“A well-designed network visibility fabric will help enterprises assure network and application performance and reduce security and compliance risk.”
We’ve previously explored the importance of the access layer in a well-designed network visibility fabric. So if you haven’t read that post yet, I’d suggest starting there, as the access layer truly is the foundation of your visibility fabric.
Large Networks May Require a Fabric Aggregation Layer
Building on the foundation of network TAPs at the access layer, a well-designed network visibility fabric may require an aggregation layer if the enterprise needs to monitor either a large number of network segments, or a large, distributed network. Typically comprised of 1G/10G Fiber uplinks, the Aggregation Layer allows end point devices to communicate with each other.
What's Monitored at the Aggregation Layer?
- Subnet Monitoring
- Departmental Monitoring
- Record Monitoring
The actual devices comprising the aggregation layer can be Network Packet Brokers, or less full-featured devices, like Advanced Aggregators, that specialize in pushing packet flows upstream to NPBs. Aggregators are devices designed to increase efficiency and port utilization of NPBs. They collect flows from TAPs and forward them to the core of the fabric. Aggregators are also capable of pre-filtering traffic prior to sending out to NPBs for advanced filtering. They improve ROI by reducing the total cost of a network visibility fabric solution, while increasing the efficiency of existing infrastructure.
Aggregation Layer in a Distributed Network
Distributed networks often have their aggregation layer devices in remote sites. These NPBs and aggregation devices will usually tunnel packet flows back to the core of the fabric, where full-featured NPBs and the analysis tools are located. In fact, EMA research has found that 35% of enterprises have NPBs deployed in remote sites, and another 30% plan to deploy them remotely by the end of 2021. By having an Aggregator pre-filter traffic before it’s sent back to the core, you can reduce the cost and payload of traffic at the core.
Aggregation Layer in a Dense Network
Very dense fabrics that are monitoring many segments of the network, will need an aggregation layer to collect traffic, perform some deduplication and other data processing, and forward the traffic to the core of the fabric. Without the aggregation device, the number of ports required on the full-featured NPB will be very high.
When your team is designing a network visibility fabric, it’s important to look at all the areas of the network where complete visibility is required to meet your business initiatives. The number of links that you want to monitor will directly affect the architectural approach you take. Taking into consideration the budget your team has to spend, you’ll quickly see the advantages of adding an aggregation layer to your design.
[If you’re interested in learning more about the principles behind a well-designed network visibility fabric, download Garland’s latest whitepaper from the analysts at EMA: Best Practices for Building a Network Visibility Fabric.]