<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

Unleash the Power of Packet Slicing and Time Stamping in your Network

August 29, 2019

In today’s environments with significant investment in security and monitoring tools, Garland Technology recognizes the need for a cost-effective solution that provides the flexibility and performance that networks today require. We have chosen to take the approach to deconstruct our packet broker solutions. Through the use of separate and dedicated hardware appliances to perform specific tasks, there is no degradation of overall performance while performing CPU intensive tasks or additional license fees. This ensures that our customers have solutions that are flexible and scalable for future on-demand growth, while ensuring excellent ROI today.

To build on our current PacketMAX packet broker solutions, consisting of our Advanced Aggregators, and Advanced Features Dedup, Garland is excited to announce the launch of our new PacketMAX™: Advanced Features appliance, that adds time stamping and packet slicing capabilities to your network. 

Designed as a standalone platform to extend the feature set of any product, the PacketMAX: Advanced Features appliance is a scalable packet processing system, suitable for 1G/10G/40G/100G networks.

Packet Slicing diagram

Diagram 1: The 1G PacketMAX: Advanced Features tool can be used with tapping infrastructure to add additional feature sets, like packet slicing and time stamping, without a full featured packet broker infrastructure.

>> Download Now: Aggregation - Adding Value Back Into Your Network and Maximise ROI [Free whitepaper]

 

Features Designed for Better Network Performance

Time stamping packets is essential to understanding what is going on in the network at the packet level by allowing the proper measurement of network latency and network performance. This is critical for packet capture and forensic analysis, providing the ability to analyze and mitigate the effects of cyberattacks.

Packet slicing removes the payload of the packet, while preserving the portion of the packet that is required for network monitoring and security analysis. The processing payload to security or monitoring tools is reduced, extending the life of existing security and monitoring tools by improving tool or packet broker performance. Packet slicing can also be used to ensure compliance with privacy requirements by eliminating sensitive data from packets. 

In addition to NTP time stamping and packet slicing, this advanced features appliance is designed to support traffic aggregation, GRE termination, ERSPAN Termination, hash-based round-robin load balancing, sFlow support, and passes physical layer errors, among other features.

packet slicing

Diagram 2: The 40G PacketMAX: Advanced Features tool can be used with higher speed tapping and packet broker infrastructure to add additional feature sets, like packet slicing and time stamping, without putting additional processing overhead on the NPBs or tools.

Garland Technology’s best-in-class Network TAP and purpose-built Packet Broker solutions provide an innovative, industry leading 360° view for modern visibility fabrics. Our unique adaptability makes it easy for you to help save your customers' budget by deploying what they need, when they need it, and by adding value to existing infrastructure.

Looking to add aggregation to your next deployment, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do!

Network Aggregation maximizes network visibility and optimize network packet broker ports

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES