Profitap Blog

Recent Posts

Stay up to date



Return to Blog

All You Need to Know About Network Packet Brokers

The last decade experienced an overwhelming increase in network size, bandwidth, and traffic. IT companies were, therefore, forced to adapt by developing the next-generation of security and network monitoring tools. This new wave of tools exposed a greater need for advanced network visibility, one that traditional data center monitoring devices couldn’t handle anymore.

And so, in 2012, Network Packet Brokers were developed. Known also as “data access switches”, “tool aggregators”, “monitoring switches” or “matrix switches”, they are “devices that facilitate monitoring and security technologies to see the traffic which is required for those solutions to work more effectively”, according to Gartner. 

Network Packet Broker

NPBs are often required in more complex networks, with increasing speeds that need in-depth and improved network monitoring for a superior network security.

But what exactly is an NPB doing? This powerful device filters specific network traffic in order to optimize the security and traffic flow. More accurately, it receives the network traffic from multiple SPAN ports and/or network TAPs, then filters the data by interest and sends it to the related network analysis and security tools. Efficient and precise. 

 

When do you need a Network Packet Broker?

Most of the time, network engineers complain that their in-line security tools don't receive all the required data, causing blind spots to appear in the network. This can finally lead to wasted resources, redundant costs and a higher possibility of being hacked.

These issues can be solved by using a NPB's capabilities of applying specific filters and rules before forwarding the traffic from network access tools to various network security, performance management, and other monitoring tools. Also, this device can aggregate traffic from multiple input ports to a single output port and vice-versa. See the illustration below to see how an advanced network visibility platform looks like. 

Also, if you want to know more about the main differences between some of the most popular network monitoring tools out there, check this article.

 Network Packet Broker Illustration

A NPB helps you to optimize your network security, performance management, and other monitoring tools. That also means an increased network efficiency while decreasing your costs.

 

What should you expect from an NPB?

Intelligent Filtering

First and foremost, the NPB needs to have the ability to filter specific network traffic to specific monitoring tools, so that it can efficiently optimize traffic flow. This characteristic helps network engineers to filter on actionable data only, which allows the network tools to analyze much more efficiently.

 

Its filtering abilities can not only improve efficiency when it comes to traffic flow but can also help in speeding up incident analysis and in reducing response times. This is because it provide network engineers the flexibility to direct that traffic exactly how they need.

 

Load Balancing

The ability to take the incoming traffic and effectively distributing it to different multiple appliances is another feature that an advanced packet broker has to perform. This feature enhances network security, increases the productivity of your security and monitoring tools, and makes life much easier for network admins.

Intuitive and easy to use GUI

Your preferred NPB should include a configuration interface - graphical user interface (GUI) or command line interface (CLI) for real-time management, like adjustments of packet flow, port mapping and paths. If the NPB is not easy to configure, manage and use, you can't take advantage of its full capabilities. 

Intelligent Packet Aggregation

By aggregating multiple packet streams into a large one, your device should create a single unified stream that can be routed to a monitoring tool. This increases your monitoring tools' efficiency. 

Packet Broker Costs

One thing to keep in mind when on the market for this advanced monitoring device is the cost. Both long term and short term costs can change significantly, based on whether there are different port licenses available and if the Packet Broker accepts any SFP module or only proprietary SFP's.

To sum up, an efficient NPB should provide all these feature, as well as true link layer visibility and microburst buffering, all while maintaining high availability and resiliency.

In addition to the functionalities mentioned above, our X2-Series Network Packet Brokers also offer the following extensive set of features, such as such as packet slicing, GTP IP filtering, ERSPAN tunneling & de-tunneling, GTP correlation, packet deduplication and timestamping. It also includes X2-Manager - a web-based interface that allows users to configure and monitor the behavior of their device.

Interested to learn more about our X2-Series Network Packet Brokers? Click the button!

 

Discover our XX and X2-Series Network Packet Brokers