COMMAND YOUR DATA CENTER



Similar documents
HIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES

Ixia Phantom vtap. Overview. Virtual Taps Phantom Monitoring Solution DATA SHEET

Enhancing Cisco Networks with Gigamon // White Paper

Efficient Network Monitoring Access

How To Manage A Network With Ccomtechnique

Visibility in the Modern Data Center // Solution Overview

Network Access Control in Virtual Environments. Technical Note

Cisco Data Center Network Manager Release 5.1 (LAN)

VSS - Game Changing Technology

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

Network Packet Monitoring Optimizations in Data Centre

Secure Cloud-Ready Data Centers Juniper Networks

Network Management and Monitoring Software

Fail-Safe IPS Integration with Bypass Technology

In-Band Security Solution // Solutions Overview

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Top 10 Reasons Enterprises are Moving Security to the Cloud

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Whitepaper Unified Visibility Fabric A New Approach to Visibility

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Securing Virtual Applications and Servers

ALCATEL-LUCENT VITALSUITE Application & Network Performance Management Software

Application Performance Management

Riverbed SteelCentral. Product Family Brochure

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

THE CONVERGENCE OF NETWORK PERFORMANCE MONITORING AND APPLICATION PERFORMANCE MANAGEMENT

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

SolarWinds Network Performance Monitor

Software Defined Networking (SDN)

Virtual Networking Features of the VMware vnetwork Distributed Switch and Cisco Nexus 1000V Series Switches

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Visibility into the Cloud and Virtualized Data Center // White Paper

Policy Management: The Avenda Approach To An Essential Network Service

Riverbed SteelCentral. Product Family Brochure

Observer Probe Family

Application Visibility and Monitoring >

Huawei esight Brief Product Brochure

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Observer Analysis Advantages

5 Best Practices to Protect Your Virtual Environment

SolarWinds Network Performance Monitor

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Network Performance + Security Monitoring

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

HP E-PCM Plus Network Management Software Series

Vistara Lifecycle Management

Requirements When Considering a Next- Generation Firewall

Intelligent Infrastructure Solutions. imvision. Infrastructure Management. Made Easy.

Vulnerability Management

Cisco Advanced Services for Network Security

How To Create An Intelligent Infrastructure Solution

Data Center Networking Managing a Virtualized Environment

The first agentless Security, Virtual Firewall, Anti- Malware and Compliance Solution built for Windows Server 2012 Hyper-V

Extreme Networks Solutions for Microsoft Skype for Business Deployments SOLUTION BRIEF

Network Performance Management Solutions Architecture

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Support the Era of the App with End-to-End Network and Application Performance Visibility

How To Protect Your Cloud From Attack

Virtualization Impact on Compliance and Audit

Lecture 02b Cloud Computing II

Software Defined Network (SDN)

Vyatta Network OS for Network Virtualization

Data Center Manager (DCM)

CA Spectrum r Overview. agility made possible

High speed Ethernet WAN: Is encryption compromising your network?

The Cisco ASA 5500 as a Superior Firewall Solution

CA Virtual Assurance/ Systems Performance for IM r12 DACHSUG 2011

A Look at the New Converged Data Center

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Safeguarding the cloud with IBM Dynamic Cloud Security

IBM Security IBM Corporation IBM Corporation

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

CA Virtual Assurance for Infrastructure Managers

whitepaper Network Traffic Analysis Using Cisco NetFlow Taking the Guesswork Out of Network Performance Management

SDN and NFV in the WAN

Cisco Prime Network Analysis Module Software 5.1 for WAAS VB

Securing the private cloud

SolarWinds Network Performance Monitor powerful network fault & availabilty management

QRadar Security Intelligence Platform Appliances

Data Center Networking Designing Today s Data Center

Application Delivery Networks: The New Imperative for IT Visibility, Acceleration and Security > White Paper

Devising a Server Protection Strategy with Trend Micro

Simplifying Data Center Network Architecture: Collapsing the Tiers

How To Sell Security Products To A Network Security Company

VMware vcloud Networking and Security Overview

White Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase

HP Virtualization Performance Viewer

Mitigating Information Security Risks of Virtualization Technologies

Pervasive Security Enabled by Next Generation Monitoring Fabric

STEELCENTRAL APPRESPONSE

Simplifying. Single view, single tool virtual machine mobility management in an application fluent data center network

Net Optics xbalancer and McAfee Network Security Platform Integration

Transcription:

Best Practices Guide I Data Center COMMAND YOUR DATA CENTER How to Thrive In the Changing Landscape The demands to virtualize, scale, and implement new applications while conducting security, forensics, compliance and performance monitoring activities are adding to the list of hurdles facing IT teams. These network visibility best practices provide insights into the solutions needed to manage and optimize network monitoring to solve many of these challenges.

CHALLENGES DRIVING THE NEED FOR NETWORK MONITORING* NETWORK VISIBILITY PRESSURES As the network becomes critical to the success of an organization, network security and performance groups are challenged to gain greater insight into that network. Network administrators must enable access to network traffic for the monitoring tools used by these teams. IT trends such as increased reliance on SaaS applications, BYOD and the transition to 10/40/100G are also increasing complexity and vendor diversity within the data center. Meeting these challenges calls for an increasingly broad set of monitoring tools, which frequently require visibility into specific network segments or types of traffic. For these tools, 100% visibility of network traffic is vital to effectively securing and monitoring the network. *Source: Net Optics survey of 1,235 IT professionals conducted at RSA 2013 Conference 31% 9% Monitor and manage application performance throughout the network Meet regulatory compliance requirements 16% 9% Improve network bandwidth utilization Improve the accuracy of network design 11% 8% Improve cyber-threat identification and response Enhance existing and future network topologies 10% 6% Optimize performance of network hardware Evaluate ability of network to accommodate additional applications and traffic

OLUTION FAIL-SAFE ACCESS AND 100% VISIBILITY Net Optics access products, including Network Taps and Bypass Switches, provide passive and fail-safe access for tools deployed in either inline (IPS) or outof-band (IDS) configurations. Utilizing Network Taps, Aggregation and Taps, Bypass Switches, and Virtualization Taps, network admins are able to evolve beyond zero or limited SPAN visibility. 100% network visibility allows teams to analyze the specific traffic of interest they require in order to monitor and secure the network. PHASE I: NO VISIBILITY Network management teams initially lack visibility into the network and the insight needed for effective security and performance monitoring. PHASE II: SPAN / PORT MIRRORING VISIBILITY Using SPAN or Port Mirroring provides limited visibility into the network but is susceptible to oversubscription and mis-configuration. PHASE III: 100% VISIBILITY Net Optics Access products provide a Visibility Layer to the network to achieve 100% visibility. Security Team Performance Team Security Team Performance Team Security Team Performance Team Network Layer?????? Instrumentation and Tool Layer Security Performance? x????? SPAN Instrumentation and Tool Layer Security Visibility Layer BYPASS SWITCHES AND NETWORK TAPS Inline Fail-Safe Network Access Performance Access, Aggregation and Learn more about Network Taps, visit the Network Tap web page. Network Layer Network Layer

OPTIMIZATION OF NETWORK SECURITY AND PERFORMANCE MONITORING TOOLS When network monitoring solutions are deployed as isolated point solutions or configured to receive non-optimized traffic, they are susceptible to degradation in their efficiency and effectiveness. Increasing network speeds and application diversity also creates new hurdles. Network administrators are faced with the challenge of ensuring that their network monitoring infrastructure is manageable, comprehensive and optimized to perform under these diverse loads without affecting network performance. CHALLENGE TOP 3 STRATEGIC GOALS FOR NETWORK MANAGERS* UPGRADE IT INFRASTRUCTURE 34.8% IMPROVE USER EXPERIENCE 34.6% ENABLE ROLL-OUT OF NEW TECHNOLOGIES 34.4% DATA CENTER INTERFACE SPEEDS HAVE SOARED SINCE 2000, WITH NO END IN SIGHT 2000 2009 2015 2019 2022 S *Source: Net Optics survey of 822 IT professionals conducted at CiscoLive 2013 Conference 100M 1G 10G 40G 100G 10G, 40G AND 100G NETWORK EQUIPMENT SHIPMENTS GREW 62% IN 2012

OLUTION CENTRALIZED CONTROL AND OPTIMIZATION Net Optics Total Visibility Solutions provide a layer of control as to which tool receives specific traffic. Capabilities such as flow-mapping, deduplication, aggregation, filtering and loadbalancing optimize network traffic before it reaches a monitoring tool. The benefits of adding this Visibility Layer to your deployment include: manageability, reduced overhead, increased utilization and better performance from your entire set of network monitoring tools. High Availability (HA) configurations are also possible for your monitoring deployment, a major benefit for networks under pressure to deliver always-on performance. Network, Security & Performance Management Teams Instrumentation and Tool Layer Security Compliance Application Optimized Network Traffic NETWORK PACKET BROKERS (NPB) Performance Learn more about Network Packet Brokers, visit the NPB solutions web page. Aggregation and Packet Filtering Load Balancing BYPASS SWITCHES AND NETWORK TAPS BYPASS SWITCHES AND NETWORK TAPS BYPASS SWITCHES AND NETWORK TAPS Inline Fail-Safe Network Access Access, Aggregation and Inline Fail-Safe Network Access Access, Aggregation and Inline Fail-Safe Network Access Access, Aggregation and Network Layer (Location 1) Network Layer (Location 2) Network Layer (Location 3)

CHALLENGE S SYSTEM/VM ADMINISTRATOR S MOST IMPORTANT SECURITY CHALLENGES* MONITORING INTER- VM TRAFFIC WITH EXISTING SECURITY AND PERFORMANCE TOOLS Data Centers are on the path to either converged or full virtualization. However, many monitoring tools designed for traffic flowing over the physical network don t have the ability to inspect traffic between two Virtual Machines. Not only does this situation leave security administrators blind to possible malicious activity within this growing segment of the network, but achieving an integrated approach to total network visibility becomes next to impossible. Achieving visibility into your virtualized traffic that is comparable to that of your physical network requires extensive redeployment or the purchase and implementation of an entire new set of virtualization-specific tools. 1 Preventing sensitive data from creeping into less secure virtual environments Maintaining compliance with regulatory and audit requirements 2 *Source: Net Optics survey of IT professionals conducted at VMworld2013 Conference 3 Integrating virtualization security with current physical security tools and practices

OLUTION Network, Security & Performance Management Teams VIRTUALIZATION TAP FOR TOTAL VISIBILITY AND HYPERVISOR SUPPORT Net Optics Phantom Virtualization Tap bridges the physical and virtual, so that you can monitor the virtualized network with your existing set of tools. Phantom is capable of capturing and then sending inter-vm traffic of interest to the tools that are already monitoring your physical network. The landmark Phantom Virtualization Tap supports all best-of-breed hypervisors. It works not only in ESX environments ( VMsafe Certified ) and with internal VMware vswitches, but also with the Cisco Systems Nexus 1000V virtual switch; MS Hyper-V 2012, Xen, Oracle VM and KVM hypervisors. Simple to deploy and engineered for the virtual environment, the Phantom Tap extends the visibility of your monitoring tools into the blind spots created by virtualization. Instrumentation and Tool Layer Security Aggregation and Compliance BYPASS SWITCHES AND NETWORK TAPS Inline Fail-Safe Network Access Application Optimized Network Traffic NETWORK PACKET BROKERS (NPB) Access, Aggregation and Packet Filtering Performance Load Balancing Virtualization Tap VIRTUALIZATION TAP Source Packet Filtering Encapsulated Tunneling Learn more about Phantom Virtualization Tap, visit the Phantom product web page. Network Layer Virtualization Layer

CHALLENGE AVERAGE TIME SPENT PER WEEK BY NETWORK ADMINS TROUBLESHOOTING NETWORK ISSUES* MANAGING NETWORK PERFORMANCE Today s network administrators face the challenge of meeting increasingly stringent SLAs that call for increased reliability and uptime. To quickly identify existing or potential issues that might affect uptime, the network team requires monitoring tools that provide a comprehensive view of data center performance including every packet traversing a host and all inter-vm traffic. to ensure peak network performance is key to consistent application delivery and a quality end-user experience. *Source: Net Optics survey of 312 IT professionals conducted at Interop Las Vegas 2013 Conference 56% OF RESPONDENTS FEEL LIMITED BY THE QUALITY OF INFORMATION PROVIDED BY EXISTING MONITORING TOOLS 19% OF TIME IS SPENT MONITORING BANDWIDTH CONSUMPTION >20 HOURS 19% OF TIME IS SPENT MEASURING LATENCY AND DELAY 24% OF TIME IS SPENT DETERMINING ROOT CAUSES

SOLUTION NET OPTICS SPYKE BRINGS INSIGHT AND PERFORMANCE MANAGEMENT TO YOUR NETWORK Quick and easy to install and configure, this sophisticated yet simple solution offers your data center the ability to discover, diagnose and resolve problems before they can damage your core business. With practically no learning curve, the Spyke Application-Aware Network Performance (AA-NPM) solution reduces operations costs even as it cuts time spent on problem identification and resolution. Spyke uses DPI technology and root cause analysis to let users drill down instantly from high-level metrics to granular detail of every application and function, plus track bandwidth usage. You can identify actual user names and individual VoIP calls, and gain deep transparency into email traffic all at a glance. This vital information can lower your MTTR substantially. Spyke does it all through a single pane of glass interface for ultimate convenience and control. Learn more about Spyke, visit the Spyke product web page. 3 KEY STEPS TO NETWORK TROUBLESHOOTING AND RESOLUTION 1 2 3 PROBLEM DETECTION Is there a problem in your network? Net Optics Spyke provides network managers insight into the current status of their network to know whether a problem exists. PROBLEM ISOLATION AND DIAGNOSIS Spyke s ability to drill down into protocol, device, server or client data allows network managers to quickly identify the location, scope and nature of a network issue. PROBLEM RESOLUTION Gaining awareness of any network issues, their nature and causes helps network managers rapidly respond and resolve those issues. Network Layer Network Performance Management Teams APPLICATION AWARE NETWORK PERFORMANCE MONITORING! Problem Identification Visibility Layer Bandwidth VoIP Quality

CHALLENGE WHAT SECURITY PRACTICES ARE YOU IMPLEMENTING?* 70.9% Firewalls 48.0% Data encryption 34.4% Endpoint protection (antivirus, anti-spyware) COMPLEX NETWORK SECURITY DEPLOYMENTS ACROSS MULTIPLE LOCATIONS As they add virtualized infrastructures, organizations must also build in management layers to protect the data traversing those networks. For many, the effort to unify and centralize the management of monitored traffic becomes a nightmare. 32.3% Email security/spam filtering 31.3% Gateway antivirus/anti-malware 30.6% Intrusion prevention/intrusion detection 24.2% Web application firewalls 24.0% Vulnerability assessment/penetration testing 21.2% Wireless security 21.1% Log analysis/security event management/security information management *Source: Net Optics survey of 1,216 IT professionals conducted at RSA 2013 Conference 19.7% Data loss prevention 19.1% Identity management 18.2% VPN 12.2% Strong passwords 11.9% Patch management 7.6% End user awareness programs 4.8% Network access control 4.5% Secure development processes/source code auditing 4.3% Portable-device security

SOLUTION UNIFIED VISIBILITY MANAGEMENT Net Optics Indigo Pro is a unified management platform that enables centralized monitoring and configuration of few or many Net Optics devices, including network controller switches, Network Packet Brokers (NPBs), physical and virtual network taps and third party devices. From a single management console, Indigo Pro provides device configuration and element management, event and fault management, bulk upgrades of device software, an integrated device view, and rich graphical visualization of network statistics. Using Indigo Pro together with Net Optics taps, controller switches and NPBs simplifies administration complexity associated with configuring and upgrading each device separately. This capability helps organizations attain a higher ROI gained from overall time and cost savings. Automatic Discovery Indigo Pro automatically identifies supported Net Optics and third-party devices throughout the network and quickly adapts to any device added, removed or taken offline. A dynamic topology map displays the devices and provides detailed device status and configuration information. This allows for easy deployment and immediate access to managed devices. Device Configuration Management Indigo Pro provides many configuration options, including filter settings, port management, user authentication, software updates, event management and graphical display of network activity. These enable complete visibility and control over the data flowing in and out of supported Net Optics devices and optimize administration and maintenance. Instrumentation and Tool Layer Security Aggregation and Network, Security & Performance Management Teams Compliance Application Optimized Network Traffic NETWORK PACKET BROKERS (NPB) Packet Filtering BYPASS SWITCHES AND NETWORK TAPS Inline Fail-Safe Network Access Access, Aggregation and Performance Load Balancing Virtualization Tap VISIBILITY MANAGEMENT SYSTEM (VMS) VIRTUALIZATION TAP Source Packet Filtering Encapsulated Tunneling Learn more about Indigo Pro, visit the Indigo Pro product web page. Network Layer Virtualization Layer

CHALLENGE RAPIDLY EVOLVING NETWORK THREATS Network security demands Defense in Depth, an approach that keeps the network ahead of proliferating threats. Defense in Depth calls for multiple security systems working together and delivering instantaneous feedback for conducting forensics. Defense in Depth strategies combine, cascade and join multiple security solutions to work in concert transparently. Each component of this solution addresses specific risk factors and attack vectors. The next evolutionary step in Defense in Depth strategy will address the need for various security layers to respond dynamically to a detected threat. They can then reorganize or re-deploy in the ideal configuration for eliminating or minimizing that threat. Agility Centralized Controller (SDN) Management Policies and Rules Industry Standards Network Packet Broker Network Visibility Threat Mitigation

SOLUTION AGILE SECURITY RESPONSE Security-Centric SDN: A Scalable, Cost-Effective Security Architecture Net Optics Security-Centric SDN enables the scaling of existing security and other monitoring tools without a costly overhaul. An organization can now achieve total network visibility and protection across the entire breadth and depth of physical, virtual, and private cloud environments. This new approach separates network elements from security and monitoring devices; it also enables automation and provisioning of monitoring applications and tools based on real-time traffic behavior. Security-Centric SDN provides end-to-end network monitoring and improves security, along with simplifying operation. Security-Centric SDN marries an SDN controller with NPBs and a customer s chosen security tools. NPBs, with their ability to chain solutions, integrate multiple systems, and distribute traffic, provide the ideal means for provisioning a dynamic response. Such chaining of security solutions supports and enables Defense in Depth. It embodies dynamic attack monitoring; the use of NPBs for traffic distribution; and use of the network controller for assessing the network, provisioning SDN, and reacting to network activity. Security BYPASS SWITCHES AND NETWORK TAPS Inline Fail-Safe Network Access Access, Aggregation and SDN CONTROLLER Centralized Management NETWORK PACKET BROKER Automated Provisioning Defense in Depth High Availability Virtualization Tap Security Enforcement VIRTUALIZATION TAP Source Packet Filtering Encapsulated Tunneling Learn more about Security-Centric SDN, download the ebook Security-Centric SDN - A New Approach to Implement Network Security That Works. Network Layer Virtualization Layer

TOTAL THE NET OPTICS VISIBILITY ARCHITECTURE FOR ENTERPRISE NETWORKS NETWORK INFRASTRUCTURE Private Cloud Data Center Virtual Network SERVICE ASSURANCE AGGREGATION AND REGENERATION INTER-VM MONITORING TOTAL APPLICATION AND NETWORK VISIBILITY APPLICATION AWARE NETWORK PERFORMANCE MONITORING (AA-NPM) FAIL-SAFE NETWORK ACCESS TROUBLESHOOTING NETWORK PACKET BROKERS (NPB) LOAD BALANCE VIRTUAL AND CLOUD HYPERVISOR AND vswitch AGNOSTIC NETWORK TAPS AND BYPASS APPLICATION CONTROL FILTERING FILTERING AND TUNNELING AGGREGATION AND REGENERATION ORGANIZATIONAL GROUPS IT and Network Operations Performance Security IT / Server Administration Audit and Privacy VISIBILITY ARCHITECTURE Net Optics delivers scalable, end-to-end visibility solutions to achieve peak performance and optimization of your physical, virtual, private cloud, and branch office monitoring deployments. Total application and monitoring visibility lets you overcome threats, prevent data loss and deny unauthorized use. Net Optics plug-andplay AA-NPM, NPB, Virtual/Cloud and Visibility Management System solutions deliver quick results and time-to-value with a convenient, easy-to-use interface. As your user base and data volumes grow, our compact and scalable solutions keep your network monitoring deployments cost-efficient and productive. Learn more about Net Optics Visibility Architecture, watch the video. Remote Branches VISIBILITY MANAGEMENT SYSTEM (VMS) Forensics The Net Optics network visibility architecture enables you to streamline and manage network and performance monitoring.

LSOLUTION TOTAL APPLICATION AND NETWORK VISIBILITY DISCOVER HOW DATA CENTERS ARE USING NET OPTICS SOLUTIONS TO RAISE PERFORMANCE AND PRODUCTIVITY WHILE LOWERING COST www.netoptics.com Net Optics is the leading provider of Total Application and Network Visibility solutions that deliver real-time IT visibility, monitoring and control. As a result, businesses achieve peak performance in network analytics and security. More than 8,000 enterprises, service providers and government organizations including 85 percent of the Fortune 100 trust Net Optics comprehensive smart access hardware and software solutions to plan, scale and future-proof their networks through an easy-to-use interface. 5303 Betsy Ross Drive Santa Clara, CA 95054, USA Tel: +1 (408) 737-7777 www.netoptics.com

Net Optics is a registered trademark of Net Optics, Inc. Copyright 1996-2014 Net Optics, Inc. All rights reserved. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information