Big Tap Monitoring FabricSimple, Scalable, Economical

SUNIT CHAUHAN

HEAD OF PRODUCT MARKETING

BIG SWITCH NETWORKS

Big Tap Monitoring Fabric

NETWORK MONITORING INFRASTRUCTURE TRENDSHow do you enable Pervasive Visibility?

3 (c) 2015, BIG SWITCH NETWORKS, INC.

• Complex • Proprietar

y

• Expensiv

e

• Monitor Everywhere

• Share Tools Across Teams (security, ops, …)

• Scale-out Monitoring Infrastructure

4 (c) 2015, BIG SWITCH NETWORKS, INC.

NETWORK MONITORING EVOLUTION2nd Generation 3rd Generation SDN-based Approach

SECOND GENERATION ARCHIITECTURE

TAP AND TOOL SILOS WITH NETWORK PACKET BROKERS

SPAN

SPAN

TAP 1/10G

TAP 1/10G

NPB

NPB

NPB

THIRD GENERATION ARCHIITECTURE

MULTI-TENTANT SDN MONITORING FABRICS FOR TAP SHARING

Control Network

NPB NPB

Bare

Meta

l B

ase

d S

cala

ble

Fab

ric

1/10/40 GE

Tool Farm

NPBServices

Big Tap Controller

SPAN

SPAN

TAP 10/40G

TAP 1/10G

Monitored Traffic

5 (c) 2015, BIG SWITCH NETWORKS, INC.

BIG TAP MONITORING FABRICSimple, Scalable, Economical

• Simple to Provision

• Simple to Manage

• Simple to Troubleshoot

• Centralized Programmability

Simple

• Monitor Any Rack (1000’s of Links)

• Monitor Any Location

• 1/10/40G Performance

• Elastic Infrastructure

Scalable

• Over 60% Reduction in Total Cost of Ownership

• Reduced CapEx

• Reduced OpEx

Economical

6 (c) 2015, BIG SWITCH NETWORKS, INC.

BIG TAP MONITORING FABRICBest Monitoring Fabric for Pervasive Security & Visibility

BIG TAP CONTROLLER

FILT

ER

PO

RTS

DELI

VERY

PO

RTS

SERVICE PORTS

VISIBILITY TOOLSNETWORK PERF

MONITORING

APPLICATION PERF

MONITORING

SECURITY TOOLS

VOIP MONITORING

PR

OD

UC

TIO

N

NETW

OR

K

TAP &

SPA

N

PO

RTS

SWITCH LIGHT™ OSOPEN NETWORK LINUX

1/10/40G ETHERNET SWITCH FABRIC

OptionalNPB NPB

WORKLOADS

BROWNFIELD NETWORK ETHERNET SWITCHING FABRIC WITH NPB SERVICE NODES CENTRALIZED TOOL FARM

7 (c) 2015, BIG SWITCH NETWORKS, INC.

USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK

CentralizedTool Farm

Tier-1 US Financial Services Institution• Centralized tool farm for 120 racks• Mix of 1GE, 10GE and 40GE taps and tools• Re-used legacy NPBs as ‘service nodes’

8 (c) 2015, BIG SWITCH NETWORKS, INC.

USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK

CentralizedTool Farm

9 (c) 2015, BIG SWITCH NETWORKS, INC.

USE CASE 2: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks

SPAN SPAN

4G(eNode B)

RAN MOBILE CORE / DATA CENTER

3G

S5/S8S1-U

S12

SGi

TAP

TAP

TAP

TAP

SPAN

TAP

TAPSPAN

S-GW P-GW

NPB

MONITORING FABRIC

NPB

Big Tap Controller

Tier-1 Mobile Service Providers in Japan• Scale-out Deployment: 1K+ Taps, growing to 5K+ • Support for matching multiple 3G/4G/LTE protocols• Load Balance traffic to multiple tools (3rd party/Internal)

10

(c) 2015, BIG SWITCH NETWORKS, INC.

USE CASE 2: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks

SPAN SPAN

4G(eNode B)

RAN MOBILE CORE / DATA CENTER

3G

S5/S8S1-U

S12

SGi

TAP

TAP

TAP

TAP

SPAN

TAP

TAPSPAN

S-GW P-GW

NPB

MONITORING FABRIC

NPB

Big Tap Controller

Flexible & Deeper

Packet Matching

Policies based on Tunnel

End-point ID (TEID), GTP

version, SCTP port

number, etc.

Match inner headers of

encapsulated packets like

VXLAN, MPLS... (up to 128

bytes)

Replicate and load

balance traffic to any tool

11

(c) 2015, BIG SWITCH NETWORKS, INC.

CUSTOMER VALIDATIONS“…We have a number of packet analysis tools and we were using Gigamon to gather packets, but when you want to gather packets from everywhere that price point gets too high…

So we decided to go with a white box solution and Big Tap from Big Switch to gather packets and forward them to the tools as needed. We’re using software-defined networking first in non-production, in our monitoring space, and evaluating where we want to go next. It’s done well for us. We used it through our first peak of tax year 2014, which was in early February…

-Ted Turner, Sr. Network Engineer

12

(c) 2015, BIG SWITCH NETWORKS, INC.

BIG TAP MONITORING FABRIC: FEATURE COMPARISONS

Feature Big Tap Legacy NPBs

Filtering / Aggregation / Load Balancing VM-to-VM Traffic monitoring 1G/10G/40G (100G on Roadmap) Event based Policy Management / API RBAC / TACACS+ Inter-DC Tunneling Deeper packet Matching Service Node chaining Scale-out, Multi-tier Fabric Specialized Functions (timestamp, de-dup)

with NPB* In-line Deployment Mode Flow Generation Inbuilt Packet Capture Analytics (host/DNS/DHCP tracking)

NPB

MONITORING FABRIC

NPB

Big Tap Controller

PRODUCTION NETWORK

TOOL FARM

Leverage Existing NPBs Efficiently

Optional NPB Service Nodes

13

(c) 2015, BIG SWITCH NETWORKS, INC.

ADVANCED DEPLOYMENT MODESScenario 1: Extending Tool Farm to Taps in Remote Locations

NPBFI

LTE

R

PO

RTS

DELI

VE

RY PO

RTS

SERVICE PORTS

MONITORING FABRIC VISIBILITY TOOLS

NETWORK PERF MONITORING

APPLICATION PERF MONITORING

SECURITY TOOLS

VOIP MONITORING

NPB

PRIMARY DATA CENTER

CENTRALIZED

BIG TAP CONTROLLER

REMOTE DATA CENTER(S)

L2-GRE Tunnels

RE

MO

TE F

P

TU

NN

EL

PO

RTS

PRODUCTION TAP & SPAN

Remote Location Monitoring:Trouble-shoot network problems in remote locations via centralized tools

14

(c) 2015, BIG SWITCH NETWORKS, INC.

ADVANCED DEPLOYMENT MODESScenario 2: Pervasive Security with Inline Deployment Mode

CENTRALIZED OUT-OF-BAND TOOL FARM

INLINE TOOL CHAINS

TRAFFIC DISTRIBUTION / LOAD SHARING

BIG TAP CONTROLLER

PERIMETER

FIREWALL

DMZ FIREWALL

1/10/40GETHERNET SWITCH

TRUSTED ZONE

DATA CENTER / ENTERPRISE / CAMPUS

UNTRUSTED ZONE

ACL BASED SPAN

WEBPROXY

IINTRUSION PREVENTIO

N

SSLDECRYPT

INTERNET DMZ(INLINE) (OUT OF BAND)

15

TOOL / TECHNOLOGY ALLIANCE PARTNERSHIPSSample List

(c) 2014, BIG SWITCH NETWORKS, INC. PROPRIETARY AND CONFIDENTIAL

Thunder Threat Protection SystemSolution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-a10-bsn.pdf

Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-fireeye-bsn.pdf

FireEye Threat Prevention Platform

Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-bluecoat-bsn.pdf

Security Analytics Platform

Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-riverbed-bsn.pdf

SteelCentral for Performance Management and Control

Performance Management for Multimedia applications

Partner Portal: http://www.bigswitch.com/technology-alliance-partners

Try it for Free!

©2015 BIG SWITCH NETWORKS, INC. WWW.BIGSWITCH.COM

Labs.

Big

Sw

itch

.com

17

Thank You