How Software Defined Packet Brokers Can Improve Network Observability

Network Packet Brokers (NPBs) can be valuable in improving network visibility and observability for both network operations (NetOps) and security operations (SecOps) teams. By enabling network traffic streams to be aggregated, filtered and distributed to multiple tools for network and security monitoring and analysis (Figure 1), NPBs ensure those expensive tools can be shared and used efficiently and many tools can have access to the same traffic streams.

Figure 1: Network Packet Broker High-level View

According to Enterprise Management Associates (EMA), IT teams using NPBs are more likely to meet the challenges they face, from performance and compliance to new business initiatives. Those teams report many benefits:

  • Improved uptime 46%
  • Reduced security risk 43%
  • Security team productivity 36%
  • Revenue generation 29%

Unfortunately, traditional NPBs are very costly, and many organizations cannot deploy them as broadly as they would like in order to have full network visibility. In fact, high cost is often a barrier to deploying any NPB solution at all.

Another barrier to broad NPB implementation is operational complexity imposed on already overburdened IT staff. Traditional NPBs can be cumbersome to configure and difficult to scale as networks grow and monitoring requirements evolve.

Software defined packet brokers (SDPBs) can help to overcome both cost and complexity challenges and thus enable much broader deployments for improved network observability. EMA Research has found that an overwhelming 94% of NPB users are interested in SDPBs because of their perceived benefits of increased flexibility, reduced complexity and reduced cost.

What is a Software Defined Packet Broker?

SDPBs are built on a foundation of disaggregated network switching, using open networking hardware based on commodity switching silicon and disaggregated network operating system (NOS) software (Figure 2). Software-defined networking (SDN) principles are used to program the disaggregated switches with NPB policies and services, such as filtering and replication.

Figure 2: What is a Software Defined Packet Broker?

SDPB Benefits

This disaggregated approach provides several benefits, including lower capex, lower opex and improved scalability and performance. Let’s look at each of these.

SDPB Advantage: Lower Capex

SDPBs can substantially reduce capital cost in two ways. First, for an equivalent amount of capacity (number of ports, total throughput), SDPBs based on merchant silicon and open networking hardware can be as much as 25%-50% lower cost (Figure 3).

Figure 3: SDPBs Lower Cost for Equivalent Capacity

Second, because SDPBs can use a wide variety of open networking hardware (Figure 4), IT teams have more flexibility to deploy the right-sized hardware platform, with only the needed port capacity, in each location in their network. This reduces the cost per location, and that in turn increases the number of locations that can be cost-effectively monitored for more complete network visibility.

Figure 4: SDPBs Enable Hardware Choice, Ability to Deploy Only Needed Capacity
SDPB CapabilityBenefits
Fully modular, scale-out fabric, mix/match port speedsScale flexibly from single switch to multi-switch, multi-site Graceful upgrades 10-25-100-400G
High resilience and sub-second failoverEnsure continuous monitoring and visibility
Dynamic load balancing and automatic path discoveryUse network capacity efficiently to lower capex, opex

SDPB Advantage: Operational Simplification, Lower Opex

SDPBs incorporate SDN principles to abstract network complexity and enable automation that can drastically reduce operational costs. As Figure 6 shows, the entire SPDB fabric appears as an abstracted “virtual chassis” to the operator (or to any higher layer automation system), enabling simple programming of packet broker policies and services. In the case of a Pluribus NPB, the entire fabric can be programmed with a single command from a single point of management. This dramatically reduces configuration effort and manual errors.

Figure 6: SDPBs Simplify Operations, Lower Opex
SDPB CapabilityBenefits
“Virtual chassis” operational modelSimplified operations at any scale
SDN abstraction – services and policies decoupled from underlying network topologySimplified service and policy provisioning
Built-in automation with global declarative policies – one command programs the entire fabricReduce configuration effort ~95%, eliminate manual errors

Learn More

To learn more about the concept of SDPBs and Pluribus network packet broker solutions check out these resources:

Subscribe to our updates and be the first to hear about the latest blog posts, product announcements, thought leadership and other news and information from Pluribus Networks.

Subscribe to Updates

About the Author

Jay Gill

Jay Gill

Jay Gill is Senior Director of Marketing at Pluribus Networks, responsible for product marketing and open networking thought leadership. Prior to Pluribus, he guided product marketing for optical networking at Infinera, and held a variety of positions at Cisco focused on growing the company’s service provider business. Earlier in his career, Jay worked in engineering and product development at several service providers including both incumbents and startups. Jay holds a BSEE and MSEE from Stanford and an MBA from UCLA Anderson.