<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

¿Y qué rayos es un Network Packet Broker (NPB)?

August 7, 2018

Photo by Maurício Mascaro from Pexels

Las ventajas de visibilidad de los Network Packet Brokers

English version

  • Los Network Packet Brokers (NPB) es la manera más eficiente para extender la vida útil de sus herramientas de monitoreo y seguridad fundamentalmente de dos formas:
  • Filtrando el tráfico no necesario para el proceso de inspección de ciertas herramientas, por ejemplo, voz, video, música, datos duplicados etc, al remover toda esa data de las herramientas serán hasta un 40% más eficaces.


Y aquí hay algunas otras características y functiones de los Network Packet Brokers:

  • Los NPB pueden hacer balance de carga de tráfico con mayor velocidad de datos en herramientas de menor velocidad de datos para extender la vida de sus herramientas de monitoreo y seguridad a medida que la velocidad de la red central continúa aumentando y las herramientas envejecen con puertos de velocidad menor.
  • Los NPB pueden hacer agregación, recibir tráficos de datos de diferentes segmentos y distribuirlos a un dispositivo o varios a la vez.

 

  • Los NPB pueden evitar el desbordamiento de datos en los puertos de monitoreos o enlace de los sistemas de seguridad y monitoreo, con protección de ráfagas de datos.
  • Pueden realizar filtrado desde capa 1 hasta 7.
  • Enmascarar información sensitiva, privada y personal, tarjetas de créditos, seguro social.
  • Descifrar o desencriptar SSL y distribuir a varios sistemas, NO necesita tener unas licencias en cada herramienta de inspección.
  • No hay pérdida de paquetes en los NPB.
  • Provee 100% visibilidad de la red, que está pasando?, geolocalización, dispositivos (ios, Android, Windows), aplicación, usuario.
  • Si creció de un 1Gb a 10Gb y por ende debe actualizar sus herramientas a esa velocidad, un NPB puede le proporciona la velocidad a cada dispositivo sin necesidad de invertir la actualización en cada una de ellas.
  • Si tiene conexión de fibra óptica y sus dispositivos no, un NPB hace la conversión de fibra a cobre, de cobre a fibra.
  • Un NPB puede quitar cabeceras (headers), como MPLS, etc para herramientas de seguridad y monitoreo que la descartan, de esta manera evitan desbordamiento en sus puertos.
  • Todo en un solo en un solo equipo.
  • Los NPB son agnósticos a equipos o dispositivos, son compatibles con la mayoría de las marcas reconocidas.

Las herramientas de seguridad y monitoreo necesitan datos del tráfico de la red para operar. La visibilidad se define como la capacidad de proporcionar herramientas con acceso a datos desde cualquier parte de la red. Con muchas más herramientas en línea y fuera de banda implementadas para proteger y detectar una gama cada vez mayor de amenazas y ataques, la visibilidad total es la primera clave para mejorar la detección de amenazas de seguridad.

[¿Desea obtener más información sobre el papel que pueden desempeñar los intermediarios de la red para maximizara la visibilidad de su red? Descargue el documento técnico hoy.]



The Visibility Benefits of Network Packet Brokers

Network Packet Brokers (NPBs) are the most efficient way to extend the useful life of your monitoring and security tools in two fundamental ways:

  • NPBs can filter traffic that is not necessary for the inspection process of certain tools, for example, voice, video, music, duplicate data, etc. By removing all that data from the tools will make them up to 40% more efficient.
  • NPBs can load balance traffic with higher data rates for lower data speed tools, which further extends the life of their monitoring and security tools. As the speed of the core network continues to increase, the lifespan of a tool can shorten if it is not compatible with that higher speed.

And here are some other features and functions of network packet brokers and aggregators:

  • NPBs can aggregate data traffic from different segments and distribute them to one or several devices at the same time.
  • NPBs can avoid oversubscription in monitoring ports or link security and monitoring systems with data burst protection.
  • They can perform filtering from layer 1 to 7.
  • Mask sensitive, private and personal information, credit cards, social security.
  • Decrypt SSL and distribute to several systems, which allows you to NOT need to have licenses in each inspection tool.
  • There is no packet loss.
  • Provide 100% visibility of the network. Allows you to access what is happening, geolocation, devices connected (ios, Android, Windows), applications being used, and who the users are.
  • If your network grew from 1Gb to 10Gb, and now you must update your tools to that speed, a NPB can provide the correct speed to each device.
  • If you have fiber optic connection and your devices have a copper connection, a NPB can perform the media conversion of fiber to copper, from copper to fiber.
  • A NPB can remove headers, such as MPLS, etc. for security and monitoring tools that discard it, thus avoiding oversubscription in their ports.
  • NPBs are agnostic to equipment or devices and are compatible with most recognized brands.

Security and monitoring tools need network traffic data to operate. Network visibility can be defined as the ability to provide tools with access to traffic data from any point in the network. With many more inline and out-of-band tools being deployed to protect and detect an increasing range of threats and attacks, full visibility is the first key to improving the detection of security threats.

Network Aggregation maximizes network visibility and optimize network packet broker ports

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES