Easy Ways to Improve Network Reliability and Performance

Keith Bromley
Learn more about Keysight Technologies

There was a recent blog on APMdigest by Pete Goldin — Protecting Network Performance is as Essential as Securing the Network — that I wanted to follow up on.

As mentioned in the blog, performance issues and outages are possible when security tools (like an IPS, WAF, etc.) are inserted inline. However, one easy way to mitigate this concern is to deploy a bypass switch before the inline tool. This creates a fail-over mechanism to let traffic continue to flow downstream, should there be a tool failure. Heartbeat signals between the bypass switch and the tool can create a self-healing architecture that restores normal traffic inspection protocols once the security tool comes back online.

While some tools have internal bypass switches, these internal bypass switches can actually lower the mean time between failure (MTBF) for that type of deployment scenario. External bypass switches deliver an improved confidence in network and application reliability without costing an arm and a leg.

In addition, should you want to remove the tool from service altogether (or perform maintenance upgrades), the bypass switch can accommodate that with minimal (on the order of milliseconds) service disruption.

Another concern raised from the SANS report referenced in the blog was that some of features do not get activated on inline tools because of the performance hit associated with many of those features (e.g., SSL decryption, deduplication). A quick solution to this is deploy a network packet broker (NPB). The best place to insert the NPB is between the bypass switch and the security tool(s), as this can provide an even stronger level of network reliability, especially if traffic load balancing or high availability features are deployed on the NPB.

From a performance perspective though, this is where you can really see a benefit. Instead of activating SSL decryption on your firewall and slowing the throughput to a crawl, perform the decryption/encryption functionality on the NPB (which should have dedicated resources to perform the function). Now you can perform the decryption functions you need to inspect for encrypted malware and also maintain the level of network performance that your internal and external customers demand.

Related Links

Hot Topics

Related Vendors

The Latest

State of the Data Center 2025

While IT leaders are becoming more comfortable and adept at balancing workloads across on-premises, colocation data centers and the public cloud, there's a key component missing: connectivity, according to the 2025 State of the Data Center Report from CoreSite ...

The Clock Is Ticking: How 47-Day Certificates and Quantum Threats Are Reshaping Cybersecurity

A perfect storm is brewing in cybersecurity — certificate lifespans shrinking to just 47 days while quantum computing threatens today's encryption. Organizations must embrace ephemeral trust and crypto-agility to survive this dual challenge ...

MEAN TIME TO INSIGHT Podcast - Episode 14: Hybrid Multi-Cloud Network Observability

In MEAN TIME TO INSIGHT Episode 14, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses hybrid multi-cloud network observability... 

What's the State of AI Costs in 2025?

While companies adopt AI at a record pace, they also face the challenge of finding a smart and scalable way to manage its rapidly growing costs. This requires balancing the massive possibilities inherent in AI with the need to control cloud costs, aim for long-term profitability and optimize spending ...

Bridging the Visibility Gap: A Path to Smarter Telecom Infrastructure

Telecommunications is expanding at an unprecedented pace ... But progress brings complexity. As WanAware's 2025 Telecom Observability Benchmark Report reveals, many operators are discovering that modernization requires more than physical build outs and CapEx — it also demands the tools and insights to manage, secure, and optimize this fast-growing infrastructure in real time ...

Redis Monitoring 101: Key Metrics You Need to Watch

As businesses increasingly rely on high-performance applications to deliver seamless user experiences, the demand for fast, reliable, and scalable data storage systems has never been greater. Redis — an open-source, in-memory data structure store — has emerged as a popular choice for use cases ranging from caching to real-time analytics. But with great performance comes the need for vigilant monitoring ...

Beyond Traditional Autoscaling: The Future of Kubernetes in AI Infrastructure

Kubernetes was not initially designed with AI's vast resource variability in mind, and the rapid rise of AI has exposed Kubernetes limitations, particularly when it comes to cost and resource efficiency. Indeed, AI workloads differ from traditional applications in that they require a staggering amount and variety of compute resources, and their consumption is far less consistent than traditional workloads ... Considering the speed of AI innovation, teams cannot afford to be bogged down by these constant infrastructure concerns. A solution is needed ...

AI Drives Surge in Data Budgets

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned Architecture Causes Service Disruptions, High Operational Costs and Security Challenges

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

How GenAI Can Save Time for the NetOps Team

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...

Easy Ways to Improve Network Reliability and Performance

Keith Bromley
Learn more about Keysight Technologies

There was a recent blog on APMdigest by Pete Goldin — Protecting Network Performance is as Essential as Securing the Network — that I wanted to follow up on.

As mentioned in the blog, performance issues and outages are possible when security tools (like an IPS, WAF, etc.) are inserted inline. However, one easy way to mitigate this concern is to deploy a bypass switch before the inline tool. This creates a fail-over mechanism to let traffic continue to flow downstream, should there be a tool failure. Heartbeat signals between the bypass switch and the tool can create a self-healing architecture that restores normal traffic inspection protocols once the security tool comes back online.

While some tools have internal bypass switches, these internal bypass switches can actually lower the mean time between failure (MTBF) for that type of deployment scenario. External bypass switches deliver an improved confidence in network and application reliability without costing an arm and a leg.

In addition, should you want to remove the tool from service altogether (or perform maintenance upgrades), the bypass switch can accommodate that with minimal (on the order of milliseconds) service disruption.

Another concern raised from the SANS report referenced in the blog was that some of features do not get activated on inline tools because of the performance hit associated with many of those features (e.g., SSL decryption, deduplication). A quick solution to this is deploy a network packet broker (NPB). The best place to insert the NPB is between the bypass switch and the security tool(s), as this can provide an even stronger level of network reliability, especially if traffic load balancing or high availability features are deployed on the NPB.

From a performance perspective though, this is where you can really see a benefit. Instead of activating SSL decryption on your firewall and slowing the throughput to a crawl, perform the decryption/encryption functionality on the NPB (which should have dedicated resources to perform the function). Now you can perform the decryption functions you need to inspect for encrypted malware and also maintain the level of network performance that your internal and external customers demand.

Related Links

Hot Topics

Related Vendors

The Latest

State of the Data Center 2025

While IT leaders are becoming more comfortable and adept at balancing workloads across on-premises, colocation data centers and the public cloud, there's a key component missing: connectivity, according to the 2025 State of the Data Center Report from CoreSite ...

The Clock Is Ticking: How 47-Day Certificates and Quantum Threats Are Reshaping Cybersecurity

A perfect storm is brewing in cybersecurity — certificate lifespans shrinking to just 47 days while quantum computing threatens today's encryption. Organizations must embrace ephemeral trust and crypto-agility to survive this dual challenge ...

MEAN TIME TO INSIGHT Podcast - Episode 14: Hybrid Multi-Cloud Network Observability

In MEAN TIME TO INSIGHT Episode 14, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses hybrid multi-cloud network observability... 

What's the State of AI Costs in 2025?

While companies adopt AI at a record pace, they also face the challenge of finding a smart and scalable way to manage its rapidly growing costs. This requires balancing the massive possibilities inherent in AI with the need to control cloud costs, aim for long-term profitability and optimize spending ...

Bridging the Visibility Gap: A Path to Smarter Telecom Infrastructure

Telecommunications is expanding at an unprecedented pace ... But progress brings complexity. As WanAware's 2025 Telecom Observability Benchmark Report reveals, many operators are discovering that modernization requires more than physical build outs and CapEx — it also demands the tools and insights to manage, secure, and optimize this fast-growing infrastructure in real time ...

Redis Monitoring 101: Key Metrics You Need to Watch

As businesses increasingly rely on high-performance applications to deliver seamless user experiences, the demand for fast, reliable, and scalable data storage systems has never been greater. Redis — an open-source, in-memory data structure store — has emerged as a popular choice for use cases ranging from caching to real-time analytics. But with great performance comes the need for vigilant monitoring ...

Beyond Traditional Autoscaling: The Future of Kubernetes in AI Infrastructure

Kubernetes was not initially designed with AI's vast resource variability in mind, and the rapid rise of AI has exposed Kubernetes limitations, particularly when it comes to cost and resource efficiency. Indeed, AI workloads differ from traditional applications in that they require a staggering amount and variety of compute resources, and their consumption is far less consistent than traditional workloads ... Considering the speed of AI innovation, teams cannot afford to be bogged down by these constant infrastructure concerns. A solution is needed ...

AI Drives Surge in Data Budgets

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned Architecture Causes Service Disruptions, High Operational Costs and Security Challenges

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

How GenAI Can Save Time for the NetOps Team

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...