Network Visibility or Network Bottleneck?
Updated: Dec 10, 2019
The role of the network visibility layer is to solve the ‘blind spot’ and network congestion challenges that have a negative impact on cyber security and network performance management tools. It is achieved by deploying network TAPs across the network and network packet brokers (NPB) that aggregate, filter and redirect traffic from the network to the various tools. But what happens if the cure is more painful that the bite? How can you ensure that the network visibility layer does not create a bottleneck, which may increase ‘blind spots’, network congestion and have a negative impact on the tools access to critical network traffic?
CGS Tower Networks is the only network visibility vendor that has a ‘non-blocking’ approach that ensures network bottlenecks will never occur.
Here are several examples that indicate how CGS avoids the typical network bottlenecks that challenge proprietary packet broker platforms:
1) Performance – Packet broker must operate in line rate or they will drop packets that will never reach the tools. CGS deploys the packet broker on the most advanced switching and processing technologies that are the core building blocks of modern networks.
2) Modularity - Aggregation, filtering, and Load Balancing require switching ASICs capabilities, and are deployed on modern switching platforms. Advanced features such as De-duplication, Header stripping, Packet slicing, Masking, and De-Fragmentation require powerful CPU infrastructure, and are therefore deployed on powerful and scalable server platforms.
The Modular approach provides multiple benefits:
The option to enhance legacy install base with advance features
Best of breed hardware platforms aligned with switching and CPU requirements
Scalability to support any performance requirements
3) Scalability – Packet brokers must meet the ever-growing network capacities and new interfaces. The “scale-in” option of the multi-purpose ports, supporting 10G/25G/40G and 100G and the “scale-out” option of the distributed packet broker architecture, provides CGS customers with unparalleled scalability.
4) SSL/TLS Decryption – Some packet broker vendors are attempting to offer SSL/TLS visibility, however, with limited capacity, protocols and number of handshakes that create a bottleneck. CGS has taken the “Best of Breed” approach by partnering with industry leaders such as F5, A10 and Symantec to provide the decryption functionality without compromising on performance.
5) Port locking and complex licensing model – When you purchase a CGS packet broker you will not face a situation where you lose precious time and network traffic because some of the ports are locked.
6) Roadmap – CGS managed to achieve record time in rolling out new platforms by leveraging the Cisco Tail-f framework. This ensures that CGS will continue to offer the most modern platforms as soon as they become available, allowing its customers to avoid network visibility bottlenecks.
To sum up: CGS is the only network visibility vendor that offers a scalable architecture with superior performance that eliminates the risk of network bottlenecks.