Company relies on xBalancer to load balance and prevent overburdening of monitoring tools, while enabling tools to be added quickly and cost-efficiently in an intensive, high-demand environment
Global Cloud Provider’s Upgrade Triggers the Urgent Need for Load-Balancing 
The momentum toward 10G network links brings major challenges; in particular, monitoring critical traffic thoroughly in a high-speed, high-volume environment and avoiding the risk of overburdening vital tools. Companies prevent this overburdening by distributing the traffic load to multiple tools.
The Security Group for this well-known Global Cloud Provider (“The Provider”) uses three different types of out-of-band security tools, such as Intrusion Detection Systems (IDSs), to monitor a one-Gigabit Internet link coming into the company. (The application is for the corporate network and not any customer-facing service.) The security team employs three tool types from three different vendors, because each tool contributes its own unique strengths and enables more thorough security coverage.
A Sharp Traffic Increase On the Link Brings Monitoring Concerns
The Company was understandably worried that its current tools wouldn’t be able to handle the increased traffic caused by upgrading from 1G to 10G. Such intensive pressures threaten to overwhelm and limit the effectiveness of the very devices that carry out the monitoring. Unable to keep up with increasing loads, these overburdened tools can put service-level agreements at risk and expose the network to threats. To deal with this problem, a company may have to invest in costly new tools that are engineered for the 10G environment. They were facing another challenge. While they upgrade the network to 10G and using 2 x 1G devices, each device was suffering from Micro bursts. So distributing the traffic with xBalancer helped to face this problem as well.
Fortunately, during this initial phase of the upgrade, the Company’s security team determined that two tools have enough bandwidth to handle anticipated traffic. Since the link will have less than 2 Gbps for a while, the company wishes to load balance traffic to two tools, and to perform that three times—once for each of the different tools.
The advantages of replicating 1G tools already at work in the IT environment are evident:
This ingenious, low-cost, efficient approach optimizes existing resources by allowing multiple 1G tools to share the load caused by processing high traffic volumes, while leveraging existing processes and operator training.
xBalancer Is the Ideal Solution for Distributing Traffic In the 10G Arena
The versatile Net Optics xBalancer™ is purpose-built to share security devices across multiple links, offering 24 SFP+ ports and integrated data rate conversion in a 1U formfactor. It aggregates traffic from multiple 1G and 10G links and distributes it to 1G or 10G tools. xBalancer enables two or more appliances to be deployed in parallel with traffic balanced between them—from 10G links to multiple 1G tools—in either inline or out-ofband topologies.
With xBalancer, even the heaviest traffic loads sail through to IPSs and traffic recorders in the 10G data center. xBalancer’s innovative engineering enables it to distribute traffic to all manner of monitoring tools, including:
- IPSs
- Firewalls
- Traffic recorders
- Web accelerators
- Application Performance Management devices
- Intrusion Detection Systems
- Protocol analyzers
xBalancer takes traffic from any network port or aggregated set of network ports and distributes it to two, three, four, or up to eight monitor ports for balancing according to IP address, port, protocol, VLAN, and MAC address, or other parameters.
By enabling already-integrated 1G tools to fill an expanded role, xBalancer helps this Global Cloud Provider handle its increasing traffic volumes without investing right away in new 10G capital equipment. Not only does this minimize CAPEX, it also eliminates the operational expense of implementing the new tools and training users. Best of all, xBalancer dramatically raises the efficiency, security and availability of the network itself by reducing or bypassing IPS failures.

xBalancer Works with Fiber Taps to Create A Flexible Solution
Yet another factor that makes xBalancer the best fit is that the Search Engine company can now partition and configure it into multiple independent load balancers. The link can be tapped using a Net Optics Fiber Tap, which then sends a copy of the traffic to xBalancer. The xBalancer proceeds to make three copies of it and sends a copy to each of the three load balancers. Thus, if the three original tools were called A, B, and C, we now have a second “A” tool, a second “B” tool, and a second “C” tool. The first load balancer splits traffic between the two A tools, sending half of the traffic to each. The second load balancer splits a second copy of the same traffic to the two B tools, and the third load balancer splits another copy to the two C tools. Importantly, the traffic is distributed in a flow-coherent manner, meaning that packets traveling from one computer to another are always guaranteed to be sent to the exact same tool.
xBalancer Simplifies the Task of Adding Tools
In architecting a solution, the Global Cloud Provider must assume that traffic on the link is going to rise. xBalancer streamlines the addition of more tools as traffic on the link ascends. For example, if the pair of “A” tools can no longer handle all the traffic, a third “A” tool can be added and its load balancer configured to divide the traffic among all three tools.
In addition the ability to upgrade the tool sets independently adds ultimate flexibility. Because each tool set—“As”, “Bs”, and “Cs”—can be upgraded independently, Tool “A” can maintain three tools while B and C still have only two each.
High Availability When Failure Is Not an Option
As a leader in its market, the Global Cloud Provider is under constant competitive pressure. New offerings are being launched by major companies to try to capture this Provider’s customers and ranking. This means that availability must be uncompromising if the Company is to thrive. xBalancer supports High Availability (HA) modes including N+M redundancy and link-state awareness—again, these can be applied independently for A, B, and C tools. For example, two more tools could be added to B and configured as three active tools and one standby; if any of the active “B” tools fails, the traffic going to it can be switched over to the standby tool. Meanwhile a third tool can be added to C and configured link-state aware, so that all three tools are active. If a tool fails, however, the traffic headed towards it can be reallocated across the two remaining tools.
A Superior Solution Delivers Capacity, Competitiveness and Customers
Engineering the Provider’s solution using xBalancer delivers dramatic advantages, which become even more striking when a competing architecture is considered: Imagine a solution in which the outputs of a single load balancer are replicated to an A tool, a B tool, and a C tool. In such a situation, adding another A tool would make the load balancer a three-way design, so a user would have to add an additional B tool and C tool. This solution would only be proposed by vendors whose devices cannot be partitioned into separate independent load balancers.
xBalancer Now Offers Enhanced Efficiency and Management Features
xBalancer’s TapFlow™ filtering technology enables the Provider’s monitoring tools to handle even more traffic, more links, and more protocols. TapFlow filtering sends to each tool only the traffic that addresses its particular purpose—and filters traffic at full 10 Gbps line speeds.
Additionally, xBalancer provides advanced availability features such as link-state awareness and Heartbeat packet assessment to support mission-critical monitoring. Heartbeat packets allow the Provider’s IT team to analyze attached appliances and reallocate traffic. Should one tool fail, traffic is automatically distributed to remaining tools until the failed tool is repaired and back online. This minimizes loss of monitoring capability in most failure scenarios. Optimized debug logging, plus the CLI commands “capture” and “syslog” make managing xBalancer easier and smoother for the team.
Thanks to Net Optics for the article.