Why You Need Network Intelligence at the Visibility Layer

The visibility layer is a network that consists of resilient devices connecting security and monitoring tools. It allows sending specific traffic to desired destinations and set a course of action for connectivity or security device outages or attack scenarios.

What does Niagara’s Network Intelligence offer?

A
Taking the motto of “getting the right traffic to the right tool” to the next level.

By performing more advanced traffic processing in the NPB, the connected network appliance will receive traffic from the NPB more efficiently and in a manner that it can actually process. For example, handling TLS encryption. This is traffic that the network tool cannot otherwise process because it's encrypted. By performing TLS decryption in the NPB, the connected network tool receives traffic in a format that it can ingest. With Niagara NI, the NPB can perform more advanced performance-intensive utility processing functions so that the network tool can be off-loaded to focus its resources on its designed task.

Advanced traffic processing

The figure depicts offloading of TLS Decryption from the network tool to the Network Packet Broker in a centralized and optimized manner. This can equally apply if the network tool did not have these advanced processing capabilities in the first place

B
Open Visibility Platform - Process Once, Provide to Many

Many of the same advanced traffic processing tasks are required by different network tools. It’s only natural to perform these in the visibility layer in a centralized manner. In the visibility layer NI processing applications can be performed once and fed efficiently to multiple tools. In addition, utility tasks, such as decryption, can be done once according to relevant policies, ensuring compliance and easing the work involved with audits and reporting.

process once, provide to many

The figure depicts “process-once, provide many” when multiple solutions need the same treatment for traffic. By offloading common utility tasks like TLS decryption and de-duplication we are increasing the efficiency and performance of the connected solutions

C
Deployment Hub and utility process chaining

Niagara’s NPB’s meet the stringent demands for the core networking reliability, scalability and performance required by networking teams. Combining the NPB with the Packetron provides users with an agile and flexible deployment hub.

 

Users can combine multiple NI utility processing applications on the same network packet broker. NI Applications will be applied at a user defined logical sequence on the data traffic. Moreover, trigger-based policy capabilities can steer traffic to different processing applications or to a different sequence of processing depending on the status and state of the connected network and security appliances or in case of traffic triggers.

 

All Network Intelligence applications are seamlessly integrated into the FabricFlow operation of the host multipurpose visibility node. Users can apply the NI Application on the traffic from user friendly, hassle-free menu screens.

NN-SVCchaining-1

The figure depicts consolidating multiple network tools into a single NPB. Processing modules can be added to the NPB scaling performance to meet user’s needs.

The Packetron

Niagara’s Network Intelligence is achieved using the Packetron packet processor acceleration hardware module. This module fits into the network packet broker. The user can add multiple modules in cases where more traffic intelligence processing power is needed.

OVP-1

Figure depicts NPB<-->Packetron combo. Combining Packet broker functionality with application layer processing agility.

Applications running on the Packetron automatically and seamlessly benefit from aggregation, replication, filter, load balance, inline bypass and other traffic manipulation capabilities of a fully featured NPB. By connecting to the non-blocking switching core, traffic from any- and to any port can be easily accomplished.

NI-PKTRN-Integration

The Packetron module occupies a single bay in the multi-purpose visibility node. This provides superior packet processing density per form factor. Input traffic from packet broker ports, bypass ports or tap ports via the non-blocking switching fabric, enables the Packetron to provide Network Intelligence application for both out-of-band monitoring deployments and for inline deployments.

A multi purpose visibility node is powered by a switching fabric that is able to deliver great processing and forwarding capabilities on packets, up to Layer 4. The Packetron module is directly connected to the host switching fabric. The Packetron is able to handle sophisticated application level and L7 level processing on packets, sessions and flows.

 

The Packetron has a nominal processing capacity of 80GbE. Though actual performance may vary based on the application and or number of applications that are run simultaneously on a single Packetron module. As a modular, field replaceable module, users can add Packetron modules to scale up their processing needs.

Open Visibility Platform

The figure depicts schematic deployment of Niagara's Open Visibility Platform (OVP). Security application can be deployed on Packetron modules as part of the SSL/TLS decryption platform. This powerful combination enhances the efficiency of both the decryption platform and the on-board resident security application, delivering a cyber threat detection multiplier.

Open system architecture allows for other vendors or end users to integrate 3rd party applications