The visibility fabric space has heated up over the past couple of years. The primary reason for the escalated interest in this space is that network complexity has grown exponentially over the past few years, and a visibility fabric can be used to simplify the deployment of security and management tools. A visibility fabric can bring some greatly needed order to what’s currently a highly chaotic system.
The rise in demand for visibility fabrics has caused many SDN and Ethernet switch vendors to jump into the space. This has raised the question – is there a market for dedicated visibility fabric infrastructure, or can some of these repurposed Ethernet switches or software defined network (SDN) controllers provide “good enough” functionality to obviate the need for dedicated visibility fabric infrastructure? It’s been my belief that the repurposed switch approach can limit functionality, and dedicated infrastructure is required to manage large-scale networks.
This week, Gigamon announced a number of new features to its visibility fabric under the term "Active Visibility." The company is using the term to describe high-volume traffic environments that need to scale up and out. Dedicated hardware-based platforms will show a distinct advantage over software-based solutions running on white-box hardware for handling high traffic volume.
Gigamon outlined three uses cases for its active visibility solution:
Active visibility for SSL
SSL traffic is certainly on the rise. This causes a challenge for management tools, as the network is blind to the payload in SSL traffic. This means threats can be hidden inside the SSL only to be unleashed on the network once it’s past the security infrastructure. Also, large ciphers can cause serious performance problems for the network. Gigamon can now decrypt SSL traffic, allowing deeper insight into the blind spots caused by SSL. This can better protect organizations by exposing threats and improving network performance. This feature can also improve the performance of the security tools, as it eliminates the need for the tools to decrypt SSL traffic.
Active visibility for multi-tier security
This is actually an enhancement to the multi-tier security architecture that Gigamon outlined earlier this year. The solution handles multi-tier security in two different ways. It can use application-aware bypass to send select traffic to in-line security tools based on applications of interest. The bypassing of traffic that doesn’t need to be inspected improves application performance and lowers latency. Additionally, traffic can be sent to multiple serially connected tools so an unhealthy tool can be bypassed without bringing down the network. This also enables security tools to be added, removed, or upgraded without disrupting the environment.
Active visibility for high-volume traffic
Network speeds are on the rise in the data center. 100 Gig-E and 40 Gig-E links are becoming a reality, driving volumes to new levels. Simultaneously, network managers are moving traffic monitoring below the spine switch line to provide visibility for security and performance monitoring, increasing the number of points where data needs to be acquired. These trends are influencing the design of visibility fabrics, as the topology of these high-speed, spine-leaf architectures are very different than legacy networks. Gigamon has added new line cards for 100 Gig-E networks and 40 Gig-E, including support for the Cisco BiDi optics that were introduced earlier this year. As Cisco customers upgrade from 10 Gig-E to 40 Gig-E BiDi, Gigamon can provide consistent visibility. Lastly, Gigamon can now cluster its boxes to scale out to the most demanding environments.
The popularity of visibility fabrics is certainly at an all-time high, but buyers need to be aware that all solutions aren't created equal. If you’re living in a complex, high-volume environment, a dedicated solution will yield far better results than many of the commodity platforms available today.