Securing and maintaining large-scale production networks is about the tools and solutions used. Gaining visibility into and managing flow data is critical to not only optimising performance and security, but ensuring consistency and compliance across a network of any scale.
Introducing Big Switch by Arista
Big Switch is a suite of cloud networking products aimed at hybrid networks (those incorporating both physical and virtual networking and cloud-based networking). Of particular importance for monitoring NetFlow and IPFIX metadata is Big Monitoring Fabric Service Node, which delivers advanced packet and flow handling functions, to increase visibility and maintain cross-network security. With this, network managers can define the traffic each tool receives, eliminate unnecessary or sensitive data, ensure tools optimally, and protect privacy.
Big Switch, which runs on network switches, is capable of generating rich NetFlow and IPFIX metadata about traffic that flows through the switch. It is built with industry-standard x86 DPDK servers. Multiple integrations of Big Switch and Big Mon Service Nodes offer terabit-scale performance, remove payloads and headers, mask sensitive data, perform deep packet inspection, and generate NetFlow and IPFIX metadata for flow-based analysis tools, with redundant or irrelevant packets filtered.
This makes sophisticated flow analysis possible using the correct flow analysis and monitoring tools, which are able to not only collect and collate the data, but pinpoint trends, identify risks, and provide continuous insight.
Unify data for improved analysis
Significantly, Big Switch unifies data flows as one source type for all downstream tools. This results in more accurate analysis, greater network optimisation – with better and more detailed information – and the assurance of policy compliance across flows, tools and devices.
No true insight is achievable without analysis, however. Scrutinizer by Plixer is the second part to this equation: a network traffic analysis system that provides a single source of truth for all their data flows, guides optimisation, and results in a go-to reference point for network insights. After all, data collection only takes us so far. Data is only fuel for insight; it alone cannot guide decisions. Guidance comes from tools such as Scrutinizer, which collects and analyses data, and stores metadata to help define early reporting and incident-alert thresholds. The aggregation of historical data is how networks develop their robustness. By understanding what has been – the history of which is painted through flow data – network managers can better prepare for what will be, and optimise network performance without impacting security.
The flow of data from source to network switch to Scrutinizer by Plixer
We’ve said it many times before that the best network solutions combine the best tools. Big Switch unifies data and generates essential metadata, both NetFlow and IPFIX, for Scrutinizer to collect, store, and analyse. The advantages of Scrutinizer improve through other solutions, and through tools that generate more data and, subsequently, information.