qstockmedia - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Managing asymmetrical network traffic flows

This week, bloggers look into how to manage asymmetrical network traffic flows, Broadcom Trident telemetry and cloud security as part of a data protection strategy.

Ivan Pepelnjak, writing in ipSpace, set out to answer reader questions on asymmetrical network traffic flows. "Unfortunately, there's no silver bullet," Pepelnjak said.

Particularly in heavily meshed environments, asymmetrical network traffic flows can spell tremendous complexity. IP was designed to be a datagram protocol, forwarding each packet independently across the network with unidirectional paths. In fact, not even MPLS enables bidirectional paths.

"As long as you understand these principles and don't try to tweak IP into something it was never designed to be, life's good and your network is simple," Pepelnjak said. "The moment you're trying to enforce traffic flow symmetry, you're trying to squeeze overripe tomato into a small square hole -- it's bound to get messy, and you'll probably increase network complexity to ridiculous levels," he added.

To overcome complexity from network traffic flows, he recommended using network address translation, forcing return traffic to funnel through the same device. Another alternative for network engineers is using pass-through load balancers as default gateways between server segments.

Read more of Pepelnjak's thoughts on network traffic flows.

Telemetry, ASICs and Broadcom Trident

Greg Ferro, writing in EtherealMind, looked into Broadcom's telemetry features. In Ferro's view, the features of the application-specific integrated circuit (ASIC) and BroadView Analytics represents a feature convergence across the industry around both physical and virtual network visibility. Ferro said he has seen nearly identical pitches for ASICs from Innovium and Barefoot, but those chips appear to lack the monitoring capabilities offered by Broadcom.

As Broadcom works to market its telemetry, Cisco is quietly promoting an alternative, based on its Nexus Cloudscale ASICs and Tetration. Cisco is being cautious as it determines which features its customers are interested in. As Broadcom, Innovium, Barefoot and Cisco compete with programmable ASICs, Ferro added that Apache Metron is a potential open source alternative.

Dig deeper into Ferro's thoughts on telemetry and ASICs.

Securing clouds as part of a data protection strategy

Jason Buffington, an analyst with Enterprise Strategy Group Inc. (ESG) in Milford, Mass., explored cloud security as an element of enterprise data protection. According to Buffington, data security and privacy concerns are the primary reason why companies do not use clouds. Among organizations using the cloud, 42% of enterprises polled by ESG said security was among the greatest benefits of leveraging the architecture.

Buffington said most traditional on-premises backup systems do not encrypt data between backup agents and the protection repository and are susceptible to physical access or theft. By contrast, most cloud-based backup systems are not susceptible to physical access and encrypt data in-flight.

Explore more of Buffington's thoughts about cloud services and security.

Next Steps

Analysis of network traffic in a virtualized world

Why clouds are more secure than traditional IT

Broadcom and the Ethernet switch chip showdown

Dig Deeper on Network management and monitoring