Why "Scaling Up" Your Network Infrastructure Always Leads to More Complexity and Cost - Part 2
March 19, 2019

Alastair Hartrup
Network Critical

Share this

Let's explore three ways the "scale up" approach to infrastructure growth impedes NetOps and security professionals (and the business as a whole). Part 1 of this blog covered the first way, hardware investments. The following are two more ways.

Start with Why "Scaling Up" Your Network Infrastructure Always Leads to More Complexity and Cost - Part 1

2. Features, Features, Features

"Scale up" versus "scale out" doesn't just apply to hardware investments, it also has an impact on product features. "Scale up" promotes buying the feature set you think you need now, then adding "feature modules" and licenses as you discover additional feature requirements are needed. Often as networks grow in size they also grow in complexity. For example, network monitoring and security tools connected to links through a Packet Broker don't always keep pace with the speeds of the newly installed links. This can require upgrading the feature set of the Packet Broker to offer advanced features to mitigate these issues.

When it comes to Packet Brokers, features such as port mapping and basic filtering are standard. Advanced features such as packet slicing, packet manipulation and various methods of load balancing, are often offered as discreet modules or annual licenses. Vendors, therefore, offer options to add-on advanced features by offering firmware modules and software licenses. This "scale up" approach allows the customer to purchase a stripped down feature set to keep the initial CAPEX low and add advanced features later as network complexity grows. This maintains a constant revenue and loyalty stream for vendors. Unfortunately, it can have the customer paying a lifetime of license fees for a one-time purchase. It may be helpful with CAPEX, but over time this approach can put a strain on OPEX as ongoing fees pile up.

The "scale out" approach literally tackles this problem by looking at advanced features as inherently valuable to the core product. For example, Packet Brokers built around the "scale out" principle include load balancing to help spread incoming traffic as new faster links are added. They include packet manipulation to help organizations deal with new privacy rules (such as GDPR) that require packet data payloads be masked. And they offer packet slicing to help increase the performance of monitoring and security tools. When needed these sorts of advanced features can be leveraged at will without ongoing licensing costs or additional modules.

3. Management of the Rules, Filters and Maps

If you're responsible for planning, writing, testing and deploying a new set of filter rules and port maps for an entire network system at each growth phase, you understand the massive amount of work it requires, and the challenges associated with the "scale up" approach. Writing filter maps so the right information is passed to the right tool can be a very complex operation with hierarchical filtering systems.

Furthermore, assigning ports to links and tools can also be very time consuming and error prone. While most vendors have the same operation and management systems, which are used when new units are deployed and decommissioned, it still requires a tremendous amount of time to transition from one model to the next. The net result: any sort of change often hurts when the underlying hardware is swapped out.

Packet Brokers that scale out eliminate the need to swap hardware, which can have a monumental impact on NetOps. All of a sudden, you can add and deploy new filter rules and port maps ad-hoc as needed, with no impact on existing rules and system operations. Deployment programing no longer starts from scratch with each growth phase. Simply by adding a hardware extension module to an existing system, network managers only need to map and apply filters to the new links. And these "scale out" solutions often have management software that automates provisioning by leveraging sophisticated computational engines that do the hard math in the background. Filter rules become independent rather than hierarchical. This added software saves time, money, and makes incremental changes easy.

As networks continue to become more and more complex, it has never been more important for the underlying infrastructure to adapt as well. Traditional approaches to Packet Broker solutions are quickly proving unsustainable when dealing with the traffic increases driven by IoT, SDN and more. As you look to scale your network to meet these modern-day requirements, consider looking at new "scale out" visibility solutions designed to simplify your NetOps world.

Alastair Hartrup is CEO of Network Critical
Share this

The Latest

April 18, 2019

A vast majority of organizations are still unprepared to properly respond to cybersecurity incidents, with 77% of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise, according to The 2019 Study on the Cyber Resilient Organization, a study conducted by the Ponemon Institute on behalf of IBM ...

April 17, 2019

People and businesses today make mistakes similar to Troy, when they get too enamored by the latest, flashiest technology. These modern Trojan Horses work through their ability to "wow" us. Cybercriminals find IoT devices an easy target because they are the cool new technology on the block ...

April 16, 2019

Software security flaws cause the majority of product vulnerabilities, according to the 2019 Security Report from Ixia's Application and Threat Intelligence (ATI) Research Center ...

April 15, 2019

The majority of organizations (nearly 70 percent) do not prioritize the protection of the applications that their business depend on — such as ERP and CRM systems — any differently than how low-value data, applications or services are secured, according to a new survey from CyberArk ...

April 12, 2019

While 97 percent of organizations are currently undertaking or planning to undertake digital transformation initiatives, integration challenges are hindering efforts for 84 percent of organizations, according to the 2019 Connectivity Benchmark Report from MuleSoft ...