As network speed and architecture grows, IT teams are tasked to deliver huge traffic volumes from users and the internet, to offices, remote locations and data centers in a cost-effective way. Speeds are shifting from 1G to 10G, 25G and 100G of Layer 2 Ethernet, Layer 3 IP and Layer 4 traffic and many times need to accommodate existing investments in infrastructure as well as monitoring and security tools, while being scalable for future growth.
Network traffic aggregation allows an organization to consolidate or combine high numbers of network links and speeds down to a manageable amount of ports, simplifying network complexity, increase throughput, and optimizing the performance of your monitoring tools or existing network packet brokers. Combined with filtering and load balancing, aggregation is a critical function used to increase network capacity while adding additional value to your network by:
• Aggregating many TAP or SPAN ports for increased utilization
• Improving the performance of monitoring and security tools
• Reducing the per port cost on expensive NPB investments
• Utilize existing tool investments
• Scalability to add additional traffic, speed and tool growth
The Aggregation Layer
The traditional 3-tiered approach to network visibility was designed to increase the efficiency of monitoring and security tools. Over the years, the tools themselves have grow significantly more complex, which then drove the network packet brokers they are connected to, to become more complex in turn. These additional features such as SSL/TLS decryption, deduplication, and metadata generation have driven up the cost of advanced network packet brokers, resulting in ballooning budgets, or an increase in blind spots within the network if you can’t afford to TAP all of the locations you want.
IT teams realize the inherent limitation of SPAN ports and have shifted towards a new 4-tiered approach to network visibility.
By adding a new Aggregation Layer (4-tier design) between the physical layer TAPs and the Network Packet Brokers (NPBs), IT teams can increase the efficiency and port utilization of NPBs. Consider the fact that many network links are only using 60% utilization, and as you move further away from the core, utilization often drops to <5%. Now consider the per port cost of an NPB. Can you justify that? Aggregators improve ROI by reducing the cost of the overall visibility solution.
Network Aggregators can take those low utilization traffic streams and through aggregation and load balancing, reduce the number of traffic streams and thus the ports needed on the NPB. Aggregators are also capable of pre-filtering on L2-L4, prior to sending it to the NPB for advanced filtering, further increasing the efficiency of the unit.
With the cost savings and improved efficiency, many network architects are shifting to the 4-tiered approach to network visibility.
Aggregation Best Practices
Aggregation solve many issues. Let's explore Aggregation use cases to see why:
Out-of-band monitoring and security tools like intrusion detection and application performance management, require network access. Network packet brokers (NPBs) aggregate and groom packet data from multiple Network TAP or SPAN ports for delivery to these out-of-band solutions.
This white paper reviews how to maximize visibility and optimize NPB ports in your network through aggregation, improving performance and data quality, while reducing the cost of the overall visibility solution.
Building A Visibility Fabric
This white paper provides a step-by-step guide to planning and implementing a network visibility fabric. Comprised of network TAPs, aggregation devices, and network packet brokers.
Additional White papers
TAP into Technology
Leading the way in Network Technology
Duplicate packets are one of those things that happen in a busy network. Although using different network equipment and optimizing your network will..
We all know traffic across the data center is increasing. The migration towards 100G ethernet is well underway, with 28% of data centers undergoing..
Nearly all cyber attacks must cross the network, so extracting security-relevant data from network traffic is essential across a wide range of..