The mainstay of Network Packet Brokers (NPB), has always been ‘getting the right traffic to the right tool’.
With the network’s traffic as its inputs, the NPB is able to replicate, aggregate, filter and load balance the traffic, to provide SecOps and NetOps with visibility that they need into the network. Intelligent traffic processing is required in order to increase the efficiency of the tools used by SecOps and NetOps and to address the growing sophistication in needs of Security Solutions.
Niagara’s Network Intelligence (NI) solution offers various advanced traffic processing capabilities that significantly extend the envelope
of your network visibility and security visibility layer.
The gap between the networks exploding traffic capacity and the network and security tools
By performing more advanced traffic processing in the NPB, the connected network appliance will receive traffic from the NPB more efficiently and in a manner that it can actually process. For example, handling TLS encryption. This is traffic that the network tool cannot otherwise process because it's encrypted. By performing TLS decryption in the NPB, the connected network tool receives traffic in a format that it can ingest. With Niagara NI, the NPB can perform more advanced performance-intensive utility processing functions so that the network tool can be off-loaded to focus its resources on its designed task.
Offloading of SSL / TLS Decryption from the network tool to the Network Packet Broker in a centralized and optimized manner. This can equally apply if the network tool did not have these advanced processing capabilities in the first place
Many of the same advanced traffic processing tasks are required by different network tools. It’s only natural to perform these in the visibility layer in a centralized manner. In the visibility layer Network Intelligence (NI) processing applications can be performed once and fed efficiently to multiple tools. In addition, utility tasks, such as decryption, can be done once according to relevant policies, ensuring compliance and easing the work involved with audits and reporting.
“Process-once, provide many” when multiple solutions need the same treatment for traffic. By offloading common utility tasks like TLS decryption and de-duplication we are increasing the efficiency and performance of the connected solutions
Niagara’s NPB’s meet the stringent demands for the core networking reliability, scalability and performance required by networking teams. Combining the NPB with the Packetron provides users with an agile and flexible deployment hub.
Users can combine multiple Network Intelligence (NI) utility processing applications on the same network packet broker. NI Applications will be applied at a user defined logical sequence on the data traffic. Moreover, trigger-based policy capabilities can steer traffic to different processing applications or to a different sequence of processing depending on the status and state of the connected network and security appliances or in case of traffic triggers.
All Network Intelligence applications are seamlessly integrated into the FabricFlow™ operation of the host multipurpose visibility node. Users can apply the NI Application on the traffic from user friendly, hassle-free menu screens.
Consolidating multiple network tools into a single NPB. Processing modules can be added to the NPB scaling performance to meet user’s needs.
Niagara’s Network Intelligence is achieved using the Packetron™ packet processor acceleration hardware module. This module fits into the network packet broker. The user can add multiple modules in cases where more traffic intelligence processing power is needed.
Combining Packet broker functionality with application layer processing agility.
Applications running on the Packetron automatically and seamlessly benefit from aggregation, replication, filter, load balance, inline bypass, and other traffic manipulation capabilities of a fully featured NPB. By connecting to the non-blocking switching core, traffic from any and to any port can be easily accomplished.
Input traffic from packet broker ports, bypass ports or tap ports via the non-blocking switching fabric, enables the Packetron to provide Network Intelligence application for both out-of-band monitoring deployments and for inline deployments.
A multi purpose visibility node is powered by a switching fabric that is able to deliver high-performance wire speed processing and forwarding capabilities on packets, up to Layer 4. The Packetron module is directly connected to the host switching fabric. As a modular, field replaceable module, users can add Packetron modules to scale up their processing needs and streamline agility in operations . The Packetron is able to handle sophisticated application level intelligence and L7 level processing on packets, sessions and flows.
Niagara's Open Visibility Platform (OVP) fully modular carrier grade solution enables agile network and security operations.