Embed Size (px)
DESCRIPTION
For security deployments and network-centric application deployments, it is critical to know what is happening on the network before, during, and after an incident. Network recording (whether actual packets or netflows) ensures that this information is available after the incident occurred, which takes the guesswork out of diagnosing and resolving critical security breaches and network-centric application performance issues. An emerging tool in Network Performance Management and Diagnostics (NPMD) is network recording and search, which allows network operations (NetOps) staff to identify issues in service and application delivery. In this webinar, we’ll explore why network performance management is crucial in managing functionality and visibility of an organization’s network infrastructure and how Emulex helps address these deployment requirements. We'll also explore what matters most when your applications fail, and share some best-practice insights gleaned from working with customers that run some of the largest and most critical data networks on the planet.
Citation preview
Using Network Recording to Maximize Network Performance Management
10DEC 2013
Sonny SinghSr. Channel Marketing & Alliances Manager
2 Copyright © 2013
Emulex’s Network Visibility Product (NVP) Line
Emulex recently acquiredEndace
Endace: World Leader in network recording & packet capture
10 year history selling Network Visibility
(top-tier customers)
Global reputation for accuracy, scalability & Performance
3 Copyright © 2013
The Network Age Today
Most enterprises today are critically dependent upon their network to deliver products and services to their customers
Meeting internal and external service level agreements securely is a key part of this responsibility
Getting enough visibility into your network to know you are meeting SLAs and/or avoiding security issues is critical…
4 Copyright © 2013
ITSM Challenges Today
Traffic is growing exponentially and networks are moving to 10GbE speeds and beyond
Convergence of multiple types of networks onto single or dual wires
Virtualization of servers can obscure actual sources of traffic
SDNs offer new tools and capabilities, but also obscure overall network traffic flows
Hackers are becoming more sophisticated
5 Copyright © 2013
The Cost of Network and Service Interruptions
A measure of the importance of the network to enterprises is the cost of outages to their business
These longer outages are the ones that typically are the hardest to diagnose, fix & verify
*Technologizer: PlayStation Network Outage: Now It’s the Worst One Ever, Right?, May 2011 http://technologizer.com/2011/05/14/when-will-playstation-network-return/
6 Copyright © 2013
Endace Network Recording Infrastructure
Network Visibility Headend
Allows EndaceProbe INRs/ODE to scale to 40 and
100GbE
EndaceAccess™Network Visibility
Headend
Endace OpenHosting Platform
(ODE)
High Performance Intelligent Network Recording
Up to 64 TB storageMix of 1 and 10GbE ports
EndaceProbe™ Intelligent Network
Recorder
EndaceFlow™ NetFlow Generator
Appliance (NGA)
Hosting Platform for Monitoring Applications
8x1GbE or 4x10GbE PortsUp to 16 TB internal storage;
Fibre Channel support for SAN
High-Speed NetFlow Generation for 10GbE
Networks
4x10GbE Ports
EndaceProbe: Provides 100% packet
capture on 10Gb Ethernet links
NetFlow Generator: Generate unsampled
netflows from 1GbE/10GbE links
EndaceAccess: Load-balances
40Gb/100Gb links across multiple INRs
Endace ODE: Provide packets for
hosted 3rd party applications
7 Copyright © 2013
Endace Value Proposition – Know Your Network!
Know Your Network!
• Network recording (whether packets or netflows) provides the visibility needed to resolve critical security & network-centric applications
Network Recording
• For Security issues, having all of the packets captured is criticalSecurity Issues
• For Applications who depend on the network for performance, having all of the packets or netflows is also criticalPerformance
Requirements
• Record network traffic speeds (up to 100Gb/sec)• Competitive products drop packets (2Gb-3Gb per sec)• Others only sample the data (1 out of 10 packets or netflows captured
Endace Business Benefits
8 Copyright © 2013
Key Customer Deployments
9 Copyright © 2013
Investments in Network Health: 4 Categories
1. Prevention
2. Detection
Detect things that may be bad and were missed by prevention tools; generate alerts
Sit in the network and stop known bad things from happening
3. Response
4. Root cause
Help engineers respond to any kind of network-related problem fast
Enable engineers to understand exactly what happened and why
3
4
2
1
NPMAPMSIEM
FirewallWan Ops
NGF
Endace Focus– Speeding Response, Root Cause Analysis and Resolution
10 Copyright © 2013
…Yet, There Are Still Holes In The Overall Strategy
Historically, network IT has been reactive in nature
Tool spending has focused on prevention and detection
Spending on tools to improve response times, issue analysis, and network adaptation has lagged
Result: more downtime, longer maximum TTRs
11 Copyright © 2013
*Datacenter Dynamics: GREATER COMPLEXITY IS CAUSING MORE DATA CENTER DOWNTIME – SEP,2012http://www.datacenterdynamics.com/focus/archive/2012/09/greater-complexity-causing-more-data-center-downtime-0
“Aberdeen Group: The Cost of Downtime is Rising - FEB, 2012 ***IDC: Realizing Business Value and ROI with Application –Aware NPM – JUL, 2012 http://blogs.aberdeen.com/it-infrastructure/the-cost-of-downtime-is-rising/ http://www.riverbed.com/assets/media/documents/analyst_reports/AnalystReport-Riverbed-IDC-Realizing-Business-Value-and-ROI.pdf
How Bad is The Problem Today?
FC to 10GbETransition
?
“THE INCREASING PRESSURE ON DATA CENTER IT OPERATIONS IS A GROWING COMPLEXITY
DRIVEN BY THE RAPIDLY GROWING NUMBER OF BUSINESS-CRITICAL APPLICATIONS WHICH IN
TURN IS LEADING TO MORE DOWNTIME”
“BETWEEN JUNE 2010 AND FEBRUARY 2012, THE COST PER HOUR OF NETWORK
DOWNTIME INCREASED, ON AVERAGE, BY 65% ”
ABERDEEN GROUP – FEB, 2012**
“THE ENTERPRISE NETWORK HAS NEVER HAD SO MANY BLIND SPOTS”
IDC – 2012***
Datacenter Dynamics– SEP, 2012*
12 Copyright © 2013
How Much Network Visibility Do You Need?
The visibility “most” tools provide• Lack of detail needed to resolve
difficult security breaches or application performance issues
The visibility Endace tools provide• See microbursts• Know exactly what data has been
compromised• Identify issues impacting application
performance
Low Definition Network Visibility vs. High Definition Network Visibility
Low Definition• Shows you the overall trends• Great for long-term traffic planning • Geared to identify large deviations from the norm
High Definition • Visibility into the “Action” (microbursts, dropped packets, protocol errors) that underlie the most difficult application performance issues
13 Copyright © 2013
Typical Network Visibility Fabric DeploymentsSecOps deployment monitoring both sides of the DMZ; record attacks, ID compromised data
NetOps deployment monitoring north-south traffic; ID inbound/outbound application issues
NetOps deployment monitoring east-west traffic; ID internal application performance issues
14 Copyright © 2013
Our Approach to NPM/APM/SEM – Best of Breed
Endace approach enables tailored “best-of-breed” solutions– All tools share data from same secure location in datacenter
– Automated workflow, “pivot to packets” speeds up issue resolution
Lower Investment while Increasing ROI– Only buy what you need, when you need it, where you need it
– Plan and train staff on the tools that fit your situation best
APM App
NPM App
IDS App
HFT App
Endace Capture Appliance10/40/100GbE
EndaceVision Network Search Engine with Fusion Connectors
15 Copyright © 2013
The Business Value of Network VisibilitySecurity
Know Your Risks
Unambiguous Forensics Trail
Ensure Corrective Actions Are Effective
Security
16 Copyright © 2013
The Business Value of Network Visibility Network Centric Applications
Customer Satisfaction
Decreased Application Downtime
Network-CentricApplications
Avoid Future Network UptimeIssues
NetOps CAPEX/OPEX Savings
17 Copyright © 2013
Endace Top Use Cases
Enterprise IT Planning & Enablement
Network/Application Performance Direction
& Resolution Security Analysis
• Bandwidth Planning
• Helping 1GbE applications scale to 10GbE
• Reducing time-to-value on IT initiatives like VDI and SDN
• Smoothing the path to BYOD through network visibility
• Optimizing network resources and identifying bandwidth chokes
• Rapid response to critical network outages
• Troubleshootingintermittent application performance issues fast
• Alerts on bandwidth spikes, microburst and application detection
• Investigating suspected security/data loss issues fast
• Monitoring end user application usage policies on data networks
• Alerts on detection of banned applications
18 Copyright © 2013
Summary – Deploy Endace Solutions & Improve Network Visibility, Performance and Security
Faster Time to Resolution for
Difficult Network +
Security Issues
Standalone Network
Recorders Enable Best-
In-Breed Solutions
EnterprisesDeploy Endace
Solutions to Improve
Their Network Availability &
Security
Let Emulex Help You Improve
Your Network’s Performance
Endace Network Visibility Solutions
19 Copyright © 2013
