Know what’s happening on your network and make the most of your security tools
In an ideal world, all organizations would know at all times exactly what’s happening on their network: they would have deep enough pockets to buy the equipment and engage the personnel necessary to achieve this knowledge, no matter how much the speed and size of their network increases.
In this world, though, budgetary constraints force organizations to often ask themselves “Can we make do without this or will we have enough money for that?”, and a company that is making highly scalable, flexible and easy-to-deploy solutions is the answer to their needs.
Network Critical’s new SmartNA PortPlus network packet broker provides the solution for the total network visibility problem.
A trusted provider
Network Critical was founded twenty years ago by Alastair Hartrup, who is still the CEO. The company started out as a distributor of test and measurement products, but fairly quickly moved into the network visibility market and started designing and manufacturing network TAPs and network packet brokers.
The company has a reputation for leading the industry with innovative solutions and, with a long-standing US operation and manufacturing and assembly concentrated in both the UK and in the US, it has been able to provide its offerings to many US corporate businesses, federal agencies as well as the country’s uniformed service branches.
But its customers can also be found all over the world and in many different industries. In fact, anyone that runs either large global or regional network or data center can make good use of their TAPs and packet brokers.
The need for speed
“Historically, our competitors had high-end products and extremely high prices, but we’re trying to open the network visibility market up, to expand in the enterprise market as well as Tier 1 and Tier 2 environments,” Hartrup told Help Net Security.
The company aims to do so with SmartNA PortPlus, which can be custom-built to suit all operating levels, whether the end user is a large US conglomerate with datacenters across the globe or a business situated in one state with a head office and multiple branches.
SmartNA PortPlus is a packet broker, a hardware-based appliance that usually sits in the datacenter, in a rack alongside the performance monitoring and security equipment. Its main function is to give organizations total visibility of the network traffic so they can manage and improve its performance and enhance the efficiency of security tools: intrusion detection and prevention systems, SIEMs, VoIP, data leak protection solutions, and so on.
Packet brokers aggregate the traffic from numerous datalinks into a traffic streams. These traffic streams can be filtered and mapped to the correct output ports where the monitoring tools are connected. If that aggregated traffic is greater than the capacity of any single monitoring tool, the packet broker can load balance and distribute the traffic to multiple units.
Intrusion detection and prevention products can throttle the network down because everything has to pass through them, and that can impact performance and in-place service level agreements.
“We’ve recently worked with a very large carrier in the US and they wanted to have intrusion detection on their corporate network, particularly on their DMZ. But they realized that by having to look at every single byte to determine whether it was a malicious attack, the intrusion detection was slowing the customer experience down. By load balancing multiple IDSes we’ve improved the network’s performance, improving customer experience and allowing corporates to achieve the level of security they need for their due diligence and other set targets,” Hartrup shared.
“The IDS load balancing facility is a new feature that we’re adding to all our packet brokers. This is particularly of interest to vendors and people deploying intrusion detection systems, as they quite often need to load balance them to make them more effective, particularly in busy, high-availability environments.”
For security-focused tools, SmartNA PortPlus performs load balancing and discards the traffic these tools don’t have to look at. For performance monitoring tools, the traffic is mirrored: a copy is made of every single frame that’s active on the network and sent to them to look for performance problems, to calculate utilization statistics, to identify trends and discover where corporates need to focus their efforts.
“These tools are very expensive and clients want to make sure that they are getting as much data through them as they possibly can without overwhelming them. Our responsibility is to do precise traffic management to allow these tools to work at maximum efficiency,” he concluded.
SmartNA PortPlus: A game changer
Rapid advancements in network speeds are challenging for network architects and managers as well as security and network monitoring tools.
“It is much more complex to open packets, read, analyze and take action when the data is moving at one hundred billion bits per second than when the data is moving at ten billion bits per second. The dramatic increase in network link speed has led to a corresponding increase in complexity and price of the tools being used to monitor and protect networks,” Hartrup noted.
A combination of the latest chip technology, new software, and up to 192 available ports of different speeds (1/10/25/40/100Gbps) allows SmartNA PortPlus to provide visibility into very high-speed links links while taking advantage of less complex but nevertheless expensive network monitoring and security tools (both legacy and new ones).
At the same time, its programmable architecture has been built to support greater workload density, emerging protocols and new technologies. Effectively, SmartNA PortPlus allows organizations to cost-effectively scale their monitoring and security infrastructure and to future-proof it, and it has made these benefits available to organizations that aren’t blessed with extra deep pockets.
Aside from making the most of legacy tools, the packet broker also minimizes mistakes and configuration time through the Drag-n-Vu technology and an intuitive interface, which allows organizations to filter traffic based on IP addresses, protocols, ports and VLANs and to easily add complex filter rules and port mapping. This also means there will be no need to employ an army of professional services consultants to set up and manage the technology.
“We feel that SmartNA PortPlus is really going to change the market as it’s much more flexible and scalable than anything currently available today,” Hartrup explained.
“If an extremely high port density is required, we’ve got your back. You can add and take away capacity as you need it – the expansion of the solution follows that of the network. And we also provide fail-to-safe technology so we don’t become a single point of failure, which eases the customer’s pain of deployment.”