Easy Ways to Improve Network Reliability and Performance
December 01, 2017

Keith Bromley
Ixia

Share this

There was a recent blog on APMdigest by Pete Goldin — Protecting Network Performance is as Essential as Securing the Network — that I wanted to follow up on.

As mentioned in the blog, performance issues and outages are possible when security tools (like an IPS, WAF, etc.) are inserted inline. However, one easy way to mitigate this concern is to deploy a bypass switch before the inline tool. This creates a fail-over mechanism to let traffic continue to flow downstream, should there be a tool failure. Heartbeat signals between the bypass switch and the tool can create a self-healing architecture that restores normal traffic inspection protocols once the security tool comes back online.

While some tools have internal bypass switches, these internal bypass switches can actually lower the mean time between failure (MTBF) for that type of deployment scenario. External bypass switches deliver an improved confidence in network and application reliability without costing an arm and a leg.

In addition, should you want to remove the tool from service altogether (or perform maintenance upgrades), the bypass switch can accommodate that with minimal (on the order of milliseconds) service disruption.

Another concern raised from the SANS report referenced in the blog was that some of features do not get activated on inline tools because of the performance hit associated with many of those features (e.g., SSL decryption, deduplication). A quick solution to this is deploy a network packet broker (NPB). The best place to insert the NPB is between the bypass switch and the security tool(s), as this can provide an even stronger level of network reliability, especially if traffic load balancing or high availability features are deployed on the NPB.

From a performance perspective though, this is where you can really see a benefit. Instead of activating SSL decryption on your firewall and slowing the throughput to a crawl, perform the decryption/encryption functionality on the NPB (which should have dedicated resources to perform the function). Now you can perform the decryption functions you need to inspect for encrypted malware and also maintain the level of network performance that your internal and external customers demand.

Keith Bromley is Senior Manager, Solutions Marketing at Ixia Solutions Group, a Keysight Technologies business
Share this

The Latest

July 09, 2020

Enterprises that halted their cloud migration journey during the current global pandemic are two and a half times more likely than those that continued their move to the cloud to have experienced IT outages that negatively impacted their SLAs, according to Virtana's latest survey report The Current State of Hybrid Cloud and IT ...

July 08, 2020

Every business has the responsibility to do their part against climate change by reducing their carbon footprint while increasing sustainability and efficiency. Harnessing optimization of IT infrastructure is one method companies can use to reduce carbon footprint, improve sustainability and increase business efficiency, while also keeping costs down ...

July 07, 2020

While the adoption of continuous integration (CI) is on the rise, software engineering teams are unable to take a zero-tolerance approach to software failures, costing enterprise organizations billions annually, according to a quantitative study conducted by Undo and a Cambridge Judge Business School MBA project ...

June 25, 2020

I've had the opportunity to work with a number of organizations embarking on their AIOps journey. I always advise them to start by evaluating their needs and the possibilities AIOps can bring to them through five different levels of AIOps maturity. This is a strategic approach that allows enterprises to achieve complete automation for long-term success ...

June 24, 2020

Sumo Logic recently commissioned an independent market research study to understand the industry momentum behind continuous intelligence — and the necessity for digital organizations to embrace a cloud-native, real-time continuous intelligence platform to support the speed and agility of business for faster decision-making, optimizing security, driving new innovation and delivering world-class customer experiences. Some of the key findings include ...

June 23, 2020

When it comes to viruses, it's typically those of the computer/digital variety that IT is concerned about. But with the ongoing pandemic, IT operations teams are on the hook to maintain business functions in the midst of rapid and massive change. One of the biggest challenges for businesses is the shift to remote work at scale. Ensuring that they can continue to provide products and services — and satisfy their customers — against this backdrop is challenging for many ...

June 22, 2020

Teams tasked with developing and delivering software are under pressure to balance the business imperative for speed with high customer expectations for quality. In the course of trying to achieve this balance, engineering organizations rely on a variety of tools, techniques and processes. The 2020 State of Software Quality report provides a snapshot of the key challenges organizations encounter when it comes to delivering quality software at speed, as well as how they are approaching these hurdles. This blog introduces its key findings ...

June 18, 2020

For IT teams, run-the-business, commodity areas such as employee help desks, device support and communication platforms are regularly placed in the crosshairs for cost takeout, but these areas are also highly visible to employees. Organizations can improve employee satisfaction and business performance by building unified functions that are measured by employee experience rather than price. This approach will ultimately fund transformation, as well as increase productivity and innovation ...

June 17, 2020

In the agile DevOps framework, there is a vital piece missing; something that previous approaches to application development did well, but has since fallen by the wayside. That is, the post-delivery portion of the toolchain. Without continuous cloud optimization, the CI/CD toolchain still produces massive inefficiencies and overspend ...

June 16, 2020

The COVID-19 pandemic has exponentially accelerated digital transformation projects. To better understand where IT professionals are turning for help, we analyzed the online behaviors of IT decision-makers. Our research found an increase in demand for resources related to APM, microservices and dependence on cloud services ...