How to easily detect SMBv1 scanning by using your traffic! ( by John Bronson)
Troubleshooting a Cloud Problem with Wireshark (by Paul Offord)

Is your Network Security Slowing you Down? (by Jason Nutt)

Is Network Security Slowing you Down?

Measuring the Latency impact Created by Next Gen Security Solutions

As an IT professional, you are well aware of the challenges posed by network latency. Applications like audio and video delivery, bandwidth sensitive mobile applications, cloud computing and storage services are extremely sensitive to network latency.

What you may not realize, however, is the amount of latency created by your Next Generation Intrusion Prevention Systems (NG-IPS) and Next Generation Firewalls (NG-FW). While they are critical to protecting your network, these security tools and others that perform deep packet inspection can increase latency, significantly impacting your overall application performance.

Recently we worked with a large health care services provider trying to figure out why it was taking so long to send MRI data between locations. This was causing significant frustration for patients, doctors and medical staff. Having been aware of Aukua’s nanosecond precision capture and analysis tools, they asked for our help. The company suspected one of more of their NG-IPS devices was causing the delays, but they did not have a way to confirm this. Since these security tools do not treat all packets the same, they were unable to detect or measure the application latency issue with artificial traffic such as ICMP. And since some applications were being adversely delayed and others were not, they could not rely on the NG-IPS vendor’s generic latency specs for various packet sizes. In addition, compliance rules prohibited them from introducing new traffic into their live network.

 

To address this customer’s need, we developed a solution to precisely measure one-way latency between two points for each and every network application packet of interest. This solution uses our MGA2510 Latency Monitoring Analyzer passively connected to two network TAPs, one on each side of the device being evaluated (in this case the customer’s NG-IPS). See Figure 1 below.

Measuring network security delay

Figure 1: NG-IPS Latency Monitoring Analyzer test schematic

By applying our Latency Monitoring Analyzer tool to their unique application performance problem, this hospital network was able to confirm their suspicion that the NG-IPS was indeed causing significant delay to their MRI application traffic. They are now recreating this specific scenario in their lab environment in order to test various approaches to mitigate this problem.

Network Security SIEM delay chart Aukua

Figure 2: Example latency analysis of an application stream of interest Through an IPS

In this case, and in others like it, the only way to identify the true root cause of real world application performance problems is to use a latency analyzer. Traditional indirect methods of using pings (ICMP) or introducing other artificial traffic into the network will not work and give false representation of network delay.

Great article on NG-IPS..etc - Here

To learn more about this Latency Monitoring Analyzer solution, visit Aukua Systems at https://www.aukua.com/solutions/latencymonitor.html

JasonJason Nutt is Co-Founder and CEO of Aukua Systems where he focuses on a customer-centric approach to delivering innovative solutions to problems. Jason has more than 20 years of experience in the Test and Measurement and Network Visibility industries. Prior to Aukua, he held leadership positions with Ixia, Anue Systems and Spirent Communications where he brought multiple successful product lines from concept to market.  Jason holds a Bachelor’s degree in Computer Science from Stephen F. Austin State University. 

Aukua Systems is a leading provider of Ethernet testing and visibility solutions. Whether developing, validating, deploying, supporting or managing applications or networks, our products help improve performance and make networks more secure. The Aukua product line includes packet capture tools, analyzers, traffic generators and impairment emulators, and all Aukua's solutions are hardware based, precise and 100% full line rate. Since 2015, equipment manufacturers, large enterprises, service providers, and government agencies worldwide have depended on Aukua to build stronger networks. To learn more, visit www.aukua.com.

 

Comments