The basics of network packet brokers

For years, SPAN ports were the preferred approach to network visibility. But when their limitations became clear, networking pros started adopting network taps and bypass network switches as more reliable tools for connecting security and monitoring appliances.

However, SPAN, taps, and bypass switches aren’t the only pieces of the network visibility puzzle. Maximizing security and monitoring capabilities requires network packet brokers (NPBs), too.

What are network packet brokers?

Network packet brokers are active devices that direct raw data flows from SPAN ports and network taps to appliances for monitoring, performance management, and security.

Your out-of-band tools can only handle so much throughput and not every tool requires access to every data packet. That’s why NPBs act as virtual “brokers” of data, delivering only the appropriate data streams to specific tools.

Network packet brokers bring three key functions to an increasingly-complex network architecture:

  • Full visibility: Identify known, suspicious, and unknown traffic that passes through the network.
  • Robustness: Enable data loss prevention and advanced filtering, in addition to high availability and other niche packet capabilities.
  • Management: Determine what to do with all types of traffic that traverse the network.

It’s important to understand that NPBs are just one piece of a larger pervasive network visibility strategy. However, there are many reasons to invest in powerful NPBs in your network architecture.

Why deploy network packet brokers?

Organizing network traffic from multiple SPAN ports and tap points enables you to manipulate traffic flows in ways that improve both visibility and security.

While those high-level advantages set the scene for NPB adoption, the following are specific advantages of deploying these visibility tools:

  • Efficient traffic filtering: It may seem like a basic feature, but filtering traffic means you can ensure efficiency, reliability, and effectiveness of all monitoring tools.
  • Secure deduplication: Redundant data can lead to bandwidth constraints across your network. At a time when application availability and performance are more important than ever, you can’t afford duplicate data analysis. But with deep packet inspection in NPBs, you can securely remove redundant packets.
  • Packet optimization: Deduplication isn’t the only way to optimize resource utilization in traffic flows. Time stamping and conditional packet slicing can also boost effectiveness of your monitoring tools.
  • Load balancing: In addition to traffic filtering, NPBs are also tasked with load balancing data across monitoring tools to avoid over-utilization of specific devices.

It’s important to simplify network design as much as possible. But the reality is that as business demands continue to increase, more and more devices and links will be added to the network architecture.

If you make the most of network packet brokers, you can boost port density across your architecture and maximize performance. The key is balancing scale, security, and visibility.