As network traffic grows exponentially and 100G and higher network speeds proliferate, security and monitoring tools are overwhelmed and continually challenged by the massive amount of traffic to monitor. This unrelenting data explosion forces the security and network operations teams to add incremental monitoring, analytics, and packet storage capacity just to keep up. This is not only excessively expensive, but in many cases futile, as an increasing amount of network traffic being delivered to upstream tools is unwanted and has low analytics value.

Consequently, the days of collecting ‘everything’ and letting the analytics layer ‘sort it out’ are no longer viable. To keep up with critical network traffic intelligence, the security and network operations teams still need to collect everything, but now must intelligently identify and deliver only relevant and monitorable traffic to the upstream tools to streamline analysis and optimize historical storage resources.

Optimizing network traffic not only reduces unwanted packets from reaching the analysis and storage layers. It enables organizations to extend the useable life of existing lower speed 10G and 40G tools and delay the need to upgrade the monitoring infrastructure to support 100G links and the ever-growing network traffic volumes. In addition, for organizations with multi-site monitoring infrastructures, traffic optimization is an essential requirement to reduce the volume of packets to be backhauled to centralized collection points to lower WAN bandwidth requirements and better control transport costs.

The network packet broker (NPB) has become an essential and ubiquitous tool for both network and security operations teams to achieve pervasive visibility into everything flowing across the network. By combining the Garland Technology PacketMAX Network Packet Brokers with the NetQuest Packet Services Broker as an Intelligent Service Node, SecOps and NetOps teams can create an Intelligent Aggregation Layer that more efficiently collects, aggregates, and optimizes network traffic based upon granular user-definable policies for delivery to upstream tools and packet storage platforms.

The Intelligent Aggregation Layer off-loads the burden of prioritizing traffic for analysis and storage at the lower cost traffic collection layer by automating the identification and delivery of only relevant packets for analysis and forensic activities. This enables organizations to improve the value and integrity of monitored network traffic to maximize security and network visibility. This, in turn, extends the deployment life of existing tools, thereby delaying the need to add additional resources and storage capacity.

Together the joint Garland Technology and NetQuest Intelligent Aggregation Layer empowers organizations to break-through the performance barriers, packet processing limitations and the high costs of smart packet broker systems. By combining cost-effective Garland PacketMAX platforms with NetQuest ultra-scale packet processing, the combined solution delivers higher capacity with more optimization services at a lower cost than comparable products from alternative vendors.

In today’s hyperconnected world, virtually all communication traverses the network. Because the network interconnects everything, network traffic contains volumes of real-time intelligence that can be harnessed and mined for many important use cases ranging from network intelligence, security monitoring, threat hunting and forensics to lawful intelligence activities.

The challenge is with the proliferation of higher speed desktop, server and network interconnections the amount of traffic crossing networks has reached unprecedented levels and continues to grow exponentially. One hour of network traffic on a single 100G link can reach 45 terabytes. With the growing adoption of higher network speeds and the need to monitor more links to observe east-west traffic, monitoring and security tools are easily overwhelmed by the massive amounts of traffic to ingest and analyze. In addition to the unrelenting data explosion, the complexity of user and server network transactions and everchanging threat landscape means more granular details must be extracted from network traffic to enable effective intelligence and analysis.

Flow-based metadata extracted from network packets overcomes these challenges to enable the efficient observation of all traffic in motion. Unsampled flow metadata is an abstraction of network traffic based upon full packet analysis of the wire data. It provides a rich, lower footprint, high-value data set with critical insights about who is connecting to the network and what is being accessed and shared without the burden of collecting, processing and storing high volumes of packets.

The joint Garland Technology-NetQuest solution empowers SecOps and NetOps teams to overcome these challenges by enabling efficient and high-scale monitoring to extract intelligence from virtually any network environment covering hundreds to thousands of network links and millions to billions of flows per second.

The Garland Technology PacketMAX Network Packet Broker acquires network traffic from across an organization’s physical network and cloud footprint and aggregates and delivers network packets to the NetQuest Streaming Network Sensor for intelligent metadata creation at the speed of the network. The Streaming Network Sensor generates deep intelligent metadata that extends beyond basic NetFlow traffic statistics with rich insight into all activities traversing the network for clear and encrypted traffic.

Together the joint Garland and NetQuest Traffic Aggregation and Metadata solution is capable of collecting and translating petabytes of raw network packets into compact and highly efficient metadata containing detailed information about network activity to enable a wide range of operational missions for diverse intelligence activities at scale.

By combining the cost-effective PacketMAX platform with ultra-scale metadata creation, SecOps and NetOps teams can achieve higher capacities with richer metadata without compromising fidelity or service trade-offs empowering organizations to break-through the performance barriers, packet processing limitations and the high costs of smart packet broker systems.