What is a Network Packet Broker?
August 15, 2012
A Network Packet Broker (NPB) is a hardware-based appliance that helps provide access and visibility for a variety of network monitoring by acting as a passive visibility layer that network traffic passes through. NPBs functionality may include aggregating monitored traffic from multiple links, traffic filtering, traffic regeneration, load balancing flagged traffic to various tools, pre-filtering traffic to offload, and directing traffic intelligently based on various port-mapping schemes.
NPBs also are known as fabric switches, traffic visibility switches, visibility layers, traffic visibility networking, intelligent taps, network monitoring switches and distributed traffic captures, among other names. The NPB term was coined by Gartner (News - Alert) Analysts Deb Curtis and Jonah Kowall in April, 2012.
Six criteria define an NPB, according to Kowall:
- Many-to-many port mapping for real-time adjustments of packet flow. The NPB can use a GUI or command-line interface for configuration.
- Filtering of packet data based on the characteristics found in the packet headers, allowing filtering of Open Systems (News - Alert) Interconnection (OSI) Layers 2 through 4.
- Packet slicing and de-duplication that allows a subset of the full packet data to be passed to the monitoring device. This allows for monitoring to scale more efficiently.
- Aggregating multiple packet stream inputs into one larger stream, or having one large stream broken into several smaller streams. An example is 7 1Gb links that are fed into a single 7Gb connection for data monitoring.
- Distributing traffic load per device by sending it to different probes or appliances in order to scale the monitoring, or to provide redundancy in the monitoring technology.
- Insertion of hardware-based time stamps that monitoring tools can use to take more accurate measurements. This hardware-based time stamps can change the accuracy of the packet time from milliseconds to microseconds, allowing for granular measurements.
Additionally, although not a part of the Gartner definition, NPBs often also include deep packet inspection, which allows filtering and routing based on data characteristics; the capability to capture ingress port identification, which enables unique identification of traffic from multiple ingress ports; and the ability to mask specific data in the packets, keeping confidential data such as social security numbers safe.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.
Edited by Jamie Epstein