Let's explore three ways the "scale up" approach to infrastructure growth impedes NetOps and security professionals (and the business as a whole). Part 1 of this blog covered the first way, hardware investments. The following are two more ways.

Start with Why "Scaling Up" Your Network Infrastructure Always Leads to More Complexity and Cost - Part 1

2. Features, Features, Features

"Scale up" versus "scale out" doesn't just apply to hardware investments, it also has an impact on product features. "Scale up" promotes buying the feature set you think you need now, then adding "feature modules" and licenses as you discover additional feature requirements are needed. Often as networks grow in size they also grow in complexity. For example, network monitoring and security tools connected to links through a Packet Broker don't always keep pace with the speeds of the newly installed links. This can require upgrading the feature set of the Packet Broker to offer advanced features to mitigate these issues.

When it comes to Packet Brokers, features such as port mapping and basic filtering are standard. Advanced features such as packet slicing, packet manipulation and various methods of load balancing, are often offered as discreet modules or annual licenses. Vendors, therefore, offer options to add-on advanced features by offering firmware modules and software licenses. This "scale up" approach allows the customer to purchase a stripped down feature set to keep the initial CAPEX low and add advanced features later as network complexity grows. This maintains a constant revenue and loyalty stream for vendors. Unfortunately, it can have the customer paying a lifetime of license fees for a one-time purchase. It may be helpful with CAPEX, but over time this approach can put a strain on OPEX as ongoing fees pile up.

The "scale out" approach literally tackles this problem by looking at advanced features as inherently valuable to the core product. For example, Packet Brokers built around the "scale out" principle include load balancing to help spread incoming traffic as new faster links are added. They include packet manipulation to help organizations deal with new privacy rules (such as GDPR) that require packet data payloads be masked. And they offer packet slicing to help increase the performance of monitoring and security tools. When needed these sorts of advanced features can be leveraged at will without ongoing licensing costs or additional modules.

3. Management of the Rules, Filters and Maps

If you're responsible for planning, writing, testing and deploying a new set of filter rules and port maps for an entire network system at each growth phase, you understand the massive amount of work it requires, and the challenges associated with the "scale up" approach. Writing filter maps so the right information is passed to the right tool can be a very complex operation with hierarchical filtering systems.

Furthermore, assigning ports to links and tools can also be very time consuming and error prone. While most vendors have the same operation and management systems, which are used when new units are deployed and decommissioned, it still requires a tremendous amount of time to transition from one model to the next. The net result: any sort of change often hurts when the underlying hardware is swapped out.

Packet Brokers that scale out eliminate the need to swap hardware, which can have a monumental impact on NetOps. All of a sudden, you can add and deploy new filter rules and port maps ad-hoc as needed, with no impact on existing rules and system operations. Deployment programing no longer starts from scratch with each growth phase. Simply by adding a hardware extension module to an existing system, network managers only need to map and apply filters to the new links. And these "scale out" solutions often have management software that automates provisioning by leveraging sophisticated computational engines that do the hard math in the background. Filter rules become independent rather than hierarchical. This added software saves time, money, and makes incremental changes easy.

As networks continue to become more and more complex, it has never been more important for the underlying infrastructure to adapt as well. Traditional approaches to Packet Broker solutions are quickly proving unsustainable when dealing with the traffic increases driven by IoT, SDN and more. As you look to scale your network to meet these modern-day requirements, consider looking at new "scale out" visibility solutions designed to simplify your NetOps world.