Enterprise networks are as complicated as they have ever been. A host of factors are coming together that are creating previously unimaginable complexity, which in turn is the underlying cause of performance issues and cybersecurity flaws. Network administrators are bombarded with change at a rapid pace, with enterprise mobility, machine-to-machine traffic, virtualized infrastructure, encrypted traffic and more turning their infrastructure upside down. It's a wonder they have time to rest.
These trends put network performance and security at risk by creating blind spots. For example, the rise of virtualized infrastructure has been necessary to support many modern technologies, but virtualized infrastructure is more difficult to monitor than physical infrastructure, which in turn has created security weak points. Likewise, there has been a significant growth in SSL encrypted traffic in recent years, to the point where it now represents nearly a third of all enterprise traffic, per a study by NSS Labs. But, many out of band monitoring and performance management tools do not have the ability to support SSL traffic, and even if they do, they don't have the ability to monitor it in a way that doesn't dramatically reduce network performance. Again, administrators are left with the choice of a blind spot or an untenable network chokepoint – not an appealing option.
Virtualization and SSL traffic are here today, but the Internet of Things and the associated machine-to-machine traffic are coming tomorrow. When they fully arrive, network administrators will have far more to contend with as even the lowliest sensor redefines the edge of the network and the use of newly integrated devices results in more chatter and more network traffic than ever before. This is especially true for manufacturing, industrial and government networks, where IoT is going to mean a lot more than just smart thermostats and refrigerators.
All hope is not lost for besieged enterprise IT departments. What they need now, more than ever, is visibility. They will never be able to manage what they can't see, and fortunately for them, there are ways to gain a single view over each and every part of their network infrastructure. Here are four tips that will help increase visibility and shine a bright light on blind spots:
1. TAP Everything
It is no longer good enough to rely on SPAN ports. They have a variety of limitations, from limited views to missed packets. It's time to TAP everything.
2. Connect Everything
All out of band security and performance management tools can't sit separately from the rest of the network infrastructure. The tools that need to see network traffic can't be siloed, and need to be able to review every packet without contention.
3. Segment Traffic
Security and performance management tools need access to traffic, just not all traffic, all the time. By segment, manipulating and grooming traffic flows, administrators can ensure that the appropriate traffic is flowing to the right places.
4. Aggregate Traffic and Metadata
Enormous benefits can be derived from aggregating traffic and metadata into a single, unified fabric that gives administrators one view of their network.
The future is as bright as ever, but the network that's going to support it is complicated. Network administrators that bring visibility to their infrastructure will race forward fastest, without the fear that a new problem is lurking in their blind spot.
Ananda Rajagopal is VP of Product Management at Gigamon.