In a recent interview, Ariana Lynn, Principal Analyst at The Fast Mode spoke to Nate Nelson, VP of Solutions Architecture of 46 Labs on the impact of traffic visibility on modern IP networks. Nate joins us in a series of discussions with leading networking, analytics and cybersecurity companies, assessing the need for traffic filtering technologies that can deliver real-time, granular application awareness. The series explores how advanced analytics power various network functions amidst the rapid growth in traffic and applications.
Ariana: How do your solutions and products fulfill the demands of today's networks?
Nate: 46 Labs offers a range of solutions and products that cater to the demands of today's networks, meeting the requirements for scalability, security, performance, reliability, and interoperability.
Scalability
46 Labs solutions are designed to scale with the growing needs of modern networks, offering flexibility and expansion capabilities. PeerEdge® Network Orchestrators are designed to accelerate packet-based workloads on Managed Edge Devices, Managed Hosting, standard X86-based bare metal servers, public cloud hypervisors (AWS, GCP, Azure, etc) and private cloud hypervisors (VMware, Openstack, etc.). Abstracting packet acceleration outside of specialized hardware removes vendor lock-in and allows Fabric Orchestrators to be deployed deeper inside enterprise networks.
Security
The products prioritize network security, providing robust features and protocols to protect against threats and vulnerabilities including encryption and loop protection.
All traffic exchanged between Network Fabric Extenders and The Fabric are encrypted using AES-based algorithms, which is accelerated using AES-NI instruction sets. Modern processor accelerate encryption workloads, without requiring a hardware encryption engine. Most cloud providers support AES-NI instruction sets.
Routing information is exchanged using Multiprotocol BGP (MP-BGP), which treats MAC Addresses as routes. This loop-free architecture, eliminates spanning tree protocol (STP) and ends broadcast storms (because there is no broadcast). MAC flapping detection and mitigation prevents unicast and multicast loops in an all-active multihomed topology.
Performance
46 Labs solutions prioritize network performance, ensuring efficient data transfer, low latency, and high throughput.
One of the key limitations for software-based routing stacks is OS kernel-level packet processing. Standard operating systems aren’t designed to process millions of packets per second or hundreds of gigabytes of throughput. This has historically been the territory of ASICs and specialized hardware, generally dominated by commercial network vendors. With the advent of VPP for packet processing and DPDK for direct access to network devices, OS-based limitations have been removed. Both VPP and DPDK are heavily used inside PeerEdge® Data.
Reliability
46 Labs solutions are built for reliability, offering redundancy, failover mechanisms and high availability features.
All PeerEdge® Fabric Facilities are interconnected using highly redundant private fiber links. Once connected to PeerEdge® Fabric Extenders, data and voice are exchanged freely and securely across the globe. These interconnections allow The Fabric to be physically extended to remote locations using Fabric Local Loops without ever touching the public internet.
The Fabric is interconnected over the Internet using Voice Orchestrators or Network Orchestrators. These Orchestrators can be deployed inside existing enterprise environments, Managed Hosting or Managed Edge Devices.
IT Administrators collect network traces and PCAPs from any Network Orchestrator connected to The Fabric. Additional deeper troubleshooting is available using realtime analytics displayed inside The Fabric Portal or IPFix /Netflow exported directly to a remote collection tool.
PeerEdge® Network Orchestrators support edge-device multihoming as well as MAC address mobility and load balancing across dual-active links. When split between Orchestrators, the links provide true HA failover at the network edge.
Interoperability
Finally, but perhaps most importantly, 46 Labs solutions are interoperable with various networking equipment and technologies, promoting seamless integration and compatibility.
Ariana: How important is traffic visibility for your suite of solutions and products?
Nate: Traffic visibility supports routing capabilities and prevents fraud.
Carriers generally utilize separate infrastructure and systems for routing and rating domestic (United States + Canada) and International (Rest of World) traffic. This leads to operational complexity and makes swap agreements between carriers difficult to administer.
The Peeredge® Wholesale Voice platform includes the world’s most sophisticated routing and rating platform, capable of all origination and termination routing and rating across a global footprint. Domestic specific routing including LERG, LRN/NPANXX, LATA, OCN and list-based and rule-based routing can route blended traffic in-stream to an unlimited number of endpoints and supports conversational and short duration workloads. International static, LCR and Origin-based routing are supported alongside emergency services and special service based routing.
Carrier organizations spend a large percentage of their time preventing fraud across their network. This includes robocall mitigation, number spoofing, traffic pumping, hacked customer endpoints and unusual international calling patterns.
The Peeredge® Wholesale Voice platform provides intelligent machine learning based fraud prevention capable of blocking in-stream bad actors, without requiring carrier or trunk group suspension. This includes robocall spam, domestic call spoofing, international call spoofing, access stimulation, unusual traffic patterns and known fraud SIP endpoints.
Ariana: What technologies are most effective in delivering real-time traffic visibility?
Nate: Real-time network traffic visibility is crucial for monitoring and managing network performance and security. Several technologies and tools that are effective in delivering real-time network traffic visibility include:
- Packet Sniffers to capture and analyze network traffic, providing detailed insights into the data packets flowing through the network.
- NetFlow and sFlow to collect and analyze network traffic data, offering visibility into network flows and bandwidth utilization
- Network Traffic Access Points (TAPs) to provide passive access to network traffic, allowing real-time monitoring without impacting network performance
- Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) solutions to monitor network traffic for malicious activities and provide real-time alerts and response capabilities
- Flow-Based Monitoring Tools to provide detailed visibility into network traffic patterns and behaviors.
- Network Performance Monitoring Tools to offer real-time visibility into network performance metrics, including latency, jitter, and bandwidth utilization.
Nate Nelson is the Vice President of Solutions Architecture at 46 Labs.
This interview is a part of The Fast Mode's Traffic Visibility segment, featuring leading networking, analytics and cybersecurity companies and their views on the importance of network intelligence and DPI for today's IP networks. A research report on this topic will be published in June 2024 - for more information, visit here.
