Measuring the Latency impact Created
by NextGen Security Solutions
As an IT professional, you are well aware of the challenges posed by network latency. Applications like audio and video delivery, bandwidth-sensitive mobile applications, cloud computing, and storage services are extremely sensitive to network latency.
What you may not realize, however, is the amount of latency created by your Next-Generation Intrusion Prevention Systems (NG-IPS) and Next-Generation Firewalls (NG-FW). While they are critical to protecting your network, these security tools and others that perform deep packet inspection can increase latency, significantly impacting your overall application performance.
Recently we worked with a large health care services provider trying to figure out why it was taking so long to send MRI data between locations. This was causing significant frustration for patients, doctors, and medical staff. Having been aware of Aukua’s nanosecond precision capture and analysis tools, they asked for our help. The company suspected one or more of their NG-IPS devices was causing the delays, but they did not have a way to confirm this. Since these security tools do not treat all packets the same, they were unable to detect or measure the application latency issue with artificial traffic such as ICMP. And since some applications were being adversely delayed and others were not, they could not rely on the NG-IPS vendor’s generic latency specs for various packet sizes. In addition, compliance rules prohibited them from introducing new traffic into their live network.
To address this customer’s need, we developed a solution to precisely measure one-way latency between two points for each and every network application packet of interest. This solution uses our MGA2510 Latency Monitoring Analyzer passively connected to two network TAPs, one on each side of the device being evaluated (in this case the customer’s NG-IPS).
This solution is found in the joint solution brief with Garland Technology TAPs. When applying the Aukua Latency Monitoring Analyzer tool to their unique application performance problem, this hospital network was able to confirm their suspicion that the NG-IPS was indeed causing significant delay to their MRI application traffic. They are now recreating this specific scenario in their lab environment in order to test various approaches to mitigate this problem.
In this case, and in others like it, the only way to identify the true root cause of real-world application performance problems is to use a latency analyzer. Traditional indirect methods of using pings (ICMP) or introducing other artificial traffic into the network will not work and give a false representation of network delay.
[Want to learn more about how Garland Technology works with Aukua to identify network latency bottlenecks? Check out our new joint solution or contact the team today!]