Skip to content

All Blogs | Network Technology: Best Practices | Cubro News | Cubro Product Update | Cubro Technology Trends | Cubro Use Case

What have Network Packet Brokers ever done for us?

Apart from removing network blind-spots, improving network performance, network security posture, network analytics and business continuity, reducing network infrastructure and network tool costs and TCO, increasing network tools’ life span and ROI, providing media and speed mitigation to extend network tools’ life span and improve operational flexibility, while not affecting the original network traffic ?
 

By Paul Brett
Network Packet Broker Function

In my previous blogs, I described the importance of deploying a network visibility solution to help organizations meet their business and IT objectives by improving network performance, security posture, network planning, business continuity, and the ROI of network infrastructure and network tools. The intelligence and advanced capabilities of a network visibility solution is provided by Network Packet Brokers (NPB). The NPB is able to remove network traffic blind spots, optimize network traffic, filter network traffic, load balance, and support high speed connections (currently) up to 400Gbps. These capabilities increase the effectiveness of network monitoring, security and analytics tools, reduce their loading, increase their availability and efficiency, and mitigate disparate network and tool speed and media connections.


A Network Packet Broker is a physical or virtual switch-like device, but unlike a network switch a Network Packet Broker does not alter the network traffic passing through it in any way unless configured to do so. A Network Packet Broker can accept network traffic on one or more interfaces and output the optimized traffic to one or more interfaces – in other words, ‘any to any’, ‘many to any’, and ‘any to many’ port mapping.


In order to deliver the operational benefits described in the opening paragraph above, they provide advanced capabilities including traffic replication, aggregation, line rate traffic filtering and inner IP filtering, SIP/RTP filtering and correlation, traffic correlation, packet slicing, packet deduplication, protocol stripping, time stamping, tunnel generation and termination, metadata generation and export, traffic steering, load balancing and session aware load balancing. These advanced capabilities maximize the effectiveness and efficiency of network tools by delivering to them only the traffic they need to monitor, only when they need to receive the traffic, and in the format, they need to receive the traffic in.

Network Packet Brokers support a wide range of use cases and can be connected in-line to copper and/or fibre network links, and/or out-of-band via network TAPs or SPAN/Mirror ports, depending on the use case. When connected in-line a Network Packet Broker can, for example, improve business continuity by monitoring the status of other connected in-line tools, such as IPS, IDS or Firewalls, and in the case of a maintenance outage or failure, dynamically steer traffic to a hot spare.


When connected out-of-band, a Network Packet Broker can improve the operational effectiveness of network tools while extending their life span by aggregating and optimizing network traffic before sending the traffic to the relevant tool. It can also increase operational efficiency and business continuity by load balancing traffic across multiple tools, and can improve operational flexibility and responsiveness by mitigating incompatible speed and media connections between networks and tools.
 
So, apart from removing network blind-spots, reducing costs, improving network monitoring and network security posture, improving network tools’ effectiveness and efficiency, improving operational flexibility and resilience, improving network diagnostics and troubleshooting, reducing network disruption and network tool sprawl, and supporting high performance networks – what have Network Packet Brokers ever done for us!!!