The ability to deploy a security—or even a networking—solution in the network has been a long, complicated process.
So much has stood in the way of progress, making the ability to add or change solutions difficult and causing this area to be one of the least agile in the enterprise
They have different goals, but they are, at the same time, inexorably connected and ultimately about the same thing.
The “Network” needs an easy way to add/remove/manage security and network solutions, while looking at availability, throughput, OPEX, and flexibility in addressing growing network needs - more traffic, more tools and more customers.
It’s time to stop looking at security and networking completely separately. To solve the issue of network solution deployment agility with failsafe networking, you have to consider them together.
The Network Manager is focused on the network, and the network is always changing. Changing in order to address the constant needs for services, bandwidth, accessibility, while maintaining the highest network availability and performance. Deploying any type of solution turns into a complicated process as it may adversely affect aspects of the network.
The Security Manager is focused on the security of the services, the data and the users. He is fighting a moving “target” of security threats and breaches, and needs to adjust swiftly and to continuously introduce the most uptodate security solutions available. As security architecture evolves, the security solutions need to access more places in the network than ever before.
OVP provides an open, high performance unconstrained environment for hosting
virtualized solutions combined with intelligent traffic delivery capabilities
The Open Visibility Platform is a place to host any virtualized application for security and network solutions. By any solution, this includes not only any virtualized solution from a third-party, but also any proprietary, homegrown solution, or in the case of government organizations or highly specialized groups, some kind of black box. It also includes the ability to deploy solutions on-demand and ad-hoc for various testing, diagnostics and assessments.
Let’s take a closer look at the concept of openness and flexibility. What this means is that now organizations have the freedom to choose, and not be tied to closed garden offerings of a particular vendor. But even more than that, really, the freedom to choose and not have it take forever or to have to play “Let’s Make a Deal” with networking to swap an existing solution for some new one that you want to add. This freedom will also promote innovation because now there is a place to deploy new things.
Deployment Hub - the OVP is a high performance/high-reliability appliance that is built to meet the requirements of any network, including the largest service providers. Because the OVP meets stringent demands for the core networking reliability, scalability and performance required by networking teams, it enables agility and flexibility by providing a deployment hub to easily host and serve multiple security and networking solutions. The OVP platform supports both inline and out-of-band deployment scenarios.
Getting the right traffic the right way - The OVP can intelligently deliver traffic and configure policies and rules to establish traffic flows to and from solutions, and to determine the logical sequence of traffic being sent to the hosted applications as needed. Policies, actions and traffic steering can be triggered to address host application failure and failover conditions. The hosted applications can be deployed reliably inline and out-of-band.
With rapid changes to both solutions and requirements, organizations have been faced with a proliferation of tools that vie for a limited number of ports from networking components, limited rack space and extensive restrictions or lengthy approval processes placed on deploying new solutions. Now, the OVP can serve as a primary deployment hub in the network, reducing deployment cost and time. The platform is built to meet the most stringent requirements for performance, scalability, reliability and availability.
Figure depicts OVP Pillars – installing best of breed solutions, saving on operational costs and deployment complexity, and at the same time improving reliability. This can be further expanded, by consolidating multiple network and security solutions, leveraging OVP ability to host multiple solutions.
The OVP provides intelligent delivery of precisely the right network traffic, delivered in the right way, having already performed the often performance-intensive utility processing functions, such as TLS decryption, de-duplication, IPFIX data extraction and data masking. These utility functions offload the task from individual solutions to enable them to focus on their own specialized tasks unencumbered by utility functions.
The N2 Series is a modular multi purpose visibility node, supporting NPB, active/passive Tap or switch bypass functionality. It sits directly on the network infrastructure and is designed for very high performance and reliability. Its what delivers network traffic to in-line or out-of-band solutions. Many of the top service providers already rely on Niagara’s N2 Series in their core networks.
Packetron is an add-in packet process acceleration module that enables the solution hosting and performs the traffic processing utilities. Additional Packetron modules can be added in to scale for more solutions, traffic processing and load.
The underlying objective of the visibility layer, as a layer of devices sitting between the network itself and the network tools and security appliances, is to serve as an adaptation layer responsible for delivering the right traffic to the right tool. By doing this we are increasing the efficiency of the tools, streamlining the enterprise's operations and reducing overall total cost of ownership.