Network visibility is becoming increasingly important as organizations are challenged to deploy increasingly complex network services, such as security, performance management and monitoring on an ever evolving and expanding network and data center architecture.The key to ensuring proper network visibility is creating a network visibility layer that consists of strategically placed network taps, network bypasses and packet brokers.
A PERVASIVE visibility layer not only increases the security of your network, but also holds key advantages in reducing downtime in maintenance periods, improving network service recovery time and increasing your overall ROI.
Your network visibility layer must be pervasive. If it isn’t, you risk blind spots, potentially compromising your security and network efficiency. But how do you know if your network visibility is pervasive?
Here are some of the key areas and questions that will help you assess your ‘P score’ and identify the extent of your network visibility.
How do you approach your network visibility layer?
If you are aiming for pervasive network visibility, it’s vital that you approach the visibility layer with a cohesive strategy that takes into account the current status of your network and areas where your network might grow, or the topology might change.
This is necessary owing to the limitations of most networking hardware and network visibility tools. Even modern network switches are equipped with only one or two SPAN ports, and you may need to connect more than two devices to these ports or need to have different departments tap into the traffic. In other cases you may upgrade your physical network and find your current monitoring tools lack the processing power or connectivity for higher throughput and bandwidth.
It’s also key that you have a team to deal with these issues, as it is often too large a task for a single member of your IT staff.
Which option below best describes your company’s approach to the network visibility layer?
- We have a dedicated owner and a clear strategy of when and where to deploy and manage our network visibility layer
- We don’t have a dedicated owner for visibility layer issues, but it’s often taken into account when adding network services
- Not sure exactly what to do with network visibility. Sometimes our security vendor provides us with recommendations
How are you deploying your security, monitoring and performance management tools?
Even if you have selected the greatest tools to secure and monitor your network, poor deployment schemes may adversely impact their performance and utilization. This is why you should identify the optimal deployment scheme per tool, whether it’s a network monitoring device or a security-related tool.
A pervasive network visibility layer enables you to forward to each tool the traffic that it needs. It is also capable of aggregating low utilization links from across your network to central processing centers.
Furthermore, some network visibility layer deployments take advantage of a central visibility controller management system. In such systems, independent visibility appliances are managed as a single virtual switch fabric across all of your visibility layer. This offers even more flexibility and efficiency in your deployment of network services such as monitoring and performance management
When it comes to security, performance management or monitoring tools, you are optimizing the utilization per tool:
- Across your entire network
- In some areas of your network
- Haven’t thought about optimization and efficiency of the deployment
What level of visibility do you have into your links?
In an ideal world, you would cover every link to prevent blind spots in your network visibility layer. However, owing to issues like budget constraints or port limitations, you may not be able to provide complete coverage of your network.
In this case, you should prioritize visibility on the high capacity links, and other critical points on your network — to at least have those covered. Also note that a central visibility controller management system can serve as a force multiplier on the links that you have covered.
Which option below best describes your visibility for your links?
- We have full visibility into all our network links, and continuously strive to identify and cover any blind spot.
- We have visibility into all of our high capacity links and in addition full visibility into other critical points.
- We cover a few of our high capacity links, but not all. We also have some visibility into critical network points.
Are you blind, or can you see?
Tally your score. In each question, the first answer is worth one point, the second is worth two points and the third answer is worth three points. Total your points and see which category you fall into:
- If you scored 3 points, your network visibility is highly pervasive, good job!
- If you scored between 4 and 7, you have a well deployed visibility layer; however there are weaknesses that need to be improved.
- If you scored between 8 and 9 points, your network visibility coverage is below average with significant security blind spots.
Regardless of how good your ‘P Score’ is, or how pervasive your network visibility appears, contact one of our network visibility experts for a free consultation to ensure that you are achieving your network visibility goals.