In dynamic data center environments made more fluid by virtualization and cloud computing, enterprises are finding it increasingly difficult to monitor, analyze, and secure IT assets, especially when tools are still proliferated into silos of IT.
“Imagine a typical Service Oriented Architecture data center,” says David Reoch, senior director of Cloud Solutions at Gigamon. “More and more data is flowing in an East/West pattern, and remaining inside the virtual switch, or encapsulated on the wire with overlay network technologies like VXLAN.
“Then security zones are implemented in the virtual environment, creating silos of virtualized IT. Each level of isolation creates another IT environment that will require another instance of monitoring, analysis and security tools.”
Hence, CIOs must create visibility solutions that not only address requirements for volume, density, and scale, but also reach into silos of IT, including virtualized environments. Organizations that are well on their way to overcoming these challenges generally take five important steps.
Step 1: Protect tool investments
The demands of BYOD, cloud computing and the converged infrastructure have hastened data center network upgrades from 1Gb to 10Gb and higher. Monitoring and analysis tools have to perform at those speeds and handle much higher traffic volumes. But tool upgrades are costly.
When IntercontinentalExchange (ICE) needed to consolidate its 10Gb and 1Gb network links and protect investments in 1G monitoring tools, the global network of exchanges and clearing houses deployed Gigamon’s GigaVUE Visibility Fabric nodes to consolidate the management of multiple 10Gb and 1Gb test access points (TAPs).
The GigaVUE nodes, on which the Gigamon Unified Visibility Fabric is built, feature patented Flow Mapping technology that provides intelligent aggregation, filtering and replication of traffic flows.
With this capability, the GigaVUE nodes seamlessly route traffic to ICE’s 10Gb and legacy 1Gb monitoring tools so that each tool only monitors traffic belonging to specific business functions. Essentially, the company’s 1Gb tools now capture 10Gb network traffic by using packet filtering to select only packets that are useful to the tool.
Step 2: Gain pervasive visibility
Even more challenging are the network blind spots created by virtualization. For example, existing tools cannot see the encapsulated packets of overlay networks or monitor virtual machine (VMs) migration across physical hosts.
But visibility into the virtual switching infrastructure is critical as more mission-critical workloads migrate to virtual servers and traffic volume occurring between VMs on the same host surges.
Here, the GigaVUE-VM Visibility Fabric node’s intelligent filtering and packet slicing help to push inter-VM data streams of interest to the appropriate monitoring analysis or security tools on the physical network without compromising security.
Step 3: Optimize monitoring
Despite deploying more and more monitoring, analysis and security tools, many organizations have quickly found that dispersed tools can be cumbersome to manage; expensive to scale; and not set to provide end-to-end visibility. What’s needed is a traffic visibility solution that optimizes tools with pervasive visibility and centralizes them in a single management location.
A large Canada-based diversified company that owns retail stores, gas stations, financial services and a bank, had relied on a high number of distributed probes and TAPs to deliver performance traffic and several sniffers for network and application troubleshooting. However, technicians have to unplug and reconnect cables to network links each monitoring session.
To increase tool efficiency and simplify management, the company deployed GigaVUE Visibility Fabric nodes to securely replicate, filter and aggregate critical network traffic from multiple TAPs and deliver it to centralized tools. This enables each probe to support up to 12 TAPs instead of just two before.
Further, networking staff can connect and disconnect probes and sniffers remotely in a production environment without leaving their desks. The solution controls access to tools at a centralized location. Sniffer cables remain always connected and traffic is simply selected through the GigaVUE configuration.
Simplifying visibility management, the Flow Mapping technology allows IT teams to dynamically change monitoring and traffic visibility policies on a per-organization or per-tenant basis, maintaining compliance and privacy.
Meanwhile, Gigamon’s NetFlow Generation application offers the teams access to information on network traffic types, relationships between network nodes and usage patterns without having to add a separate appliance or tax the network.
Gigamon is also working with partners like Riverbed Technology to meld optimizing solutions like time stamp technology and performance analytics so network managers can quickly determine where network problems are occurring.
Step 4: Enable scalable visibility
Adding new services and tools should be simple despite the demand for big data analysis and the risks around tool moves, adds and changes. A scalable, intelligent network monitoring fabric can help reduce the time to deploy services without disrupting production infrastructure.
A US-based outsourcing firm needed to find a fast, effective, reliable way to ensure data privacy among clients and respond more rapidly to requests for changes. It deployed a dozen GigaVUE fabric nodes to simplify the deployment of monitoring tools.
With the ability to effortlessly filter traffic from SPAN ports and securely forward it to monitoring tools based on client-specific addresses, requests for changes could be implemented in real time through configuration changes in the GigaVUE nodes. That also translates to nearly unlimited scalability and no port contention as monitoring needs grow and change.
Step 5: Enable visibility as a service
“Referring back to the Services Oriented Architecture, CIOs are driving both ruthless standardization as well as Self Service Portals,” says Reoch. They’re also trying to assign the cost of IT to departmental budgets. This includes the tools used to monitor, analyze and secure the infrastructure.”
By centralizing and attaching tools to the Gigamon Visibility Fabric, the IT department can replicate traffic to each of the tools serving unique business stakeholders. Doing so alleviates multiple copies of the same monitoring traffic, as well as organizational issues, such as stakeholders competing for access to data.
Likewise, service providers can leverage these capabilities to provision tools on behalf of unique tenants in the cloud space.
“The game changing nature of the visibility fabric comes from a common, scalable, lower-cost solution that is able to deliver the right traffic to each tool,” says Reoch. “Our solution creates a visibility fabric that overlays all areas of the data center and silos of IT, and enables the centralization of all tools. It’s a ‘wire once’ model, enabling the attachment of tools at any time, on behalf of any stakeholder or tenant, without disrupting the production infrastructure.”