What Keeps the Network Monitoring Team Awake at Night, and How Ixia Anue’s AFM16 Can Help

 

The hype surrounding the iPhone 5 release demonstrates one thing – the seemingly unlimited demand from users to do more with their mobile devices is nowhere near satiated. With more and more use of cloud networks, application delivery, and networks-over-the-Internet, the promise and problems of Big Data paradigms will become obvious and well known to all operators – challenges that include capture, storage, search, sharing, analysis, and visualization.

Big Data is large amounts of information that exceed the demands of a typical network because of the size and speed of the data traveling over the network. Big Data is different from traditional IT in many ways, but it still requires monitoring. Key focus areas when managing Big Data are application behavior, network performance and security. The measure of  network monitoring to optimize network traffic sent to monitoring tools lies in the ability to improve the effectiveness and performance of monitoring tools.

Network monitoring is critical to network visibility in the enterprise data centers and the IP-based segments of telecommunication service provider networks. The importance of monitoring is reflected in the large investments large enterprises and service providers make in monitoring tools and the staff to manage them. These network monitoring teams face several challenges, including the following:

  1. Demand for higher data rates outpaces the ability of monitoring tools to keep up
  2. Complying with strict privacy regulations
  3. Increased scrutiny of network performance
  4. Containing the cost of network monitoring

 

  1. 1.     Demand for Higher Data Rates Outpaces Gains in Monitoring Tool Performance

With networks growing in speed and little budget to upgrade tools, network engineers are looking for ways to get better performance from their existing monitoring tools. Some of the issues that drain tool performance include:

More than 50% of packets arriving at a monitoring tool could be duplicate packets. Also, some tools only need the packet header for analysis, in which case most of the data that arrives at the tool are useless. The challenge is to remove the performance-robbing packets from the traffic before they reach the monitoring tool.

  1. 2.     Complying with Strict Privacy Regulations

Businesses that handle sensitive user information are obligated (by SOX, HIPAA, PCI, etc.) to keep such data secure. Some tools provide the ability to trim sensitive data from packets before they are analyzed or stored. However, this comes at the expense of precious computing and tool bandwidth resources. The challenge is to offload the privacy function from tools so they can focus all resources on the analysis and storage for which they were intended.

  1. 3.     Increased Scrutiny of Network Performance

Network performance is under great scrutiny in some network applications, such as high-frequency-trading. For such applications, there are purpose-built monitoring tools that can time each packet as it traverses the network. These latency-sensitive tools depend on timing the packets as close to source as possible. However, such proximity implies exclusive access to the network, which is not practical. The challenge is to deliver both the packet and its timing data to the latency-sensitive tools without compromising access for other network monitoring tools.

  1. 4.     Containing the Cost of Network Monitoring

Network engineers are under pressure to do more with less, including in network monitoring. Successful network monitoring teams not only find ways to save costs, they also find smart ways to leverage their current investment.

There is a rich selection of tools on the market to monitor IP networks. However, in certain parts of the IP-based service provider networks, most of these tools are rendered useless, because the IP traffic is encapsulated using MPLS, GTP, and VNTag. The challenge is to find a way to expose the tunneled IP traffic so widely available tools, including tools the organization already owns, can be deployed.

Ixia Anue has just introduced its Anue Advanced Feature Module 16, which provides advanced packet processing technologies to eliminate redundant network traffic, secure sensitive data and enhance monitoring tool effectiveness. It is the industry’s first high-density, high-capacity advanced packet processing solution designed specifically to enhance network and application performance at large enterprises and data centers.

To learn more about Ixia’s Anue AFM16 and the Anue Net Tool Optimizer, stop by booth #531 at Interop New York, currently taking place at the Javits Convention Center. At the event, Ixia’s Larry Hart and Chip Webb will lead an industry conversation titled “Big Data, Big Visibility, Big Control” on Oct. 3 at 2 p.m. ET.

For more information on the AFM16 module, see the press release

Bring Your Own Device (BYOD) is Pure Evil

 

I spent a few days at ConSec ’12 this week and heard a lot about Bring Your Own Device (BYOD). It is a rapidly growing phenomenon that enterprise security experts are grappling with.  BYOD is becoming accepted by many companies of all sizes.  Interestingly, it often begins when a senior executive pops by IT with an iPad or a Mac and insists on using that device instead of a corporate standard.  Then the floodgates open.  People tend to like the freedom of choice and the convenience of BYOD. 

The Security, Audit, Continuity, and DIR full-day workshops

Security risk with BYOD

Did you know that when you access corporate email on the mobile device you own, there are countless security risks?  For example, if your phone is stolen, it is surprisingly easy to gain access to all the data on the device.  If you have the email password stored, well, all of your email is available to the hacker.  They can steal anything and even worse yet, – impersonate you.  In fact, a good hacker in possession of your device, can decrypt your stored passwords in a matter of minutes.

Enterprise IT needs to focus on protecting what really matters – the corporate network,  applications, and most of all, business-critical data.If you think that a remote wipe will take care of this – think again. A remote wipe requires that the device is powered on.  So, if the bad guy powers it off and removes the SIM card –remote wipe won’t be wiping anything.

If you use your device for personal purposes, you might download some fun apps and games.  There is nothing that guarantees these applications are not malware.  And it’s possible they behave well for 6 months and then become malware.

Employee-owned devices are extremely difficult to control or trust.  The key seems to be to develop a strategy where the device is known and expected to be EVIL.  Enterprise IT needs to focus on protecting what really matters – the corporate network,  applications, and most of all, business-critical data.

Monitor for anomalies

Enterprises need to focus on monitoring for anomalies that can strike its key assets:

  • The corporate network
  • Business-critical applications
  • Business-critical data

Ixia's Anue Net Tool Optimizer® (NTO) will revolutionize the way you monitor your network.With BYOD, the risk of network contamination and information leakage significantly increases due to poorly developed or malicious apps, the increased attack surface of all of these devices and fun-loving human nature.  Ixia is in the business of providing network visibility with products such as the Anue NTO, which can really help secure production networks.

In the past, IT managed users with a work-owned device, which was most likely configured and locked down. Today, IT is faced with users with as many as three devices- laptops, iPads and Phones/smartphones- all out of their control.  That is triple the devices, and all present a tasty attack surfaces plus an increase in in network bandwidth requirements.  Oh dear.

So, you might develop a policy that IT must control and monitor all devices that are used for business purposes.  Good luck on that – the privacy and legal issues in the US get sticky.  In EMEA and other regions with stricter privacy policies for their citizens, forget about it.  Scenario: you have a security incident and you need to force wipe out an employee’s iPhone – and you wipe out the last picture of grandpa before he died.   The jury would tear up right there.

And do you really want to deal with the drama around confiscating an employee’s personal device and invading his privacy and finding scantily-clad pictures of his fiancée?  Oh dear.

The answer is to focus on securing what really matters: enterprise data, network and applications.  Lock down and monitor what really counts to your business.  Expect employee-owned devices to be Evil, and you will not be disappointed.

Having said all that, there is a new category of products called Mobile Device Management (MDM) that can enforce device policy, encrypt local data and secure contained partitions.  It is a nascent category, but there are already over 40 companies moving in to solve mobile device security concerns.   In addition, at ConSec ’12 AT&T was talking about a new technology to  provide a “toggle” feature, where there are two settings – one for work purposes and one for personal purposes.  With this, you might be able to effectively carry out information security practices for the device.

More to come soon…

What Network Engineers Really Care About: Mean Time to Innocence MTTI

 

I participated in Cisco Live! San Diego via the online option – quite nice, and free to boot!  One standout concept, MTTI, was featured in Jim Metzler’s presentation, and it really hit home. Jim is an industry analyst and vice president at Ashton, Metzler and Associates. He gave a great presentation, and his deep understanding of the industry, plus a nice sense of humor, really made it interesting.

It seems, especially in large organizations, silos of blame form. Large organizations tend to become highly political, with constituent groups vying for power and glory.

network engineering groups can end up being guilty until proven innocent, making MTTI and fast issue resolution critically important

So what happens is that network engineering groups can end up being guilty until proven innocent, making MTTI and fast issue resolution critically important. While internal politics are prone to force odd and very negative things to occur, in this case the blame game is forcing out the need for network visibility, which is a very useful thing.

Ixia, with Anue, is in the production network visibility business. The Anue NTO is a best of breed portfolio of products that provide deep and comprehensive visibility into the bowels of the network. Network engineers spend their lives trying to solve problems – this technology helps.

The Anue NTO is a best of breed portfolio of products that provide deep and comprehensive visibility into the bowels of the network.

Longtime Anue customers consistently tell me what they like best about our technology is that they can pinpoint problems even before end users are able to pick up the phone and initiate the blame game.  Network engineers are much more in control of the network and all of its intricacies. The phone, with an agitated user on the other end, is no longer the most prominent network monitoring device.

Time is money in business. Quickly finding the root cause for network security incidents and performance problems is making network visibility a necessity.

Network visibility technologies provide the salient facts to any CTOThe true evil of internal politics in organizations is that certain constituents can become very powerful, and become able to place blame where it does not belong. This is obviously counterproductive. Network visibility technologies provide the salient facts to dispute and factually correct even the wiliest of internal politicians. Responsiveness to issues gets faster, blame gets placed faster and whatever is wrong gets fixed faster.

The MTTI metric is driving useful things to happen – with network visibility technology business runs more smoothly. Nothing will eradicate internal politics, but technology sure can help quell some of it for network engineers.

Automatic MTTR

 

Forrester Highlights Anue NTO Network Monitoring Switch as a Core Technology for every Data CenterRecently a potential customer in the financial industry shared the challenges they face when trying to quickly diagnose and fix problems within their data center network. I listened intensely as they explained how determining root cause could drag on for weeks and in some cases months. Fortunately we were able to help them by implementing our Automated Response Technology. You can see a good example of how it works by watching this brief video.

 

In the video you will see how together, the LogMatrix NerveCenter and the Anue Net Tool Optimizer™ (NTO), along with your existing network monitoring tools and management systems, can significantly improve network reliability as well as reduce network Mean Time to Repair – MTTR. This is accomplished by intelligently collecting network traffic and automatically routing it to the right monitoring tool when network problems or anomalies occur. When NerveCenter detects the problem, it alerts the Anue NTO to direct the affected network traffic to a particular monitoring tool. When the anomaly no longer exists, the data capture or monitoring can be automatically stopped as well.

Businesses and Organizations Rely on Networks

Optimize Your Network Visibility: Anue Net Tool OptimizerTM helps improve network visibility and protect your investments in network monitoring tools.Network traffic and application traffic problems can be difficult and time-consuming to troubleshoot, especially if the problem is intermittent. Unresolved network issues result in unsatisfied users, customers, and management. Businesses rely on networks performing. When they don’t work or even work optimally not only are users frustrated, but operations and sales can be negatively impacted as well.

 

An automated approach to network monitoring can reduce the time it takes to identify and resolve network and application issues.  Intelligent data gathering is critical when troubleshooting network problems. Watching the video was a real eye-opener for the customer because previously they had no idea it could be so easy to attain the right data to solve their network problems. I’m just happy we were able to help.

A Network Monitoring Switch By Any Other Name…

 

…would still work as effectively as it did with another name attributed to it. Strange that’s not quite as poetic as I expected it would be.

Gartner is the world's leading information technology researchRecently Gartner officially acknowledged a new product category they have called, Network Packet Brokers. Basically, this is a fancy name for networking monitoring switches – those intelligent switches that sit between a data center network and the monitoring and security tools. While we currently call our Anue Net Tool Optimizer (NTO) a Network Monitoring Switch, the name is less important than the “coming of age” of this category. Gartner’s Jonah Kowall and Debra Curtis published the vendor landscape for application aware Network Performance Monitoring and Network Packet Brokers. The Anue NTO is covered as an offering in the Network Packet Broker category. Simply put it provides better visibility into your network. This allows administrators to optimize their security, performance and application behavior. We are extremely pleased that Gartner featured our patented Dynamic Filtering in the report, indicating we have “more sophisticated dynamic filtering” than our competitors.

You will want to read this research – it covers the value proposition of our technology.

This report is important to us at Anue, as we’ve had prospects tell us point-blank – call us when Gartner covers your technology. Well, we’ve been on the phone – a lot. In many cases, our biggest sales challenge is not our competitors, but limited understanding of the value proposition and business relevance of our Anue Net Tool Optimizer offering.  It’s a technology most people don’t even know exists, but when they understand its business and technological benefits they wonder where we’ve been all their lives.

Gartner Research Video: Challenges of the Modern Data Center

 

To keep pace with increasing demands on compute power and bandwidth, data centers face a tremendous challenge. Cloud and the explosion of bandwidth-hungry video and mobile apps all contribute to the challenge. In addition, the trend of dispersed computing across personal computers has reversed, and more computing power and storage is being centralized at the data center.

Alex Pepe, Anue Systems's President and CEO

Alex Pepe, Anue's President and CEO

In the video, Mark Fabbi, VP, distinguished analyst at Gartner Research, and Alex Pepe, Anue president and CEO answer key questions. Mark discusses the challenges, and Alex describes the role of the network monitoring switch in achieving data center goals.

Alex responds to Mark’s thoughts on the modern data center and makes observations around the major barrier that make a network monitoring switch essential:

 

These barriers lead to gaps in monitoring since not all tools can be connected when and where they are needed, or tools may be overwhelmed, which leads to lost critical data. Plus, improperly configured tools do not capture needed network traffic.

The Anue Solution

Anue’s network monitoring switch, the Anue Net Tool Optimizer™ (NTO), solves many network monitoring issues. It allows complete connectivity for a wide range of monitoring tools without the limitations of  TAP and SPAN, ports allowing connections to any and all of the needed network monitoring tools.

Additionally, with features like packet filtering technology, packet de-duplication, and packet slicing, the NTO sends only the data that each monitoring tool needs – preserving tool bandwidth and storage space. Now a 1G tool can be connected to a 10G network port without dropping packets and exceeding storage space.

The NTO also has a unique drag-and-drop control panel that makes connecting monitoring tools fast and easy. Network engineers can focus on network monitoring instead of configuring tools.

With effective network monitoring, data centers can enhance traffic flow efficiency for better bandwidth utilization, and they can spot and correct potential network problems before they lead to a failure. Plus better comprehensive network data and metrics is the first step in continually improving network performance. Proper monitoring also enhances security since alerts are quickly created for suspected breaches and network traffic can be diverted to the right tool for monitoring and inspection.

While meeting the modern data center challenges will take a multi-faceted approach, incorporating the NTO into the data center strategy is essential in working smarter to meet these ever increasing demands.

Please check out the video!