The IT infrastructure that powers an organization’s business strategy has become increasingly more dynamic and distributed. The introduction of new technologies to increase IT agility has made it significantly more difficult to manage and secure the infrastructure using traditional tools.

That challenge has given rise to several new specialized tools that network managers have had to figure out how to integrate into their environment. The explosion of new security and management applications has something called “tool sprawl” where the number of tools has become unmanageable.

Trying to connect every tool to every network device is extremely complicated and inefficient. The desire to simplify things has created strong demand for network packet brokers (NPBs). If you’re not familiar with the technology, it sits between the network infrastructure and a tool layer and performs a number of tasks to make tools more efficient and easier to deploy.

Gigamon was the first to create the NPB market, but their configuration tools make it challenging for IT to ensure the tools are properly set up. Ixia has a graphical configuration interface that provides significant advantages over Gigamon, which utilizes a basic logic GUI called Flowmap or a traditional command line interface (CLI).

ZK Research interviewed customers that performed a number of configuration tasks using both vendors. Most Gigamon customers found Flowmap to be cumbersome and reverted to the CLI.

Advantages of Ixia’s GUI

  • Improved accuracy of monitoring filters. The monitoring filters are the rules that create the intelligence in an NPB. The complexity of creating the filters through a command line leads to errors because of mistyping or inconsistent commands. For customers who used Flowmap, they found they had to keep track of many logic operations, especially for overlapping VLANs. Performing the same operations through the Ixia GUI reduced errors by at least 20 percent.
  • Faster provisioning of SPAN sessions. The process for creating a SPAN session can be long and tedious using CLI.The process is as follows:1. Enter username and password to log in to the system.
    2. Manually remove existing code to prevent coding problems.
    3. Write new code.
    4. Launch new code.
    5. Monitor output data on the SPAN port, which may require a feed from a TAP to increase the accuracy of data and verify that the programming is correct.Also, the process of creating SPAN sessions is non-linear (the third step takes longer than the second, which takes longer than the first) because the troubleshooting and verification time increases with each monitoring session. The below exhibit compares the time it takes to create multiple SPAN sessions using a CLI and Ixia’s GUI.


  • Quicker filter-changing process. The research revealed that the majority of businesses change connections between the tools and NPBs at least twice a month, and each change requires programming modifications.Gigamon’s CLI-based changes takes about four times longer than when using Ixia’s GUI. This could take even longer if the rules introduced are complex and/or new tools are added/removed. Even when using Flowmap, it takes twice as long to understand the logic and not introduce errors. This is essentially because Gigamon’s filter is priority based, and as such overlaps must be manually resolved. Whenever new rules are added, overlap resolution takes tremendous time, and more often than not, the original design needs to be discarded because creating a new design is far easier than trying to modify the configurations based on an old design.Ixia doesn’t have this issue because their patented Dynamic Filter Engine (DFE) technology can resolve overlaps automatically and seamlessly when new rules or tools are added. This becomes significant because almost 50 percent of network managers spend more than half of their time configuring monitoring tools—leaving little time for innovation.
  • Lower cost of testing and troubleshooting filters. Each filter that is created requires testing to ensure it passes the correct data. An exhaustive test takes 1.5 to 2 hours to complete when a CLI is used. To streamline this process, network managers often do simple tests, which frequently miss critical information.Ixia’s GUI, coupled with their comprehensive stats at every hop of the data path, allows exhaustive tests to be done in 15 minutes—the same time it takes to do a quick test with a CLI.
  • Intelligent filter interaction. With CLI-driven systems, engineers need to understand how filters interact with one another and write rules to accommodate. This process can be automated through the GUI versus having to run it manually with a CLI system.
  • No troubleshooting requirements: With Gigamon, extensive trial and error is needed to troubleshoot configuration problems or even logic issues that may have been overlooked at certain aspects of the overall design.Ixia has a patented Dynamic Filter Engine (DFE) that removes potential logic issues and configuration issues as a result. The engine automatically resolves overlaps and programs the hardware with the exact rules needed for the job. The DFE saves operational time and money and significantly reduces the amount of time needed to resolve problems. More important, it improves tool agility and operation agility whenever new rules are needed.
  • Drag-and-drop benefits. Ixia’s solution has an intuitive interface that makes it easy to use. No special training is needed—everything is as simple as “point and click” and “drag and drop.” CLI and filter-mapping systems require long training periods, while Ixia’s GUI requires none. Also, highly paid, senior network engineers manage CLI-based products, but Ixia’s GUI allows more junior engineers to use the tools.

The increase in network tools has made NPBs a critical component of IT infrastructure. Gigamon has carried the flag for this industry for a number of years now and has an excellent product. However, the increased demands put on the network requires engineers to be more nimble and operate faster. Ixia’s GUI provides an excellent alternative for organizations looking to take full advantage of NPBs, while reducing the overhead required to manage them.

Source: Networkworld