ZK Research - a proud sponsor of AI World 2017. See you there!

AI World Conference & Expo · Boston, MA · December 11-13, 2017

Posts Tagged ‘network visibility’

This week, FireEye acquired nPulse technologies to strengthen its security platform. FireEye’s security platform is built on the concept that securing a business cannot be done at singular points, as is the case with legacy security platforms. FireEye’s approach is to gather as much information as it can, from sources such as Web, email, mobile devices, and the network, and analyze the data to more accurately find and analyze threats and intrusions.

The accuracy of FireEye’s platform is based on the data that it has to analyze. The more you can see, the more accurate the security. Given that the company ponied up about $70 million ($60 million in cash and $10 million in stock based on milestones) for one of its partners, nPulse technologies is intended to allow FireEye to see more. nPulse was actually a partner of FireEye’s prior to the acquisition, and I’m guessing the value that nPulse provided as a partner led to the purchase.

The product from nPulse processes and indexes network packet data very quickly, as well as providing the capability to query the information to gain visibility into what happened during any kind of breach or intrusion. Without nPulse, customers would have to sift through reams and reams of data and log files and somehow manually correlate the data with the intrusion. Unless you’re Mr. Spock, manual analysis and correlation is almost impossible unless it’s the full-time job of a team of people. Personally, I’d prefer having Spock on staff (the Leonard Nimoy version; no offense to Zachary Quinto) but a tool like nPulse is almost as good.

The network industry has largely been focused on network transformation over the past few years. Most of the vendors, though, have been geared towards the evolution of the data center network. It’s time that businesses started looking at evolving the wide area network (WAN) as this is often where the biggest pain points is for application performance.

The WAN fundamentally hasn’t changed at all in the past 30 years, as most companies still use the traditional “hub and spoke” design with a private network technology, such as MPLS. Often the WAN has a backup connection that becomes active when the primary fails. This model has worked well for decades now, so living by the “if it ain’t broke, don’t fix it” credo has meant that most companies just leave well enough alone and haven’t done anything to evolve the WAN.

I think it’s fair to say that most network managers understand why this architecture is inefficient. It was really designed for client/server traffic, and all Internet traffic is backhauled through a central location. Also, much of the traffic “trombones” up and down the WAN links through a central hub, moving from branch to branch or even Internet to branch. This is one of the reasons we’ve been talking about WAN re-design for years now. In my opinion, though, I think it’s time to take this seriously.

During last week’s VMworld event, traffic visibility leader Gigamon debuted what it is calling “Visibility as a Service,” or VaaS. Network visibility was a big theme at VMworld this year as VMware launched its NSX network virtualization product.

During his keynote, VMware CEO Pat Gelsinger stated that the network is the next IT domain to be impacted by virtualization and, in fact, it’s the limitations of the network that hold organizations back from being able to migrate to a software defined data center (SDDC) or IT-as-a-service.

This sounds great during a keynote, but, practically speaking, virtualizing the network has its risks and complications. I’ve heard many people use the benefits of server virtualization to describe how the network can be transformed and what the impact will be. While I don’t fully agree with this analogy, I do believe that some of the risks are similar. While many companies enjoy the fruits of virtualization today, remember that this technology went through some significant growing pains to get to this point.

All eyes are on Orlando, Florida, this week as Cisco Live gets underway. With all due respect to Interop, the show formerly known as Networkers has become the place to be if you want to learn what’s going on in networking, with over 20,000 in attendances this year. I don’t think anyone would deny the fact that virtualization has become a huge issue for not just server managers but also network managers. In fact, in last year’s ZK Research/Tech Target network purchase intention survey, we asked what technology product was consuming more time and resources compared to the year prior. Server virtualization was the No. 1 response, with over 31% of respondents showing just how big an impact virtualization is having with network managers.

Just a few short years ago, network managers couldn’t have cared less about server virtualization, as it was a technology that was used to improve the utilization of servers and had little impact on the network. Obviously, things have changed significantly over the past few years as the use of virtualization technology has expanded past consolidation.

Most of the focus of software-defined networks (SDNs) has been on how it impacts the layer 2/3 switch vendors. The industry seems to have moved off of this notion that it commoditizes the underlying infrastructure, but recently another question has come up. Big Switch recently launched the company and related products, one of which is called “Big Tap,” that provide traffic visibility functionality similar to what one might get from vendors such as Gigamon and VSS. This has raised a question: are SDNs a death knell to the traffic visibility vendors?

I looked at this and then talked to a number of customers, including Big Switch, and I believe the information that one can get out of an SDN-led product to be very much complementary to the traffic visibility market, not competitive. Think of “Big Tap” as being traffic visibility light where they provide a very basic level of information. The level of information that one gets from the dedicated vendors is much richer and more granular than what one would get from Big Tap.



Insight and Influence Through Social Media
ZK Research: Home
Google+
Twitter
LinkedIn
Facebook
RSS Feed
ZK Research is proudly powered by WordPress | Entries (RSS) | Comments (RSS) | Custom Theme by The Website Taylor