Experience helping all the biggest network vendors test and validate their products in their hardware development labs, as well as experience with the biggest and most advanced service providers has given us a lot of practice providing insight and visibility into network traffic and performance at scale.
It is this need to be able to perform at scale that has given the enterprise visibility side of the house, with network packet brokers, bypass switches and taps, some fundamental architectural advantages over the competition. Remember the adage, do what you can and hardware and what you must in software? Easy to forget in these days of software defined everything, but it is still true. That is why the ongoing battles between AMD and Intel still matter. It is why GPUs from vendors like Nvidia are so crucial to not only gaming and graphical applications, but also compute heavy efforts like cryptocurrency mining. It is also why we love network visibility bakeoffs.
One of the approaches we take is using FPGAs – field programmable gate arrays, basically reprogrammable chips, to provide hardware acceleration in our network packet brokers. Just like a serious gamer would be hard pressed to game without a good graphics card in their PC, we find that the right hardware architecture, including that all important hardware acceleration, is key to real world performance in a network packet broker.
With that hardware acceleration, you no longer need worry about dropped packets. Indeed, you can have filters and features turned on and still process traffic at line rate. Our biggest competitor struggles with this due to a software architecture where the customer has to carefully pick and choose which filters and features to use and may end up having to daisy chain multiple appliances together to get everything to play nicely together.
That said, in some environments it is not enough to just have the best approach to network visibility, you also need to have the right certifications in place.
Enter FIPS 140-2 Level 1, Common Criterial (NDcPP v2.1) and the DoDIN APL
In addition to the normal work we have been doing with products like Threat Simulator (read more here ) we have also been working hard with the right partners on certifications. With Common Criterial, we worked with Jason Lawlor and his team at Lightship Security on NDcPP v2.1 (Collaborative Protection Profile for Network Devices). For FIPS 140-2 we partnered with Mark Minnoch and the team at KeyPair Consulting. Finally, Tachyon Dynamics, with Jeremy Duncan and his team, helped us with the DoDIN APL. These are all great teams who bring a ton of experience and knowledge to the table and were all instrumental to our overall goal of having the certifications that government needs so they can buy the gear they really want.
More information about our Government network visibility program is available here: https://www.keysight.com/us/en/industries/government.html.