For a long time, it was difficult to elevate the network visibility conversation above port mirroring with SPAN. However, now that network architectures are becoming so complex, the limitations of SPAN are becoming clear.
Understanding the difference between SPAN ports and network taps is important. But if you want to achieve pervasive network visibility, there’s another distinction that must be made—between network taps and network packet brokers (NPBs).
While the line between network taps and NPBs often seems blurry, the two serve very different purposes.
The Difference Between Network Taps and Network Packet Brokers
Network taps form the foundation of a pervasive network visibility strategy alongside bypass switches. These access points make it easier to control your network even as security, performance management, and monitoring complicate the architecture.
In the early days of network taps, scale wasn’t the main consideration. Individual devices were deployed to take advantage of functionality like link aggregation/regeneration, traffic filtering, and inline data bypass.
However, simply tapping your network traffic isn’t enough anymore. You need an efficient way to transfer all those traffic flows to appropriate tools.
That’s where NPBs come into play. While the goal of pervasive network visibility is to see 100% of your traffic, NPBs split that pool of data up and sends streams to the right monitoring and security appliances across your network.
There are times when network tap functionality is built into network packet brokers. But you can’t assume that NPBs and network taps always fulfill the same role. In complex network architectures, you’ll need network taps and network packet brokers working together to achieve pervasive visibility.
Once you decide it’s time to supplement network taps with NPBs, you have to determine which network packet brokers are best-suited for your networking needs.
3 Main Types of Network Packet Brokers
On a high level, all NPBs will serve as active devices that send raw data packets to specific network service/monitoring/security devices. When it comes time to invest in these tools, you have to choose amongst the following 3 categories:
- Fixed Network Packet Brokers: Small form-factor devices fit into well-defined network topologies to aggregate external passive taps, SPAN ports, and security/monitoring appliances.
- Modular Network Packet Brokers: Single, multi-purpose platform to cover all visibility adaption scenarios across your network. Whether it’s bypass, passive, or broker capabilities you need, the modular design delivers flexibility to tailor visibility to your specific needs.
- Hybrid Packet Broker/Bypass: A combined, all-in-one device that delivers the features and benefits of both bypass switches and packet brokers. Diverse ports enable extensive packet filtering, distribution, aggregation, and mirroring functionality for any network segment.
Choosing the Best Network Packet Broker for Your Needs
The basic definition of a network packet broker carries across manufacturers. However, individual devices will differ when it comes to specific functionality.
It may seem difficult to sift through the vendor noise to choose the right network packet broker. But this simple checklist of requires and “nice-to-have” features can give you a better idea of what to look for:
- High availability and business continuity robustness
- Deep packet inspection capabilities
- Selective or full-data traffic aggregation, regeneration, and load balancing
- Filtering and data packet deduplication
- Centralized admin interface
- Optimized buffering and other performance features
- Support for inline monitoring devices
- Support for passive inspection and analysis tools
Network packet broker decisions aren’t made in a vacuum, though. You have to think about these devices in the context of your entire pervasive network visibility strategy.
This is an article provided by our partners network. It might not necessarily reflect the views or opinions of our editorial team and management.
Founder Dinis Guarda
IntelligentHQ Your New Business Network.
IntelligentHQ is a Business network and an expert source for finance, capital markets and intelligence for thousands of global business professionals, startups, and companies.
We exist at the point of intersection between technology, social media, finance and innovation.
IntelligentHQ leverages innovation and scale of social digital technology, analytics, news, and distribution to create an unparalleled, full digital medium and social business networks spectrum.
IntelligentHQ is working hard, to become a trusted, and indispensable source of business news and analytics, within financial services and its associated supply chains and ecosystems