Niagara Networks

Niagara Networks

Niagara Networks provides high-performance network visibility solutions to allow seamless administration of security solutions, performance management, and network monitoring. Niagara Networks products provide advantages in terms of network operation expenses, downtime, and total cost of ownership.


A former division of Interface Masters, Niagara Networks provides all the building blocks for an advanced Visibility Adaptation Layer at all data rates up to 100Gb, including Taps, bypass elements, packet brokers and a unified management layer. Thanks to its integrated in-house capabilities and tailor-made development cycle, Niagara Networks are agile in responding to market trends and in meeting the customized needs of service providers, enterprise, data centers, and government agencies.

niagaranetworks

 Niagara Networks provides all the building blocks for an advanced Visibility Adaptation Layer at all data rates up to 100Gb, including taps, bypass elements, packet brokers and a unified management layer. Thanks to its integrated in-house capabilities and tailor-made development cycle, Niagara Networks are agile in responding to market trends and in meeting the customized needs of service providers, enterprise, data centers, and government agencies.

 

Network Packet Brokers

What is a Network Packet Broker

A Network Packet Broker (NPB) is an active device that directs selected raw data packets from network interfaces (typically via SPAN or tap points) to specific network service and monitoring devices, and performance management and security applications.

What Exactly Does a Network Packet Broker Do

Niagara’s NPB solutions perform a range of crucial functionalities for all types of networks, even those with extremely complex architectures and that are resource intensive including:

  • Total Network Visibility - Identifying known, suspicious, and unknown traffic passing through the network
  • Network robustness - Ensuring data loss prevention and advanced filtering, as well as high availability, stripping, and other special purpose packet capabilities
  • Network management - Not just knowing how to monitor network traffic, but also knowing what to do with each type of traffic: where to pass known (authorized) data types, and how to handle suspicious and unknown traffic

Why You Need a Network Packet Broker

In their role as data analyzers, Niagara’s Packet Brokers can also handle deduplication of redundant (duplicate) packets before they reach analysis or security tools within the network, that are passed along by multiple taps forwarding their data traffic. The NPBs will eliminate those duplicates and make sure network tools do not waste resources on handling redundant data.

Basic data packet manipulation schema includes one network link, to one tool (one-to-one), one network link to multiple tools (one-to-many), multiple network links to one tool (many-to-one) and multiple network links to multiple tools (many-to-many) – interlaced and load balanced into a network-wide fabric. 

https://www.niagaranetworks.com/hs-fs/hubfs/Diagrams%20latest/NPB.png?width=844&height=471&name=NPB.png

 
 

Bypass Switch

What is a Network Bypass Switch?

A Network Bypass Switch is a hardware device, which ensures failover or fail-safe capabilities for an inline networking device or a network security tool (such as a firewall or an intrusion detection and prevention system). If the network appliance fails or needs to be taken off-line for whatever reason, its traffic is automatically rerouted, ensuring uninterrupted traffic flow on the network.
 
Eliminating Points of Failure:
 
Sometimes also referred to as a bypass tap, the network bypass switch, is a special type of active tap. It is used to connect a network segment at a specific network access point (AP) where there is an active, inline device (such as a security tool that is there for inspection and monitoring purposes).

Functionally, it can reroute traffic automatically by monitoring the tool’s health or can manually be made to redirect traffic (such as when disconnecting the monitoring tool for maintenance or other motives). Since the inline network devices are essential to the overall functioning of the enterprise network – any issue with them can critically effect network performance.

Each network device that is placed inline is a potential single point of failure in the computer network. If the device should experience even the shortest period of system hang-up or failure (that takes time for a reboot or any kind of troubleshooting), then traffic flow will be discontinued. Even for maintenance or replacement purposes, disconnecting the device will interrupt normal traffic flow at that point.

Any dropped data packet is a potential cause of error or inaccuracy in the processes and applications that depend on receiving those data packets. Thus, the network bypass switch – that can circumvent any and all interruptions at that critical AP or network link – is an essential element of the network infrastructure. The network bypass switch eliminates this point of failure by redirecting the network data traffic to bypass around the network device at that point, whenever that device is incapable of processing or passing the traffic.

In case the bypass switch itself is somehow compromised, it contains a relay switch that is designed to close and go to 'bypass mode' and allow the traffic to seamlessly flow through its cable to maintain an uninterrupted and open link with the rest of the network. This is especially important with regards to security devices that need to continuously defend the network against malevolent attacks and security breaches.

 https://www.niagaranetworks.com/hs-fs/hubfs/Diagrams%20latest/Figure%2044%20AAA.png?width=954&height=392&name=Figure%2044%20AAA.png
 

Network Tap

What is a Network Tap

A network tap is an external network device that creates a “copy” of the traffic for use by various monitoring devices. It allows port mirroring. The tap device is introduced at a point in the path of the network that is felt should be observed, so that it can copy data packets and send them to a monitoring device. The network designer will decide where that significant point for the network tap should be placed, based on the reason for observation: data gathering, analysis, general network monitoring (such as for saturation and latency), or more critical, such as for intrusion detection, etc.

Although it taps into the traffic, the network tap does not modify it in any way, and the traffic on the network is unaffected by the act of monitoring or port mirroring. Since the monitoring is performed on a copy of the traffic by a device external to the network, via a tap network adapter, this deployment is often referred to as 'out of band'.

In this manner, it acts as an ‘unobtrusive observer’ of the traffic, and just feeds a copy of the data to whatever device is attached to it. This provides full network visibility at that point. At the same time, however, if the tap or monitoring device should fail – it will in no way affect the traffic or its flow.

Taps come in both passive and active versions – each type having its own particular advantages for network monitoring.

 
Another effective type of tap is the fiber tap. Fiber taps are coiled into the optical fiber line and mirror all network traffic without introducing a point of failure and provide the secure access of network data in optical networks.
 
https://www.niagaranetworks.com/hs-fs/hubfs/Diagrams%20latest/Figure%2045%20AAAnew.png?width=2017&height=479&name=Figure%2045%20AAAnew.png 
 
Our Products:
Network Packet Broker
Bypass Switch
Network Taps