Overcoming Packet Broker Limitations
Updated: Dec 10, 2019
Cyber Security applications are often overutilized with irrelevant traffic to the point where they cannot get the job done, placing the enterprise at risk. Here are three examples for such scenarios: The first example is in the case of duplicated packets that are collected from TAPs and SPAN ports that do not add any value to the analysis and yet overload the cyber security application. A second example are application specific security or monitoring solutions such as WAF that analyzes HTTP traffic and needs to filter out non-HTTP traffic. A third example could be a nation level cyber security solution that needs to identify a black list of 10,000 URLs or 1,000,000 IP addresses.
The solution for these challenges are packet brokers that eliminate duplicated packets, filter traffic according to IP and MAC addresses and track URLs with regular expressions.
However, there are two challenges with most of the packet broker solutions:
Performance limitations of the packet broker hardware that lags behind the network infrastructure
The high price of packet brokers appliances for complex and demanding 40G and 100G deployments
CGS Tower Networks resolves these challenges by introducing a packet broker software deployed on modern, powerful, scalable and affordable server platforms.