What is Network Visibility? | Definition from TechTarget

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

What is Network Visibility? | Definition from TechTarget

Network visibility is an awareness of the components and data within an enterprise computer network. The term is often used to refer to the various tools enterprises use to increase awareness of their network data and other content.

Network visibility, also known as network observability, takes a proactive approach that helps enterprises to better monitor network traffic and network performance. It also serves as the foundation for a healthy network infrastructure. When implemented correctly, network visibility gives IT teams more control over their networks and lets them make better decisions regarding data protection and flow.

Why is network visibility important?

Network visibility lets organizations better understand traffic behavior on their networks. Organizations can use visibility to improve network efficiency, security and performance. The growing volume and variety of data that typical enterprise networks carry make network visibility an increasingly important priority.

Enterprises are accountable for the data that travels on their networks. As this data becomes more complex, network monitoring gets more difficult, threats ramp up, and breaches become more likely. Having network visibility lets the enterprise parse noisy data environments and ensure sensitive data is accounted for and properly secured.

Enterprise network visibility challenges

One overall network visibility challenge is adapting to the increasing speed and scale of modern enterprise networks without sacrificing performance. Below are some specific challenges organizations face in maintaining network visibility:

• Remote work. Virtual private networks enable employees to work securely from a remote location, but sacrifice the visibility that on-premises employee technology offers. Software-defined wide area networks (SD-WANs) solve this problem. Many enterprises let mobile device users connect directly to the cloud, in which case visibility also suffers.
• Network blind spots. While the cloud and mobile offer considerable performance advantages, they create blind spots in a network visibility architecture. For example, it’s difficult to measure application-level traffic to and from cloud data centers, because cloud platforms often have their own communication protocols and security architecture.
• Performance issues. Many traditional network monitoring tools and security measures, such as Simple Network Management Protocol, don’t work as well in the cloud. This is because they were configured for on-premises networks before the rise of the cloud and can’t adapt to the new cloud-based network.
• Encrypted data. Encrypted network traffic is a considerable portion of modern network traffic and makes visibility more difficult. In some cases, it also conceals cybersecurity vulnerabilities.
• Visibility tool limitations. Visibility is usually maintained and monitored by a combination of network visibility tools, each with its own specific purposes and limitations. For example, modern network switches only come with a limited number of Switched Port Analyzer (SPAN) ports. In addition, updating the physical network topology can make existing tools less effective if they lack the processing power for higher network bandwidths and throughputs. Also, network performance monitoring tools can get overloaded when fed data they can’t parse or too much data.
• Complex networks. Modern networks consist of a wide spectrum of network monitoring and analysis tools, such as firewalls, intrusion prevention systems, data loss prevention tools and antimalware software. Linking these elements efficiently and maintaining performance while also making all data visible becomes more difficult as networks become more complex and have more network segments to account for.

This is the hidden content, please

• Sign In
• or
• Sign Up

Following certain best practices will lead to a successful network monitoring approach.

Network visibility best practices

A good network visibility architecture should be scalable, sustainable and flexible. These principles should be considered before and during implementation:

• Scalability. Network visibility tools should accommodate rising network connectivity speeds and the consequent increase in packet volume. They also must be able to deal with network growth and change, including new geographical locations and infrastructure.
• Sustainability. Visibility technology should be easy to upgrade to accommodate increasing speeds and newer network components.
• Flexibility. Technologies should be flexible and adapt to changes in the network so that maintenance and upgrade cycles occur less frequently.

Best practices for implementing and maintaining network visibility architecture include the following:

• Packet source selection. Admins shouldn’t try to connect to and monitor every packet source in the network. Instead, data collection should be limited to select points on the network with the most visibility into other parts. This keeps excess data to a minimum and other network tools functioning properly.
• Choosing a packet access technique. In addition to choosing the source of packets for analysis and monitoring, administrators should decide which packets are watched and how they’re watched. Common options for this are test access points (TAPs) for passive monitoring or SPAN ports on network switches for port mirroring functions. TAPs generally don’t generate any load on the infrastructure, but create a small yet significant security vulnerability in the network. SPANs are more flexible than TAPs, but have performance and bandwidth limitations and bottlenecks.
• Passive vs. active deployment technologies. Administrators might opt for a passive approach that provides basic insights into performance or an active approach that lets administrators reorganize traffic flow using visibility technology.
• Accommodate virtual network infrastructure. Specific technology might be required to accommodate cloud and mobile in a network; they create visibility challenges that traditional visibility tools can fail to recognize.

Top network visibility tools and vendors

Network visibility tools can be used to help monitor network activity, performance, traffic, big data analytics and managed resources. Below are some common ones:

• Network packet brokers are network monitoring tools that aggregate data from multiple points and distribute it through network-to-network operations, application operations and security administrators. An NPB reduces the workload of network security tools such as intrusion detection systems, which can be overwhelmed by large quantities of data. It does this by sorting and forwarding data to security and monitoring tools using context-aware data processing for threat detection. It also optimizes the input other security tools receive so that they can make better decisions. A high-performance NPB should be able to scale to growing enterprise networks.
• Network TAPs are hardware devices inserted in the network at specific points to provide access to network traffic for testing and troubleshooting. It makes a copy of traffic and sends that copy for use by another tool in the network without impeding the flow of traffic. Because they’re hardware appliances, they have physical limitations, such as a limited number of ports. These are sometimes referred to as bypass switches.
• SD-WANs shift visibility from the traditional, appliance-centric approach to a software-defined approach where network traffic is routed through a managed cloud service instead of an on-premises appliance. This improves performance and security, reduces network complexity, and avoids the inherent limitations of physical appliances like traditional firewalls. It also provides a secure connection to cloud applications while maintaining visibility.

Vendors commonly offer managed services that combine several of the tools mentioned above and others. Some network visibility

This is the hidden content, please

• Sign In
• or
• Sign Up

are Broadcom, Cisco, Fortra, Keysight, LogicMonitor, Nagios, NetScout, Paessler, Riverbed and SolarWinds.

How network visibility helps ensure compliance

Network visibility is needed to comply with a range of state and federal regulations, especially those concerned with data protection and privacy. Without adequate visibility, security teams can easily miss cyberthreats that lead to data loss or security breaches. An organization that experiences cyberattacks will lose productivity, pay legal fees for lack of compliance and possibly face reputational damage.

For example, healthcare providers and financial services alike deal with sensitive data. If cloud storage networks are used to house large volumes of customer data, these organizations must have monitoring tools in place to keep watch over their cloud infrastructures. For healthcare providers, this helps ensure compliance with the Health Insurance Portability and Accountability Act. For financial services companies, it helps them comply with the Payment Card Industry Data Security Standard.

Network visibility is essential in multi-cloud environments given the distributed nature of the architecture. Learn why visibility is important in these environments and how to achieve it.

This is the hidden content, please

• Sign In
• or
• Sign Up

#Network #Visibility #Definition #TechTarget

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up