9 posts categorized "Visibility" Feed

LMTV LIVE | Best Practices for Network Tapping (with Keith Bromley of IXIA)

YouTube Live Event starts at 9:30AM PST, Wednesday, February 22, 2017

Yx_X0tC2This week we will be speaking with Keith Bromley, Senior Manager of Solutions Marketing of IXIA.

We promise to do our very best to avoid the usual Taps vs SPAN discussion in this live event. But what we will discuss is the following.

  • Taps are part of a well-planned visibility architecture.
  • Taps should be as easy as set and forget.
  • Taps are placed inline in the network but they are passive and only make a copy of the data, i.e. they don’t divert the main traffic flow.
  • Bypass switches are similar to taps but different from taps as they actually divert the data but also provide fail-over mechanisms for network survivability.
  • A virtual tap is a software version of the standard tap except that this can be loaded onto virtualized servers to capture east-west data in the virtual data center.
  • Some best practices for tap placement
    • Use taps where you can to ensure that you get the best data possible as fast as possible
    • Tap your network ingress and egress points
    • Tap any known choke points

Please join us.

Click to read other LMTV posts by contributors of LoveMyTool »

The Importance of Lossless Visibility! (by Keith Bromley)

The Importance of Lossless Visibility!

Does lossless visibility really matter for monitoring tools? 

They’re supposed to be able to handle lost packets, corrupt packets, data gaps, etc., right?

Well, the answer is kinda, sorta, absolutely NO!

Security and monitoring tools are only as good as the data they see, or don’t see. Some tools have capabilities to help them “tolerate” missing data but that is a flawed theory and here’s why.

Missing data can lead to missed or false positive security threats, longer and more costly troubleshooting efforts, and lower customer satisfaction ratings. According to the 2016 Verizon Data Breach Investigation Report, most victimized companies don’t discover security breaches themselves. Approximately 75% have to be informed by law enforcement and 3rd parties (customers, supplier, business partners, etc.) that they have been breached—they had no idea the breach had happened. It’s hard enough to defeat modern network security threats, you don’t want to start off with limited network visibility. But that’s exactly what happens if your monitoring solution (which includes your taps, SPANs, and network packet brokers) does not feed your security and monitoring tools the correct data. For instance, check out this report from the Tolly Group about how one network packet broker drops packets and doesn’t even report it.

Visibility target

Other than missing your target reason for network visibility!

The following list shows some examples of why lossless visibility is important:

Continue reading "The Importance of Lossless Visibility! (by Keith Bromley)" »

Understanding Network Visibility Use Cases! (by Keith Bromley)

Understanding Network Visibility Use Cases!


Network visibility is fast becoming a key component of network and security planning. This is because network visibility is more than just network monitoring. It is about understanding the network—how is it actually performing, are there any current problems, where do future pain points lie, and how do I optimize my resources?  IT’s fundamental challenge is to ensure that the infrastructure beneath their applications is reliable, fast, and secure.

As we all know, network blind spots get in the way. Common sources of blind spots include:  Silo IT organizations, SPAN port overloading, rogue IT, SSL encrypted data, data overload of monitoring equipment, and network and equipment complexity. These blind spots directly correlate to network problems and outages, increased network security risk, and potential regulatory compliance issues.

Encrypted data further exacerbates the situation. According to a Bluecoat infographic, half of all network security attacks in 2017 will use encrypted traffic to bypass controls. In addition, internal and external SLA’s and customer quality of experience have become increasingly important for IT. These requirements are forcing IT to gain an even better insight and understanding of the network to maximize performance. What no IT team wants to find out is that all of their assumptions and architecture designs are based on incorrect or missing data. When this happens, it results in higher solution costs, confusion, rework, customer dissatisfaction, performance problems, and unplanned outages.

Continue reading "Understanding Network Visibility Use Cases! (by Keith Bromley)" »