How to choose a Network Packet Broker

Do you need a Network Packet Broker?

Before you can decide whether you need one or not, let's remember what a NPB is…

A NPB is a device that forwards network traffic from switches and routers to various network security, performance management and other monitoring tools. The packet broker is able to manipulate the traffic going through by applying filtering rules, replicating  traffic streams to multiple tools, or aggregating traffic from multiple input ports (or sources) to a single output port (or destination). Using a NPB helps you optimize your use of network security, performance management and other monitoring tools.  In doing so you are increasing network efficiency, increasing network security while reducing costs.

General considerations when selecting an NPB

All Network Packet Brokers are not created equal. So before you select the right NPB for your network, make sure you give some thought to these important considerations:

Is your network ‘fixed’?

Understanding your visibility deployments needs will drastically influence your choice of networking hardware.  You should select a solution that optimizes the overall cost of your network, your ROI, and ensure that it will serve your network deployment growth in the future. 

Depending on your type of network, you will need to choose between a fixed or modular NPB.  ‘Fixed’ means that you need one specific type of interface or line rate, for example - you need to monitor 30 x 10Gbs links, that need to connect to a monitoring tool.  The alternative is that your deployment needs multiple types of interfaces, or multiple visibility node functionalities, for example, to combine network bypass functionality with network packet broker functionality.

A fixed NPB is typically optimised for port density usually resulting in the best cost per port and minimal rackspace. A modular NPB will allow you to mix and match its port mix and features, optimizing your flexibility and providing a future-proof solution in case network needs evolve. A modular NPB allows you to “hot swap” between modules, so you can apply changes to your network without outages.

For large visibility deployments, it is typical that there will be a need for both types of NPB’s: some of the network is well established and quite stable, and in that case would need to be optimized for port density. Some other parts of the network are more dynamic and would need room for implementing changes. For these parts, it’s best to use modular NPB units that can accommodate changes in port mix and in functionality.

What functionality does your NPB need to perform?

It's important when choosing your NPB to pick a device that performs all the functions that your network architecture requires. On the other hand, it’s also important to understand which functions you actually don’t need, because those might cause unnecessary extra costs.

Here are some the the key functions of an NPB which you should evaluate your need for:

Fault tolerance

In the event that a part of your network goes down, for example, due to a power failure or hardware fault, the 

network should not fail completely due to networking schemes configuredinto the NPB. Some NPBs are able to generate sub-second heartbeat packets on data links that automatically detect that the connected appliance is not responding, allowing the user to configure traffic as needed during those events.

Some NPBs support sophisticated load balancing configurations so you can split the traffic load between multiple appliances. Some NPBs support both primary and secondary designation to connected appliances which give you a quick, automated switchover in case of failure.  These extra features are in addition to redundant field-replaceable power supplies and fan units.

Traffic grooming/Traffic management

Traffic grooming/management is used to ensure that the correct traffic is directed to the correct tools. This improves the efficiency of your network and each tool. A few of the traffic grooming/management functions include traffic regeneration and hardware-based packet filtering.  If you are handling GTP traffic, or you are implementing multi-level filters, a NPB can be a powerful tool to keep all of your systems under control. When choosing your NPB, there are many factors that are important to consider including which devices the NPB is planned to support, the complexity of your filtering needs, and if you have enough rules to satisfy your requirements. These factors can quickly combine together and amplify in complexity, so carefull selection of a NPB that can keep up with your demands is important.

Packet optimization

A NPB will modify a packet to improve network security and performance. A few of the packet optimization functions include additional advanced packet processing, and also may include packet de-duplication, protocol stripping and more.  Be sure to investigate the traffic performance levels for each advanced feature asthey may be more susceptible to high traffic loads. These packet processing capabilities are supported in higher end NPBs and are typically priced separately.  

What are the performance requirements of the different services on your network?

A NPB is a major building block in your network visibility architecture.  You are relying on it to forward traffic correctly to your performance management, monitoring and security tools.  You should select a NPB that is able to process the specific requirements of your traffic.  Consider the following questions when looking at performance requirements: Does the NPB incur and packet loss in different use case scenarios? Are these losses acceptable for the services you provide?

Another consideration is the number of ports that you will be using.  Does the NPB have a robust switching fabric backplane to handle all those ports at full line-rate? Your network will be running a number of services, and each of these services will have different needs in terms of performance. Can your NPB support the required performance (usually influenced by the ability of the NPB to cope with the amount of traffic that needs to be handled by the switching fabric)?  Something important to remember is that you choose a device which will not cause packet loss for sensitive services.   

Niagara Networks specialises in network visibility and can assist you with selecting the right Network Packet Broker for your unique needs. Click here to schedule a consultation with one of our network visibility experts.