Skip Links

Full visibility into high-performance nets: Demand 100% packet capture

By Tim Nichols, VP of marketing, Endace, special to Network World
February 15, 2012 03:55 PM ET

Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

A new class of packet-based network monitoring and recording solutions are emerging that enable companies running high-speed and ultra-high-speed networks to address the issue of network blindness, a condition that exposes organizations to a raft of operational, legal, compliance and reputational risks. With the cost of network downtime measured in millions of dollars per hour, knowing what's going on inside the network isn't just a nice to have, it's critical.

Today's 10 Gigabit networks are so complex that there's invariably duplicate traffic from badly configured switches and routers consuming bandwidth without being noticed, resulting in everything from videoconferencing falling over to failure of critical business applications. Installing a packet-based monitoring and recording fabric enables organizations to alleviate network blindness and gain visibility into network congestion issues.

IN DEPTH: High-speed Ethernet planning guide

It's clear that ultra-high-speed networking is on the horizon in many industries. In a recent survey of 100 organizations in North America, 71% said they have made the transition to 10Gbps networking. The companies that participated included tier-two telcos, online service providers, retailers, manufacturing companies, health service providers and gaming companies, all with annual revenue of at least $10 billion. In addition, 43% of the organizations surveyed said they have plans to adopt 40Gbps or 100Gbps networking.

According to the senior networking, operations and security professionals surveyed, many of their incumbent network monitoring and security vendors are unable to reliably manage higher network speeds. In fact, 47% of the respondents believe they are missing potentially significant network events due to failing or under-performing systems. Another 65% of the organizations do not record network traffic for forensic analysis of network events, and 43% percent reported experiencing "significant difficulties" investigating and remediating network events.

Other findings of note:

- 33% of organizations reported experiencing some kind of data loss in the previous 12 months.

- 39% were unable to accurately identify what was lost.

- 42% admitted to having been the victim of a cyberattack in the past 12 months.

- 67% of those victimized by an attack admitted to having serious problems investigating the attack.

There are a plethora of 10 Gbps-capable monitoring tools available, but most of them start to get a nasty case of network myopia as network speeds hit 3Gbps. What they claim to be able to do, and what they actually do, are turning out to be quite different things. The challenge they have is that they are unable to get packets off the wire fast enough to figure out what's really going on. The interrupt rates of standard NICs overwhelm CPUs, causing packets to be dropped. Therefore, there is a need for dedicated and purpose-built packet capture hardware.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News