What is Encapsulation?
When designing high-speed and low-latency networks, protocols that ensured data packets were forwarded as quickly as possible were developed by switch manufacturers and each lay claim to positive benefits for packet latency, security or efficiency to some degree or other.
The methods that are utilized are implemented by different network switch manufacturers in a variety of ways, but all refer to this particular process as encapsulation, tagging or labeling.
The process involves a network switch adding additional routing information to a packet "in-flight" as it enters the network core so that the next switch that receives the newly addressed frame of data can more efficiently and quickly switch it to the correct destination due to a tighter set of routing rules.
Prior to the packet reaching its originally intended destination, the additional routing detail is removed to return the packet to its original “sent” structure prior to ultimate delivery at the recipient destination.
Benefits and Drawbacks
The obvious benefit of this process is the speed of delivery and security of routing – the packet will only be switched to links capable of passing the data to its intended destination, and the configuration of the core switches is simplified according to where traffic should and should not go based on information added at the periphery of the core network.
However, there is a drawback to this mechanism. Any and all analysis and security appliances deployed in the core for the purposes of traffic analysis for security, performance or other purposes will receive traffic that has been altered by these encapsulation layers and will either have to be configurable to be able to "unwrap" the encapsulation to see through to the original packet, or smart enough to be able to ignore the encapsulation layers and access the original data.
If they cannot do this, then the data will be almost unusable or nearly valueless without manual intervention, potentially resulting in increased network performance degradations and/or undetected security threats or vulnerabilities remaining unseen whilst they continue.
In this three-part series, we’ll take a look at the benefits and challenges of data encapsulation and the benefits of using visibility aggregator technologies to manage encapsulated data to make the best use of network performance and security analysis tools and appliances.