Charlotte – June 8 2022
One of the largest banks operating in the USA has selected Tavve’s PacketRanger as its next generation’s UDP traffic broker (Bank’s name has been redacted for confidentiality reasons).
For the Bank, PacketRanger will be inserted as an aggregation point for UDP telemetry and log data and forward that traffic to the appropriate management applications by which the Bank operates and secures its network. This network architecture type provides the Bank’s network and security monitoring teams with the control to send only the right data to the right tool.
Example PacketRanger Network Architecture
The Bank’s legacy solution had been a workhorse for the Bank for years, but time had caught up with it. A combination of increasing network complexity, size, and traffic growth limited the effectiveness of the legacy solution.
A basic / legacy UDP packet broker is an appliance that serves as a central collector for telemetry and log data generated by flow-capable devices. It is capable of ingesting tens of thousands of packets per second, replicate that traffic and forward it on to the defined destination(s). Whereas legacy products have not received the R&D funding for further development, Tavve continues to invest in PacketRanger’s roadmap. This includes:
- Filtering for any UDP packet type, including NetFlow, Syslog, and SNMP traps
- Unlimited endpoint devices and upstream data sources
- Statistical analysis for better observability and decision making
- N + 1 redundancy
- Integration with Kafka
As the Bank’s network continued to expand with new datacenters, it turned to Tavve’s PacketRanger for its next generation UDP traffic broker. Tavve had been a trusted partner for over a decade with its ZoneRanger solution which the Bank leverages to extend its network management applications beyond the firewall boundaries to reach all their devices regardless of which management protocol it used.
- To replace the infrastructure of its legacy UDP forwarder, the Bank had the following objectives:
- Enhance capabilities to deliver UDP traffic to network management and performance tools.
- Improve network observability.
- Reduce the current UDP forwarder footprint to lower IT infrastructure related OPEX.
- Improve the user experience for the operational staff.
Following an in-depth review of PacketRanger, including a comparison with competing solutions, combined with the reliability the Bank had experienced with Tavve’s ZoneRanger, it was determined that deploying PacketRanger would address the main requirements which were proven out in a 3-week Proof-of-Concept:
- Smaller infrastructure footprint to perform the same functions.
- Reduction in the cost of administration.
- More options to control how and where packets are forwarded.
- User friendly dashboards and data analysis allowing users to make better decisions, faster.
- Ability to deploy redundant and high availability configurations using PacketRanger’s Virtual IP (VIP) feature.
- Upside of driving more savings by applying PacketRanger capabilities to redirect or filter packets that do not need to be ingested by Splunk.