The ability to deploy a security—or even a networking—solution in the network has been a long, complicated process. Much has stood in the way of progress, making the ability to add or change solutions difficult and causing this area to be one of the least agile in the design and implementation process of operational teams.
1. Security threats and networks are continuously changing.
2. Security solutions are constantly advancing.
3. Difficulty in deploying new solutions on the network or changing existing ones.
They have different goals, but they are also inexorably connected and related to the same thing.
The “Network” needs an easy way to add/remove/manage security and network solutions, while looking at availability, throughput, OPEX, and flexibility in addressing growing network needs - more traffic, more tools and more customers.
It’s time to stop looking at security and networking as separate entities. To solve the issue of network solution deployment agility with failsafe networking, you have to consider them together.
The Network Manager is focused on the network, and the network is always changing to address the constant needs for services, bandwidth, accessibility while maintaining the highest level of network availability and performance. Deploying any type of solution turns into a complicated process as it may adversely affect aspects of the network.
The Security Manager is focused on the security of services, data, and users. It fights a moving “target” of security threats and breaches and needs to adjust swiftly and continuously introduce the most up to date security solutions available. As security architectures evolve, security solutions need to access more places in the network than ever before.
OVP provides an open, high performance unconstrained environment for hosting
virtualized solutions combined with intelligent traffic delivery capabilities
The Open Visibility Platform is a place to host any virtualized application for security and network solutions. This includes any virtualized solution from a third-party, as well as any proprietary, homegrown solution, or in the case of government organizations or highly specialized groups, some kind of black box. It also includes the ability to deploy solutions on-demand and ad-hoc for various testing, diagnostics, and assessments.
What this means is that now organizations have the freedom to choose, and not be tied to offerings of a particular vendor. Furthermore, swapping an existing solution for a new one that you want to add no longer needs to be a lengthy, dragged out process. This freedom will also promote innovation as there is now a place to deploy new things.
The OVP is a deployment concept built around the high performance/high-reliability Packetron appliance that is designed to meet the requirements of any network, including the largest service providers. Because the OVP meets stringent demands for the core networking reliability, scalability, and performance required by networking teams, it enables agility and flexibility by providing a deployment hub to easily host and serve multiple security and networking solutions.
The OVP platform supports both inline and out-of-band deployment scenarios.
The OVP can intelligently deliver traffic and configure policies and rules to establish traffic flows to and from solutions, and determine the logical sequence of traffic being sent to the hosted applications as needed. Policies, actions, and traffic steering can be triggered to address host application failure and failover conditions.
The hosted applications can be deployed reliably inline and out-of-band.
With rapid changes to both solutions and requirements, organizations have been faced with a proliferation of tools that vie for a limited number of ports from networking components, limited rack space and extensive restrictions or lengthy approval processes placed on deploying new solutions. Now, the OVP can serve as a primary deployment hub in the network, reducing deployment cost and time. The platform is built to meet the most stringent requirements for performance, scalability, reliability and availability.
OVP Pillars – installing best of breed solutions, saving on operational costs and deployment complexity, and at the same time improving reliability. This can be further expanded, by consolidating multiple network and security solutions, leveraging OVP ability to host multiple solutions.
The OVP provides intelligent delivery of precisely the right network traffic, delivered in the right way, having already performed the often performance-intensive utility processing functions, such as TLS decryption, de-duplication, IPFIX data extraction and data masking. These utility functions offload the task from individual solutions to enable them to focus on their own specialized tasks unencumbered by utility functions.
The N2 Series is a modular multi-purpose visibility node, supporting NPB, active/passive TAP or switch bypass functionality. It sits directly on the network infrastructure and is designed for very high performance and reliability and delivers network traffic to in-line or out-of-band solutions. Many of the top service providers already rely on Niagara’s N2 Series in their core networks.
Packetron is an add-in packet process acceleration module that enables the solution hosting and performs the traffic processing utilities. Additional Packetron modules can be added in to scale for more solutions, traffic processing and load.
The underlying objective of the visibility layer, as a layer of devices sitting between the network itself and the network tools and security appliances, is to serve as an adaptation layer responsible for delivering the right traffic to the right tool. Doing this increases the efficiency of the tools, streamlined the enterprise's operations, and reduces the overall total cost of ownership.