Virtualization, cloud computing, mobility and video are creating a surge in East/West traffic in the enterprise data center. As data centers scale core networks from 10Gb to 40Gb and 100Gb, interface speeds could grow as much as 50 times due to improvements in bus designs and multi-channel adapters aiding higher traffic volumes.
At these link speeds and data volumes, tools used to monitor, analyze, and secure the computing environment lose real-time visibility into the traffic and transaction flows.
“Now, the network and application performance monitoring tools face a new challenge – real time monitoring at wire speed for 10G and beyond,” says David Reoch, senior director of Cloud Services at Gigamon. “They simply aren’t going to be able to keep up with those speeds without serious investment in upgrades. If upgrades do not occur, then applications will simply disappear from the monitoring tools’ dashboards.”
That’s why CIOs need the following five capabilities – scalable architecture, fabric intelligence, pervasive visibility, optimized monitoring environment and purpose-built solution – to overcome the challenges created by these prevailing trends.
To keep up with the transforming infrastructure, organizations need a monitoring infrastructure that supports various speeds and connectivity options from 1Gb to 40Gb and beyond to monitor the high volume of data.
For example, modular design and interconnecting nodes form the Gigamon Unified Visibility Fabric. The nodes are designed “on the principles of port density, high volume packet processing, and scalability to fit any size of data center infrastructure,” say officials at the company.
Fabric nodes connect into the network and collect data through test access point (TAP) modules, inline bypass modules and connections to the mirror/ switched port analyzer (SPAN) ports on network devices. These highly port-dense 1Gb, 10Gb, 40Gb, and 100Gb appliance and chassis-based solutions can deliver traffic to connected tools at the supported interface speeds.
To monitor virtualized environments, nodes are available as virtual machines (VMs) tunneling relevant traffic back to the fabric and connected tools. Nodes are also available for remote offices to tunnel only relevant traffic back to centralized tools.
Traditional methods of monitoring, which attached monitoring tools directly to network links or into each SPAN port on every switch to filter and aggregate traffic, were costly and unreliable. Often, tools see only a portion of traffic and even then, much of that were irrelevant. As speeds increase, keeping up with line rate became a challenge.
Gigamon’s patented Flow Mapping advanced filtering enables users to apply map rules to line-rate traffic up to 100Gb from a network TAP or a SPAN mirror port. So, each tool sees only the traffic that it needs and nothing else.
In addition, “to keep [upgrade] costs down and aligned with the budget, a visibility fabric solution can intelligently filter and aggregate traffic in front of the tools, enabling the continued use of existing 1G tools,” Reoch adds.
A consistent monitoring policy across all network traffic requires pervasive visibility across the physical switch and the virtual and cloud environments, and decapsulation of overlay and virtual network traffic.
“As the physical to virtual (P2V) migration occurs, when an app goes virtual, it will just drop off of the monitoring tools radar,” Reoch adds. “The challenge for the CIO is to maintain pervasive visibility before and after the P2V migration of his or her apps occurs.”
Virtual fabric nodes act as a TAP for the vSphere Distributed Switch and the Cisco 1000v virtual switch, directing copies of real-time virtual network traffic to the tools commonly used to monitor and analyze physical data center elements. The nodes also decapsulate MPLS and VXLAN traffic, filtering and tunneling captured traffic to the centralized tool environment.
Optimized monitoring environment
For these appliances to perform efficiently and monitoring solutions to run optimally, tools should be centralized on a common management platform. Simplified management enables network administrators to configure visibility into the virtual switch without disrupting workflows of the server administration team, resulting in faster turn-around times for change requests.
“Declining budgets continue to drive the move to virtualized solutions – servers, networking, storage and applications,” says Reoch. “If a dozen applications, each running on dedicated servers, are virtualized and migrated to a single host, that host is going to need about 12 times the amount of network as a single application server.”
With VMware vSphere server integration, visibility rules defined and mapped to specific VM network ports follow the VM and remain in effect even after a vMotion event occurs. Applying maps to data maximizes each tool’s effective throughput and the data load per connected tool.
Flow Mapping optimizes every network port to receive 100% line-rate traffic and each tool port handles relevant traffic at its full capacity, regardless of the number of network ports or available tool port filters.
The reliability and performance of a monitoring environment rely on a robust and purpose-built visibility solution.
The solution should be resilient with modular and hot-swappable modules or dual-redundant and hot-swappable power supplies and fans, for instance. As business needs evolve, it should be easy to configure and change; scalable from single to multi-node deployments; and modular enough to mix and match standards-based solutions.
Further, Flow Mapping allows different user groups to decide which traffic should be forwarded, where it should be sent, and how it should be handled once it arrives. Role-based access controls determine each group’s visibility of a traffic flow.
Benefits that matter
The benefits offered by a scalable, intelligent, pervasive, optimized and purpose-built visibility solution for any modern data center shouldn’t be underestimated.
A visibility fabric that scales from just a few connections to thousands and monitors and secures traffic from a centralized network tool farm can reduce both capex and opex through:
- Reduced time to resolution for troubleshooting and security issues via accurate analysis and measurement of network traffic traversing both physical and virtual environments
- Minimal disruption to the production network as tools are changed, upgraded and taken down
- Better tool utilization from optimized data streams delivered to the tools, which reduce load on the tools, extends the life of the tools and result in fewer tools and probes
- Management of data streams to existing fabric-connected tools even in a network infrastructure upgrade
Clearly, these benefits not only reduce the total cost of ownership for monitoring and managing next-generation data centers but also have deep impact on business. Failure to analyze, monitor and secure the network will result in downtime that can quickly cost millions of dollars in lost revenue.