Andy Huckridge

Carl Weinschenk spoke to Andy Huckridge, the senior director of telecom strategy and marketing for VSS Monitoring.

Ensuring that networks are operating at peak efficiency has never been more important or more complex. A new layer of management — network packet brokers — is emerging to drive efficiencies in monitoring. Andy Huckridge tells IT Business Edge blogger Carl Weinschenk that the approach enables packets to be sent only to the appropriate tools and that measurements over the entire path — not just one network within that path — can be made.

Weinschenk: What does your industry segment offer?
Huckridge: Operators have reduced income from services and have users that are using more and more bandwidth, so they are looking for ways to economize and also offer services customers want in terms of bandwidth, video and data. It all comes down to how do I as an operator … reduce expenses and keep the network to the level that subscribers want?

What we do is provide a new layer called the network packet brokering layer. It saves a vast amount of money on tool expenses and allows tools on networks, whether they are security tools or monitoring tools, to see a much larger network area including many different network links and segments.

Weinschenk: What’s the background?
Huckridge: This is the third evolution of products and services in this area. First of all there were taps — test access points — that are ubiquitous today. Then there were aggregators and then network packet brokers. There still are very few network access brokers.

In April this year, Gartner, ESG and Frost & Sullivan’s Stratecast all named it the network packet broker segment. This is a large swatch of the market. An NPB, which was defined in April, is a new name being made up to cover a market area, which is growing quite rapidly. An NPB may be more familiar by the name of a monitoring switch or a fabric switch or fabric layer or a distributed traffic capture system.

Weinschenk: But what is it?
Huckridge: It is a piece of hardware that looks and smells like a switch or a router and sits between multiple different network links. It has a bunch of ports on the front and a bunch of ports on back that you connect tools … It allows one tool to see many different network segments, which overcomes a previous problem, which was the need to connect one tool to each network segment.

What these tools do … there are about 75 vendors … is provide a simple way to describe things. Whether it is VoIP, IPTV or VOD, carriers need a way to understand how the services are carried across their networks. These tools … some are software, some are hardware and software — look at different types of traffic and understand how well it is being carried and where there might be problems on that specific network segment. The underlying thing that these tools measure is delay, jitter, latency and dropped packets. It measures these things and interprets how those measures affect specific types of traffic.

Weinschenk: So the difference is that these tools take a look at the entire network. Is that right?
Huckridge: The difference here is, first of all, now you have a way to connect and reduce the number of tools used to measure many different network segments. This provides visibility to tools across entire networks. The second thing is network packet broker layer — which is a new layer — allows providers to realize great efficiencies in the tool layer because only certain types of traffic are sent to certain types of tools.

For example, if you had to pick up some lumber, you would take a truck not a car. What we would do is if we need to look at VoIP we would filter only that type of traffic to that tool. Now the tool doesn’t need to use cycles to look at things it doesn’t understand or have any interest in seeing.

If an operator has multiple different network segments or an agreement with other carriers such as an SLA, he can monitor that traffic as it passes from one network to another. He can guarantee the correct transit of that type of traffic, and therefore [prove the network is] observing the SLA. What we do in a common pipe with many different types of dissimilar traffic is use part of the intelligence available to take packets and filter them and direct certain packets to certain types of tools.

Weinschenk: Do you look at MPLS headers and similar identifiers?
Huckridge: We do look at MPLS headers and other types of encapsulation headers. We can also take a look inside packets at layer 4 to 7 to see what kind of packet is there. Generally, we tend to have ways to recognize the traffic without having to look that deeply into the packet.

Weinschenk: Is it in-line?
Huckridge: It is not necessarily an in-line system. We have some in-line products, but those are mostly security tools. That’s a slightly different discussion than monitoring.

Weinschenk: So does this have a cost in terms of network speed?
Huckridge: Whenever you touch the network you affect it. Don’t drop packets. We are able to split any traffic across any single or multiple tools so tools can effectively process at line rate.  The second thing when we touch the network … a little delay is added. We mitigate that by using a port stamp and time stamp on the traffic we monitor. Our pass-through delays are negligible. We don’t look like anything more or less than a regular switch to pass through traffic. Any sort of delay is negligible. The traffic we do affect in terms of filtering or processing, we port and time stamp so we know when it arrives. That information is preserved for when that packet is processed.

Weinschenk: What is the bottom line impact?
Huckridge: We save network operators a lot of money in terms of the customer equipment needed to monitor their network. We say we can reduce capex by 80 percent and opex by 50 percent on the tools that are needed to test and monitor.

Weinschenk: Is this a quality of experience tool, or is it geared to quality of service — which can lead to improvements in QoE?
Huckridge: It’s the latter. It is positively impacting the QoS so that it improves the QoE. However, bear in mind that we provide packets of data to the tools and it’s really the function of the tools to improve things. We provide the information in tools; we are the enabling part. We allow the tools to have a better view of what is going on in network so they can better understand the QoS issues so they can provide better QoE. We believe that helping the industry adopt the network packet broker layer will allow savings on capex and opex and also create a better managed network with greater uptime.