Insight and analysis on the data center space from industry thought leaders.

Network Monitoring: Your First Line of Defense

What’s your first line of defense? In the military, it’s the troops on the front line. On the football field, it’s the defensive line. And in the data center, it’s the network monitoring system.

Industry Perspectives

December 8, 2016

3 Min Read
Network Monitoring: Your First Line of Defense

Richard Rauch is President and CEO of APCON.

What’s your first line of defense?  In the military, it’s the troops on the front line.  On the football field, it’s the defensive line.  And in the data center, it’s the network monitoring system.

These days, a business’s most valuable riches – corporate data – need a sound strategy to defend against attack.  That strategy comes in the form of the architecture of the data center itself, with the network monitoring and security solution providing IT managers with complete visibility of potential intrusions to protect data and improve network performance.  The monitoring solution completes the architecture of the data center, and represents the primary consideration when building or updating a network data center.

The network monitoring system creates three primary benefits:

  • Protects big data and secures private information

  • Enhances the performance of monitoring and analysis tools

  • Provides better insight into critical security, network and business issues

A reliable, secure network is designed to monitor, aggregate and filter data within large and complex architectures.  When selecting and building a network monitoring solution, IT managers should consider a flexible and scalable solution that can adapt to existing network architectures and grow as your network grows.  You also need a feature-rich solution that gives you the specific functionality to manage the network effectively.  In terms of managing the flow of data through your network, here’s what to consider:

  • Listen in on all network traffic. TAP and SPAN all nodes within the network to ensure 100% network visibility in real time.  TAPs (test access points) are installed between an analysis device and the network, while SPANs (switch port analyzers) mirror the activity in a port so it can be attached to an analysis device.  It’s important to consider both physical and virtual traffic as you structure your solution, and keep in mind that out-of-band monitoring allows nonintrusive visibility without disturbing the flow of data.

  • Aggregate the data.  Once your monitoring system can see all the data, you need aggregation switches to collect it for analysis.  An intelligent network monitoring solution can deliver the right data to the right tools at the right time.  In addition to aggregation, key features you should consider include filtering, port tagging, and load balancing.  With total network traffic visibility, you’ll increase both network security and performance.

  • Groom and filter.  Filtering data traffic is essential to optimizing the performance of your analysis tools, potentially extending the lifespan and utilization of your network tools and minimizing the expense of adding other tool parts.  For example, the process of deduplication removes duplicate packets, saving as much as 55% of total traffic, and doubling the analysis capacity of your security tools.  Ingress and egress filtering reduces or eliminates packet oversubscription.  Other advanced features such as time stamping, packet slicing and header stripping can prime the data for use by specific monitoring tools.

  • Send data to tools. Finally, let the tools do their work.  To design an effective network, you must first understand what tools you need, based on what needs to be analyzed for the purpose of the business.  Different stakeholders will have different needs, typically identified by department or function.  Essential tool functions will include solutions that monitor overall network performance, analyze specific applications such as VoIP traffic or customer experience monitoring, inline security analysis, and monitoring for forensics.

Scalability and flexibility are key factors in selecting a network monitoring solution and determining the tools you need to manage and secure your network.  Beyond that, advanced features and functionality will help ensure your solution is robust and reliable as you manage greater amounts of data moving at faster speeds.  Your ultimate security is dependent on a strong line of defense and a clear view of all potential intruders.

Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.

 

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like