Optimizing Network Packet Broker Efficiency with Aggregation TAPs

Profitap - Network Visibility Solutions

Optimizing Network Packet Broker Efficiency with Aggregation TAPs

SPAN ports were the preferred approach to network visibility for years. However, when the limitations of using SPAN became clear, the adoption of network TAPs started to increase. As we all know, network TAPs are more reliable than SPAN ports, and provide complete visibility into the network. But SPAN ports and network TAPs are just one link in the network visibility chain.

As enterprises have grown more dependent on networks for success, network architectures are being challenged by the evolution of digital business. More and more people and devices find their way to the connected world. All wanting their fair share of bandwidth. As a result, more tools are deployed in order to help the visibility and security to the network, increasing the network complexity. So, how do you make sure your visibility and cybersecurity appliances get the right data to look at, from any point in your IT infrastructure? A Network Packet Broker will help you out here. Read on to learn how this device can help optimize the performance of your network analysis and security tools.

Optimizing Network Packet Broker Efficiency with Aggregation TAPs

Efficient traffic management with Network Packet Brokers

Network Packet Broker (NPB) is a device that helps optimize the access and visibility of a variety of network monitoring, security and acceleration tools to traffic from one or many network links. This device plays a critical role in gaining visibility into complex networks.

Deployed between the network TAPs and the traffic analysis hardware, the main function of the packet broker is to filter specific network traffic to a specific monitoring tool. It receives data from multiple network links and then acts as a “broker” sending the right packet data out to all devices that need it. By maintaining a many-to-many (M:M) port mapping of network ports to monitoring ports, Network Packet Broker can direct network traffic more efficiently.

One thing that sets NPBs apart from other standard aggregation devices is the set of advanced packet manipulation features this device offers, such as packet slicing, GTP IP filtering, GRE tunneling & de-tunneling, VXLAN de-tunneling, ERSPAN stripping and timestamping. This enables network engineers to filter actionable data only, allowing the network tools to analyze in a more efficient way.

NPBs are not all made equal and quite costly, however. Therefore, in selecting the right NPBs for your network, you should opt for the one that performs all functions required for an optimally performing network architecture.

Network Packet Brokers optimize the performance of network analysis and security tools by delivering filtered traffic of interest, helping you solve application performance bottlenecks and troubleshoot problems on the network.

Optimizing your NPB's ports

With the NPB deployed between tools and infrastructure layers, its ports can fill up quickly when connecting all infrastructure elements. That’s where Profitap’s Booster Aggregation TAP comes into play. This device is specially designed to improve your Network Packet Broker’s ports efficiency.

By connecting 4 1G in-line links or 8 1G SPAN connections to one 10G SFP+ monitoring port (M:1), the Booster optimizes the number of used ports on your Network Packet Broker, without any impact on the performance and packet loss a standard aggregation would face. This way you will be able to monitor traffic from 4 full-duplex in-line or 8 SPAN connections on a single port on your NPB. A significant saving in port space on your device and ultimately in costs.

The optimal solution

A Network Packet Broker paired with a Booster are key in managing and securing the network infrastructure that’s rapidly evolving. It is a cost efficient and easy to deploy solution to help you improve the density performance of your monitoring system.

The Benefits of Using ProfiSight Network Traffic Analyzer

Profitap - Network Visibility Solutions

The Benefits of Using ProfiSight Network Traffic Analyzer

As networks get faster and more complex, new performance issues appear. Conventional network monitoring takes too much time, that’s why network analysts are looking for tools that not only help them get to the source of problems as fast as possible, but also optimize their workflow.

So, how can we get from a broad view of the network to a pinpoint view of the traffic, anywhere, in seconds, drill down and find the potential weak spots, server congestion, ports usage and more?

With a network traffic analyzer

Before getting into how this type of traffic analyzer can make a difference to your network forensics and troubleshooting techniques, let’s talk first about the most common methods used these days: packet analysis and flow analysis.

Packet analysis technology is widely used to dig down into what is happening over a network by focusing on the individual packets that cross your traffic rather than on the flow of the network.

Even though this method generally provides the most insights into your network traffic, as complete packets can be captured and further analyzed, it also gives you huge amounts of data. This makes it almost impossible for you to take real-time decisions and immediately expose the worst-performing parts of the network. You need time to shift through a lot of data for evidence of an issue or an intrusion, just like finding a needle in a haystack.

Also, in high-speed networks, packet analysis requires expensive hardware and substantial infrastructure for storage and analysis.

And that’s where a flow analysis tool can come in handy

Instead of giving you loads and loads of data that will also come with added cost, a flow-based tool focuses on the flow of the network, the “who,” “what,” and “when” of network transactions.

Flow analysis tools are based on a technology that provides insights about who is communicating with whom, with which devices or end-points, and which protocol. It gives you a lot of visibility of your network’s traffic without the added weight of a packet analysis tool.

It makes it easier to dig into certain conversations, giving you a fast and efficient way to understand what type of traffic is traversing the network. Also, since this data is so light, you can store it for as long as you want, and network forensics and security monitoring tools can make use of it to monitor and alert for traffic abnormalities.

For all those reasons and more, our engineers created ProfiSight

ProfiSight is Profitap’s Network Traffic Analyzer, specially built to give you fast visibility into the traffic that matters. What does that mean? Its accurate insights about your network bandwidth utilization, application usage and statistics, LAN, talkers and conversations, performance and errors, or user activity will tell you how your network resources are allocated and used in real-time.

Basically, it’s a network monitoring tool that tracks the flow of applications and key services over all areas of the network — devices, servers, link connections — and offers insights into network bandwidth utilization, helping you adjust resources for optimal performance.

It’s optimized for fast indexing and has the ability to filter large amounts of network traffic, improving your monitoring workflow and saving valuable troubleshooting time.
All its dashboards support flexible user queries by fields and timestamps to allow a faster analysis of the problems. ProfiSight covers a large array of network troubleshooting indicators, designed to help you pinpoint issues or highlight trends that would otherwise pass unnoticed.

Moreover, when a deep packet-level analysis of the traffic flow is needed, you can choose to pair it with top packet analyzers (like Wireshark) for multiple visual histograms, graphs and statistics.

So, can I use packet analysis and flow analysis together?

Profitap ProfiSight Network Traffic Analyzer

Yes, you can. As you know, even though flow analysis is perfect for determining traffic statistics overall, it can fall short when you need to analyze a specific issue in depth.

For example, in the event of a data breach, you need to be able to quickly understand what or how it happened, and which systems or data sources have been compromised. Packet capture and analysis provides a complete and accurate historical record of network traffic, giving you the means to reconstruct events and dig down to the actual network packets to pinpoint exactly what took place.

That’s why ProfiSight can be integrated with any of our ProfiShark portable packet capture devices (or any other capture tool of your choice). In this way, it allows for a quick view of the flow data by extracting the metadata of a captured packet stream. This can help you get an overview of the main talkers in a few clicks and determine if they are a security or performance issue.

When combined with our portable packet capture devices, you can capture every packet on the line and get a complete overview of the network for in-depth analysis. Also, you can easily connect to your ProfiShark remotely so that you can track down network issues anywhere, anytime.

For a hands-on experience of how you can capture, monitor and analyze network traffic with ProfiSight, watch the video below made by Chris Greer:

The benefits of a network traffic analyzer paired with the deep-dive of a packet capture device are multiple, but one of them is that you can reduce the load that a packet capture requires while still providing the raw data when you need it. Time is essential in most of the cases, and pairing these tools will help you spot network issues in minutes rather than in hours or days.

Monitoring the Industry 4.0 Network Infrastructure with Profitap IOTA

Profitap - Network Visibility Solutions

Monitoring the Industry 4.0 Network Infrastructure with Profitap IOTA

Profitap IOTA 10G All-in-One Network Analyzer

The Internet of Things, commonly known as IoT, is no longer “the next big thing”. In the last two decades, the technology has evolved massively transforming the industrial and manufacturing operations. But there are also other hot topics that are just as prevalent, the Industrial Internet of Things (IIoT) and Industry 4.0. Chances are that you might have used them interchangeably. No big deal, right? Wrong.

In summary, IIoT is a subset of IoT which is specific to industrial applications. The manufacturing phase of the product lifecycle is where the IoT and Industry 4.0 meet, originating to the IIoT with smart manufacturing currently on the forefront. So, what is the Industry 4.0 anyway? Here is what you need to know.

The rise of digital industrial technology

Industry 4.0 is driven by trends on connectivity, advanced materials and processing technology, along with collaborative advanced manufacturing networks controlled by computers combining them into a physical – digital environment. Anything from the smart robotic machines in a factory to the engines inside an airplane, there has been a wide range of innovative uses of this industrial evolution.

Going forward, the question is not to be left behind and prepare for the fourth industrial revolution. If enterprises can’t evolve with continuous changes, they will shortly find themselves left behind while the ones who learn to keep pace will receive the rewards.

The fourth industrial revolution also begins with the development of new technologies applied to production processes. Today, this industrial revolution has impacted almost every sector be it healthcare, finance, manufacturing or any other industry. That said, the most critical technologies for this revolution are expected to be Intelligent Production, Simulation, Connected Devices, Systems Integration, Business Operation and Big Data.

Ultimately, it’s the network of machines or devices that are digitally connected with one another which then create and share information that results in the true power of Industry 4.0. With digitalization and IoT, there is no doubt that it will continue to be the biggest driving force behind the revolution as it will have a potential economic impact of up to $6.2 trillion by 2025 according to McKinsey.

How to monitor network infrastructure

An unfortunate fact of everyday life

Most of the disclosure around the Industry 4.0 focuses on Information Technology (IT) aspects. However, for industrial sectors, there is an equally important technology, which is the Operational Technology (OT). Simply put, OT includes any hardware and software that are used to sense and capture data as well as monitor and control the behavior of physical devices, processes and events of entire Industrial Control System (ICS). Typical OT networks are comprised of switches, monitors, sensors, valves and manufacturing devices managed by an ICS system.

Supporting all these systems requires a network and server architecture that enables the essential interoperability and provides the appropriate resilience. As the output of ICS relates to physical processes, avoiding unplanned downtime is a huge motivator for enterprises embarking on Industry 4.0. Outdated OT represent significant downtime risk. And when they fail, the costs are high.

How much money is your business losing with every minute, hour or day when your systems are down? Not sure? Well, according to research by IHS, downtime is costing over US$700 billion a year. This is no surprise. Every passing second when there’s trouble on the network, equals loss of production, data and even your company’s credibility. It is an unfortunate fact of everyday life. Network or process failures due to misconfigurations, software or device errors, and erroneous commands still can occur daily.

Today’s digital marketplace requires enterprises to integrate things, for instance real-time data collection and analysis as well as real-time remote management tools into OT networks. Constant operational issues have increased the demand for a special tool that can help to handle troubleshooting quickly and keep the connections healthy.

As industrial networks have grown larger and more complex than ever before, network monitoring tools are quickly becoming a necessity. Network access control solutions can help with managing industrial devices, including keeping track of every connected device on your network.

Help is on the way! What is needed?

To get a fast and reliable real-time overview of what is happening on your network, your enterprise requires visibility and control over your OT and IT environments without impacting the integrity of the network. As many modern enterprises have their operations spread over multiple locations, the ideal scenario is to have network traffic analysis tools that can be easily transported and deployed onsite, but controlled remotely. This eliminates the time-consuming and expensive onsite travels for IT specialists, while still offering fast drill-down to the network issues.

All-in-one network traffic analysis solution

Profitap recognizes the digital industry evolution and wants to make things even quicker and easier for you. An easy-to-use, lightweight and intelligent network probe is available for the industry to ensure productivity and ultimately increase your revenue.

IOTA has been developed to meet the needs of the industry’s top network analysts and engineers. As an all-in-one network analysis solution, IOTA can be deployed easily anywhere in the field, both as a portable and as a rack-mounted data center solution. This way, IOTA gives you full remote access and analysis capabilities into your 1G/10G networks, anywhere you want.

IOTA’s combination of features in a single and compact device, make it a complete network capture and analysis solution, and an essential addition to any network engineer’s toolkit.

Profitap IOTA functional description
Link to product pages: IOTA All-in-One Network Analyzer