SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

CHANNEL BY TOPICS


QUICK LINKS




VSS Monitoring Delivers Network Data to Big Data Analytics Systems

VSS Monitoring Delivers Network Data to Big Data Analytics Systems

November 19, 2013
By Peter Bernstein, Senior Editor
Share

Any discussion today with security professionals quickly turns to two critical needs, visibility and access to powerful analytics. Realities are that IT cannot respond to anomalies and threats it cannot see. They also cannot be proactive or reactive with prevention solutions without being able to correlate events with powerful analytic tools that span what typically today are siloed operational datasets.  


To help IT with these top of mind needs, network packer broker (NPB) provider VSS Monitoring has launched the Big Data Visibility solution. It is a system that not only closes the visibility gap into corporate data but also combines network data with big data from external sources to allow analysis of that data as a single dataset. This makes it much easier for IT to use the information for performance or business intelligence applications, forensics, compliance, or security assurance.


Image via Shutterstock 

First, a bit of background for those not familiar with NPBs. VSS Monitoring (News - Alert) has pioneered this emerging capability. It employs a systems approach for optimizing and scaling the connectivity between network switching and the universe of network monitoring and network security tools. NPBs are designed to improve tool usage and efficiency, simplify IT operations, and enhance the ROI from those tools. 

The reason the Big Data Visibility solution is important, as VSS Monitoring explains, is that by supplementing real-time, synchronous analysis of data in motion with cost-effective asynchronous analysis of stored data, the solution scales analytics and forensics to larger datasets than legacy technology. In addition, the VSS Monitoring’s vMesh architecture, the foundation of the solution, enables organizations to connect hundreds of NPB nodes and gain real-time views into big data across their entire network.

Visibility leverages new technology advances

The Big Data Visibility solution is built on two advances in the VSS Monitoring vMesh Architecture: vSpool and vNetConnect:

The vSpool hardware module for VSS Monitoring’s vBroker chassis:  enables network data to be captured directly from the network infrastructure, and delivered to and analyzed synchronously or asynchronously by any network analytics, forensics and big data systems over a common storage or content platform.  

vNetConnect software:  enables agent-free visibility into VMware and Cisco (News - Alert) virtual switches, providing visibility into physical and virtual workloads and the associated network traffic without requiring any additional software to be installed on the hypervisor or as a virtual machine.

“There are prodigious volumes of operational and business data available within network packet streams, waiting to be fully leveraged by the fast growing ranks of Big Data analytics solutions,” said Jim Frey, vice president of research, Enterprise Management Associates.  “By offering new methods for directly forwarding packet captures into Big Data architectures, VSS Monitoring is opening a new door for operational-intelligence solutions.  Further, VSS has added an important extension that can restore visibility into virtualized server environments, where VM-to-VM packet communications can and do occur without ever crossing a physical network wire.”

Watching data in motion

As noted above, a huge challenge for security professionals, arising from the explosion of vectors of vulnerability caused by BYOD, the cloud, virtualization and mobility, is that much of what is crossing corporate networks is not being captured by big analytics systems. In fact, research firm IDC (News - Alert) in its 2012 Digital Universe Study, found that only about 3 percent of the potentially useful data is tagged, and even less is analyzed. This lack of visibility impedes the ability of IT to respond rapidly and effectively when problems arise.

In short, most enterprises are acting almost blindly when it comes to really being able to see and analyze the data that is in motion on their networks. It is a significant “big data gap” and VSS Monitoring, by providing improved visibility of structured and unstructured data, enables IT literally, as London’s subway implores riders, to “Mind the Gap.”

The reason the Big Data Solution raises the bar for providing protection is that even the best of today’s big data apps largely lack visibility into data in motion. As VSS notes, specialized network data-capture tools are not new. However, they analyze, store and present only that portion of a dataset suited to their purpose. To complicate matters, those tools as cited above are usually used in silos.

As a result they were not built to scale to the data volumes on today’s networks, and are not ready for the data storm on the way. In addition, they have a narrow scope and store data in proprietary formats. This fragmentation of tools and their management not only creates additional operational costs, but as importantly limits the broader use of those datasets.

DeClouette, vice president, Communications, Media and Entertainment, Hitachi Data Systems (News - Alert), is impressed with the solution, explaining that, "Service providers and enterprise customers are now looking for more comprehensive and ‘cross-domain’ insights to make informed business decisions. Hitachi Content Platform (HCP) brings to market an unmatched level of capabilities for big data, including search, storage scalability, management and protection. By adding VSS NPBs powered by vSpool, end users can perform deep analysis on data in motion and gain a new level of visibility and intelligence from their own big data.”

How to “Mind the Gap”

The VSS Big Data Visibility Solution closes the gap between the network and analytics by deploying a distributed architecture that centralizes access to network data, optimizes storage and enables real-time, interactive, and batch analysis. The addition of vNetConnect enables packets from both virtual switches and physical switches to be directed into the network packet broker layer, while vSpool provides capture and delivery of those packets to analytics tools and content platforms from a single point and in an open standard format. 

In terms of deliverables, multiple applications can leverage a single copy of the packaged data. The result is elimination of storage and analytics silos, along with optimization and scaling of the delivery of network data:

  • Network data is encapsulated in open standard file format. It can be directly transported to any (non-network tool) storage appliance or content platform that does not natively support network packet ingestion. The capture files can be read by many applications.
  • Data files are written to disk using open and standard transport protocols onto a commodity storage appliance or content platform in addition to traditional application-specific tools.

The solution makes network traffic available in real time and asynchronously. With additional grooming and packet optimization applied to the capture, only the optimized data and metadata of interest are extracted and ingested by the big data systems.

The virtualized data center has three core elements: Network, Compute, and Storage. The new solution adds to traditional NPB’s focus on network visibility to include the other two elements and gives IT a holistic view. It scales effectively by providing a non-invasive, agent-free visibility into virtualized compute, and provides asynchronous management and control of network data under a single common storage platform. 

Commenting on the new solution, Martin Breslin, founder and president, VSS Monitoring, noted that, “Bridging this gap by linking network data with big data systems, enables a comprehensive view of the information that the business needs to make the right decisions…No longer are variations in data types, interfaces between systems, network latency, or physical locations of network assets a limitation to high-quality analysis.” 

In addition, the “tool consolidation” and the use of commodity hardware made possible by vSpool allow for cost-effective scaling of network analytics and forensics, he added.

Both products are available immediately.  vNetConnect software starts at $20,000, and vSpool starts at $7,000. 

The benefit of NPBs is that they augment rather than replace IT’s current investment in tools.  The addition of the Big Data Solution expands the visibility of IT into all of the core elements of the virtual data center, increases the utility of existing tools by making enhanced use of the data generated and now leverages the full power of analytics across the entire enterprise landscape.  Given the rising cost of even a few seconds of poor or non-performance, having the right tools optimized for both proactive and reactive risk management of data in motion and at rest is what enterprises need, and closing the visibility gap has been a significant hole that has cried out to be filled.  




Edited by Blaise McNamee

Article comments powered by Disqus

Related Network Packet Broker Articles






Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].

STAY CURRENT YOUR WAY

© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy