Big Data technology for systems monitoring in Energy – Big Data Europe
Big Monitoring Fabric
-
Upload
big-switch-networks -
Category
Technology
-
view
1.974 -
download
1
Transcript of Big Monitoring Fabric
Big Monitoring FabricSimple, Scalable, Economical
SUNIT CHAUHANHEAD OF PRODUCT MARKETINGBIG SWITCH NETWORKS
Big Monitoring FabricOverview
(c) 2016, BIG SWITCH NETWORKS, INC.
EVERY ORGANIZATION NEEDS PACKET MONITORING...
3
Application Performanc
e Monitoring
Network Performanc
e Monitoring
Security Monitoring
Traffic Analytics / Recorders
Customer Experience Monitoring
TOO
LS
Lawful Intercept
Billing Verification
But where do you attach the
tools?
“Everywhere” is too expensive.
4 (c) 2016, BIG SWITCH NETWORKS, INC.
NETWORK MONITORING EVOLUTIONCurrent Generation Modern SDN-based Approach
SECOND GENERATION ARCHIITECTURE
SPAN
SPAN
TAP 1/10G
TAP 1/10G
NPB
NPB
NPB
THIRD GENERATION – SDN ARCHITECTURE
Control Network
BSN NPB
Whi
te-b
ox B
ased
Sca
labl
e Fa
bric1/10/40/100 GE Tool Farm
Packet Services
Big Mon Controller
SPAN
SPAN
TAP 10/40G
TAP 1/10G
Monitored Traffic
5 (c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICEnabling Pervasive Security & Visibility
Monitor Everywhere✓Scale-out Architecture✓Open, Fast Innovation✓Very Economical✓
THIRD GENERATION – SDN ARCHITECTURE
Control Network
BSN NPB
Whi
te-b
ox B
ased
Sca
labl
e Fa
bric1/10/40/100 GE Tool Farm
Packet Services
Big Mon Controller
SPAN
SPAN
TAP 10/40G
TAP 1/10G
Monitored Traffic
6 (c) 2016, BIG SWITCH NETWORKS, INC.
CentralizedTool Farm
ENABLING PERVASIVE SECURITY/TAP EVERY RACK
Actual Topology Diagram: Tier-1 US Financial Services Institution
Customer
Use Case
7 (c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICSimple, Scalable, Economical
• Simple to Provision• Simple to Manage• Simple to
Troubleshoot• Centralized
Programmability
Simple
• Monitor Any Rack (1000’s of Links)
• Monitor Any Location(Remote or DMZ Inline)
• 1/10/40/100G• Elastic Infrastructure
Scalable
• Over 60% Reduction in Total Cost of Ownership• Reduced CapEx• Reduced OpEx
Economical
8 (c) 2016, BIG SWITCH NETWORKS, INC.
CUSTOMER VALIDATIONS“…We have a number of packet analysis tools and we were using Gigamon to gather packets, but when you want to gather packets from everywhere that price point gets too high…
So we decided to go with a white box solution and Big Mon from Big Switch to gather packets and forward them to the tools as needed. We’re using software-defined networking first in non-production, in our monitoring space, and evaluating where we want to go next. It’s done well for us. We used it through our first peak of tax year 2014, which was in early February…”
Ted Turner,
Sr. Network Engineer
9 (c) 2016, BIG SWITCH NETWORKS, INC.
“Big Switch’s Big Monitoring Fabric Is the Killer App for SDN”
-- Andrew Lerner, Research DirectorGartner DC Conference, Dec 2015
Big Monitoring FabricDeployment Scenarios
11
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK
CentralizedTool Farm
Tier-1 US Financial Services Institution• Centralized tool farm for 120 racks• Mix of 1GE, 10GE and 40GE taps and tools• Re-used legacy NPBs as ‘service nodes’
12
(c) 2016, BIG SWITCH NETWORKS, INC.
CentralizedTool Farm
USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK
Actual Topology Diagram: Tier-1 US Financial Services Institution
Customer
Use Case
13
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 2: DMZ SECURITY TOOL CHAINING (INLINE)
FIREWALL FIREWALL
IPS
WEBPROXY
CENTRALIZED TOOL FARM
CORE SWITCH 1
CORE SWITCH 2
TRUSTED ZONE
INTERNET / UNTRUSTED ZONE
DM
Z / E
XTRA
NET
BIG MONITORING FABRIC CONTROLLER
INLINE TOOLS
UNTRUSTEDTRUSTED
OUT OF BAND
Fortune 50 Oil and Gas Company• Inline Deployment Across 10s of Global Data Centers• Selective SPAN of Traffic to Out-of-Band Tools• Optimal Tool Utilization (Asymmetric Chaining)
14
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 2: DMZ SECURITY TOOL CHAINING (INLINE)
FIREWALL FIREWALL
IPS
WEBPROXY
CENTRALIZED TOOL FARM
CORE SWITCH 1
CORE SWITCH 2
TRUSTED ZONE
INTERNET / UNTRUSTED ZONE
DM
Z / E
XTRA
NET
BIG MONITORING FABRIC CONTROLLER
INLINE TOOLS
UNTRUSTEDTRUSTED
OUT OF BAND
15
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 3: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks
SPAN SPAN
4G(eNode B)
RAN MOBILE CORE / DATA CENTER
3G
S5/S8S1-U
S12
SGi
TAP
TAP
TAP
TAP
SPAN
TAP
TAPSPAN
S-GW P-GW
NPB
MONITORING FABRIC
NPB
Big Tap Controller
Tier-1 Mobile Service Providers in Japan• Scale-out Deployment: 1K+ Taps, growing to 5K+ • Support for matching multiple 3G/4G/LTE protocols• Load Balance traffic to multiple tools (3rd party/Internal)
16
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 3: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks
SPAN SPAN
4G(eNode B)
RAN MOBILE CORE / DATA CENTER
3G
S5/S8S1-U
S12
SGi
TAP
TAP
TAP
TAP
SPAN
TAP
TAPSPAN
S-GW P-GW
NPB
MONITORING FABRIC
NPB
Big Mon Controller
Flexible & Deeper Packet Matching Policies based on Tunnel
End-point ID (TEID), GTP version, SCTP port number, etc.
Match inner headers of encapsulated packets like VXLAN, MPLS... (up to 128 bytes)
Replicate and load balance traffic to any tool
17
(c) 2016, BIG SWITCH NETWORKS, INC.
USE CASE 4: REMOTE DATA CENTER MONITORINGExtending Tool Farm to Taps in Remote Locations
NPBFI
LTER
PO
RTS
DELIV
ERY
POR
TS
SERVICE PORTS
MONITORING FABRIC VISIBILITY TOOLS
NETWORK PERF MONITORING
APPLICATION PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
NPB
PRIMARY DATA CENTER
CENTRALIZED
BIG MON CONTROLLER
REMOTE DATA CENTER(S)
L2-GRE Tunnels
REM
OTE
FP
TUNN
EL
PORT
S
PRODUCTION TAP & SPAN
Remote Location Monitoring:Trouble-shoot network problems in remote locations via centralized tools
Big Monitoring FabricArchitecture
19
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICArchitecture
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
VISIBILITY TOOLSNETWORK PERF
MONITORINGAPPLICATION
PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
PRO
DU
CTIO
N
NET
WO
RK
TAP
& SP
AN
PORT
S
1/10/40/100G* ETHERNET SWITCH FABRIC
OptionalBSN NPB
DC / CAMPUS NETWORK
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
CENTRALIZED TOOL FARM
BIG MONITORING FABRIC CONTROLLER
20
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICArchitecture
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
VISIBILITY TOOLSNETWORK PERF
MONITORINGAPPLICATION
PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
PRO
DU
CTIO
N
NET
WO
RK
TAP
& SP
AN
PORT
S
1/10/40/100G* ETHERNET SWITCH FABRIC
OptionalBSN NPB
DC / CAMPUS NETWORK
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
CENTRALIZED TOOL FARM
BIG MONITORING FABRIC CONTROLLER
Simple: Single Pane of Glass Management (No box-by-box)
Resilient: HA with Headless Mode Programmable: Event Triggered
Monitoring Advanced Telemetry & Analytics
21
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICArchitecture
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
VISIBILITY TOOLSNETWORK PERF
MONITORINGAPPLICATION
PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
PRO
DU
CTIO
N
NET
WO
RK
TAP
& SP
AN
PORT
S
1/10/40/100G* ETHERNET SWITCH FABRIC
OptionalBSN NPB
DC / CAMPUS NETWORK
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
CENTRALIZED TOOL FARM
BIG MONITORING FABRIC CONTROLLER
22
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICAdvanced Analytics & Telemetry
Enhanced Features with Release 5.5:• Advanced Trackers (Host, Network, …)• Historical Time Series Data• sFlow Collection & Analysis
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
1/10/40/100G ETHERNET SWITCH FABRIC
OptionalBSN NPB
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
BIG MONITORING FABRIC
CONTROLLER
23
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICArchitecture
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
VISIBILITY TOOLSNETWORK PERF
MONITORINGAPPLICATION
PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
PRO
DU
CTIO
N
NET
WO
RK
TAP
& SP
AN
PORT
S
1/10/40/100G* ETHERNET SWITCH FABRIC
OptionalBSN NPB
DC / CAMPUS NETWORK
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
CENTRALIZED TOOL FARM
BIG MONITORING FABRIC CONTROLLER
High Density 1RU White-box Switches (HCL: Dell-ON / Accton / Quanta)
Scalable: Up to 1000s of Ports
24
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRIC100G Switch Hardware
Introduced with Release 5.5:• 32 ports of 100G• 32 ports of 40G• 128 ports of 10G
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
1/10/40/100G ETHERNET SWITCH FABRIC
OptionalBSN NPB
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
BIG MONITORING FABRIC
CONTROLLER
High-density, Open Networking 1RU Switches Non-blocking, Line-rate 3.2Tb switching (sub usec latency) Supports Port-side Intake/Egress airflow BRCM Tomahawk ASIC (HW supports 10G/25G/40G/50G/100G)
Accton AS7712-32X
Dell Z9100-ON
25
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICArchitecture
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
VISIBILITY TOOLSNETWORK PERF
MONITORINGAPPLICATION
PERF MONITORING
SECURITY TOOLS
VOIP MONITORING
PRO
DU
CTIO
N
NET
WO
RK
TAP
& SP
AN
PORT
S
1/10/40/100G* ETHERNET SWITCH FABRIC
OptionalBSN NPB
DC / CAMPUS NETWORK
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
CENTRALIZED TOOL FARM
BIG MONITORING FABRIC CONTROLLER
Advanced Packet Services with Big Switch x86 Service Appliance(Packet De-dup / Slicing / Regex Match)
Reuse Current NPB Investment
26
(c) 2016, BIG SWITCH NETWORKS, INC.
BIG MONITORING FABRICService Node Details
Intel DPDK based Appliance for Advance Packet Services:
• De-duplication• Packet Slicing• Regex / Pattern Match
FILT
ER P
ORTS
DELI
VERY
PO
RTS
SERVICE PORTS
1/10/40/100G ETHERNET SWITCH FABRIC
OptionalBSN NPB
ETHERNET SWITCHING FABRIC WITH SERVICE NODES
BIG MONITORING FABRIC
CONTROLLER
1RU Appliance (NEBS Level 3 and ETSI Compliant) Multiple Services on Single Appliance 4 x 10G ports, Bi-directional (RX/TX on same I/F) Up to 24 service nodes can be attached to BMF
27
TOOL / TECHNOLOGY ALLIANCE PARTNERSHIPSSample List
(c) 2016, BIG SWITCH NETWORKS, INC.
Thunder Threat Protection SystemSolution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-a10-bsn.pdf
Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-fireeye-bsn.pdfFireEye Threat Prevention Platform
Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-bluecoat-bsn.pdf
Security Analytics Platform
Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-riverbed-bsn.pdf
SteelCentral for Performance Management and Control
Performance Management for Multimedia applications
Partner Portal: http://www.bigswitch.com/technology-alliance-partners
How To Get Started
29
(c) 2016, BIG SWITCH NETWORKS, INC.
Free Free $29K
(c) 2016, BIG SWITCH NETWORKS, INC.
Labs
.Big
Switc
h.co
m
30
31
(c) 2016, BIG SWITCH NETWORKS, INC.
CUSTOMER ENGAGEMENT OPTIONSIntroducing Community Edition
• Subscription Licenses • ELA (3+Years) • Elastic Pricing
• Free Software on Premise: Evaluate Big Switch SDN solutions on your Network
Big Cloud Fabric & Big Monitoring Fabric
• Online E-store for Switch Hardware: White-box or Open Networking Switches
Available NOW!
Thank You