Network Packet Broker (NPB) is a switch like networking device that ranges in size from portable devices to 1U and 2U unit cases to large cases and board systems. Unlike a switch, the NPB does not change the traffic that flows through it in any way unless explicitly instructed. It resides between taps and SPAN ports, access network data and sophisticated security and monitoring tools that typically reside in data centers. NPB can receive traffic on one or more interfaces, perform some predefined functions on that traffic, and then output it to one or more interfaces for analyzing content related to network performance operations, network security and threat intelligence.
Without Network Packet Broker
What kind scenarios need the Network Packet Broker?
First, there are multiple traffic requirements for the same traffic capture points. Multiple taps add multiple points of failure. Multiple mirroring (SPAN) occupies multiple mirroring ports, affecting device performance.
Secondly, the same security device or traffic analysis system needs to collect the traffic of multiple collection points, but the device port is limited and cannot receive the traffic of multiple collection points at the same time.
Here are some other benefits of using Network Packet Broker for your network:
- Filter and deduplicate invalid traffic to improve the utilization of security devices.
- Supports multiple traffic collection modes, enabling flexible deployment.
- Supports tunnel decapsulation to meet requirements for analyzing virtual network traffic.
- Meet the needs of secret desensitization, save special desensitization equipment and cost;
- Calculate the network delay based on the time stamps of the same data packet at different collection points.
With Network Packet Broker
Network Packet Broker - Optimize your Tool Efficiency:
1- Network Packet Broker help you take full advantage of monitoring and security devices. Let's consider some of the potential situations you might encounter using these tools, where many of your monitoring/security devices may be wasting traffic processing power unrelated to that device. Eventually, the device reaches its limit, handling both useful and less useful traffic. At this point, the tool vendor will certainly be happy to provide you with a powerful alternative product that even has the extra processing power to solve your problem... Anyway, it's always going to be a waste of time, and extra cost. If we could get rid of all the traffic that makes no sense to it before the tool arrives, what happen?
2- Also, assume that the device only looks at header information for the traffic it receives. Slicing packets to remove the payload, and then forwarding only the header information, can greatly reduce the traffic burden on the tool; So why not? Network Packet Broker (NPB) can do this. This extends the life of existing tools and reduces the need for frequent upgrades.
3- You may find yourself running out of available interfaces on devices that still have plenty of free space. The interface may not even be transmitting near its available traffic. The aggregation of NPB will solve this problem. By aggregating data flow to the device on the NPB, you can leverage each interface provided by the device, optimizing bandwidth utilization and freeing interfaces.
4- On a similar note, your network infrastructure has been migrated to 10 Gigabytes and your device has only 1 gigabyte of interfaces. The device may still be able to easily handle the traffic on those links, but cannot negotiate the speed of the links at all. In this case, the NPB can effectively act as a speed converter and pass traffic to the tool. If bandwidth limited, the NPB can also extend its life again by discarding irrelevant traffic, performing packet slicing, and load balancing the remaining traffic on the tool's available interfaces.
5- Similarly, NPB can act as a media converter when performing these functions. If the device only has a copper cable interface, but needs to handle traffic from a fiber optic link, the NPB can again act as an intermediary to get traffic to the device again.
Post time: Apr-28-2022