?
Only taps provide the solution to all of the above problems. Taps are non-blocking devices that pass through data at line rate without introducing any network interference. Network analyzers rely on a complete data stream to examine packets and recognize errors. Placing the tap inline ensures total packet capture of the full-duplex traffic (a crucial feature to network analyzers) while providing fail-safe network connectivity and stealth from intruders (see whitepaper 'Taps vs. Span Ports and Hubs')
Why use VSS Taps?
While network taps are available from several sources, VSS taps provide benefits beyond those inherent to taps from other vendors. They enable cost savings, leverage a variety of analyzerarchitectures and preserve the original packet order of aggregated data-a critical element for any analyzer solution. VSS taps are available with a number of physical interfaces, providing access for both fiber and copper and all major network topologies-10/100/1000 Ethernet, Fiber channel, ATM, SONET, etc.-making it simple to set up analyzer monitoring in all kinds of networks. Fail-safe and link safe features guarantee network up time-all VSS taps are 'carrier class.'
VSS' product portfolio includes a number of units that optimize analyzer deployment:
Converter taps are indispensable when it comes to aggregating network data from one media type to another in order to deliver it to your analyzer equipment. This all-in-one device is both tap and converter. Conversion is available from copper to fiber (SX, LX, ZX), fiber to copper, fiber to fiber, fiber to copper / fiber, copper to copper / fiber, etc. VSS conversion units are also available with features such as aggregation, high port density, filtering, remote management and other distributed options.
Regeneration taps allow monitoring of the network with multiple analyzer. Sometimes it is useful to have multiple analyzer or additional monitoring devices such as an IDS look into the same streams of data. This solution is ideal for the evaluation of the analyzer devices, allowing multiple different devices to look into the same data stream and correlate the results. VSS fiber regeneration taps are available with optional proprietary data reclocking.
Aggregation taps enable the monitoring of multiple networks with just one or only a few analyzer servers. The aggregation feature combines each network port onto a single stream, thereby reducing the port usage on the analyzer(s).
Filter taps allow users to filter monitored traffic by protocol, port, MAC addresses, and source and destination IP address ranges. These taps allow multiple filters per port and are easily manageable (locally or remotely) via telnet, HTTP, SNMP and serial port.
Span tools allow consolidation of the output ports from other taps or span sessions. Consolidating the monitoring outputs from multiple taps enables further centralization and cost savings. Monitoring through span sessions is not desirable for the reasons discussed earlier but it is still a part of many topologies in a number of organizations.
The VSS Distributed solution for analyzers:
VSS' Distributed Taps combine a number of analyzer optimizing features to provide a total protocol or performance analysis solution:
- Remote Management (Telnet, HTTPS, SNMP)
- High port density Aggregation
- Independent port control (allows each analyzer to look into user-selected groups of network ports)
- Port configurations: inline / span; on / off; auto-negotiation, timing, etc.
- Speed conversion, including gigabit
- Media conversion and SPF modules
- Data injection capability (optional)
- Port filtering (input / output) by protocol, MAC address, IP address ranges, etc.
Distributed tap architectures enable significant cost savings, greater coverage and improved monitoring quality, thereby fully leveraging analyzer infrastructure.
VSS' product portfolio compliments any network architecture and provides the opportunity for a variety of robust solutions and cost savings opportunities. Features like aggregation and regeneration allow for the consolidation of traffic for viewing by just one or a few analyzer servers. Remote management is easy and available via multiple interfaces (HTTPS, Telnet, SNMP), and port selection options allow viewing into different port groups with separate analyzers.
Installation of the VSS Distributed Solution is easy and requires minimal network impact. Network managers can now take full advantage of complete access to all network traffic while saving time and operational costs.
For assistance in selecting the right solution, please contact a VSS pre-sales Engineer.
|
|
|
prev | index | next |
|
|
