GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
-
Upload
grant-swanson -
Category
Technology
-
view
1.495 -
download
1
description
Transcript of GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
““TiVoTiVo®®
for your Network for your Network””
Packet Record and PlaybackPacket Record and PlaybackAppliancesAppliances
TiVo and the TiVo logo are registered trademarks of TiVo Inc. or its subsidiaries.
Solera Networks® 2007
Our TechnologyNetwork Packet Capture:
• Stream-to-disk technology enables capture at anunprecedented 5.0 Gbps (bursts up to 6.4 Gbps)
Packet Storage:• On-disk file system captures 100% of network packet traffic
(including payload) for archiving/audit/analysis (up to 240 TBs)
Access:• Captured data is available via industry standard formats• TimeShift™ technology enables data playback in multiple
formats for analysis and review
Solera Networks® 2007
Capture• Infinite Network Packet Capture System (INPCS) built on top of
Security-Enhanced Linux (SELinux) OS• Proprietary file system optimized for high-speed disk writes• Full packet capture, including payload• 2 proprietary partition types:
• ActiveCapture™ (Insures “Legal Chain of Custody”)• ActiveArchive™ (Used for compliance with Sarbox, HIPPA, etc.)
• Lossless capture speeds of 5.0 Gbps (bursts to 6.4Gbps)• Packet time-stamping at nanosecond level• Layer 2 - Layer 7 traffic
Solera Networks® 2007
Storage• The Solera Networks File System utilizes several key
technologies with commodity hardware:• Ring Buffer and Direct Memory Access (DMA) usage are optimized for high-speed read and
write-to-disk• Traditional bottlenecks (CPU, Memory, etc.) are eliminated
• First in/First Out (FIFO) caching algorithm insures continuouswindow of data
• Unique file system enables very large partition types• Onboard storage options up to 800 GB to 12 TB• External storage via NAS/SAN unlimited up to 240 TB*
• RAID 1, 0, and 5 configurations
*Certified by Solera Networks
Solera Networks® 2007
Access• Virtual file system (VFS) allows access to single or multiple sets
of time-series instances• Analyze segments simultaneously with multiple toolsets• Allows for overlapping segments to be analyzed concurrently
• VFS insures that data is NEVER altered on disk• Legal Chain of Custody
• Support industry standard PCAP formats for instant access tohundreds of commercial, custom, and open-source applications
• Virtual Network Interface option• Regenerate live traffic, at full-line rate• Ingress and Egress filtering capabilities, at line rates
Solera Networks® 2007
TimeShift™ Network AnalyticsImmediate replay – Playback
recorded events in near realtime(1 msec latency).
Complete view – Get the entirepicture, not just a sampling.
Your schedule – Unabridgedhistory means EVERYTHING isaccessible, reproducible, andcapable of in-depth analysis,when you need it.
Solera Networks® 2007
PlaybackSeveral options for playback• Inbound and Outbound filtering• Expose packets in PCAP format through Solera Virtual File
System• Regenerate network traffic:• To a different network segment• To a virtual Ethernet adapter on a PC
• Web Services API
Solera Networks® 2007
• Web-based GUI and Command-Line-Interface (CLI) interfaces• System monitoring, reporting, and logging• Statistics and trend analysis• Role-based security• SOAP & REST APIs to facilitate 3rd party console integration
Management
Solera Networks® 2007
Why you need a Solera Solution?Network management•Policy enforcement•Compliance - SARBOX, HIPPA, JSOX
Network Analysis•ISV applications•Session reconstruction•10Gb networks
Intrusion detection•Network Buffer•Forensics
Data leakage•Monitor & record suspicious traffic•Highlight and record data loss
Lawful Intercept•CALEA
Solera Networks® 2007
Functional Deployment
Solera Networks® 2007
CALEA Requirements(Communications Assistance for Law Enforcement Act)
Section 103 – ”Assistance Capability Requirements”All telecommunications carriers must ensure that they are
capable of enabling the government to:• intercept all wire or electronic communications to or from a subscriber• access identifying information reasonably available to the carrier• receive intercepted communications and identifying information in a format thatmay be transmitted to a location other than the premises of the carrier
• receive information in a manner that protects the privacy and security ofcommunications not authorized to be intercepted
Solera Network’s CALEA Appliance conforms to CALEAstandards T1.IAS for data carriers:
• Packet data capture• Data capture logs• Real-time delivery to law enforcement agencies
Solera Networks® 2007
Web-based ManagementView key stats• Storage on disk• Bytes captured• Bytes filtered• Storage system report• Network system report• Regeneration report
Solera Networks® 2007
Record
• Start and Stop multiple captures
Solera Networks® 2007
Playback• Playback any
period of capturedtraffic
• Specify maximumbytes per file
Solera Networks® 2007
Virtual Interfaces• Create virtual
interface tophysical interfacemappings fortraffic capture andregeneration
Solera Networks® 2007
Regeneration• Regenerate captured
traffic• Throttle regeneration
speed for forensicapplications
Solera Networks® 2007
Filters• Filter Inbound/
Outbound Traffic• Filter for any bit of
information• Filter at the header
or payload level• Multiple filters –
start and stop atany time, continueto capture
Solera Networks® 2007
Filter Editor• Create complex
filters on protocol,IP, MAC address,payload type, orunique bit pattern
Solera Networks® 2007
CALEA• Available CALEA
interface• Set multiple taps
as needed
Solera Networks® 2007
Administration - Users• Assign users• Create new users• Reset passwords
Solera Networks® 2007
Administration - Console• Ability to access
command lineinterface (CLI)from webconsole
Solera Networks® 2007
Administration - Settings• View and Change
systemconfiguration
• Change defaultsettings
Solera Networks® 2007
Product Options
Solera Networks® 2007
Open Platform Support• Run commercial or open
source software• Instant Messaging (IM) Analysis
Tools• HTTP Analysis Tools• Web Reporting Tools• Packet Analysis Tools• Intrusion Detection System (IDS)
Tools• Network Security Tools• OS Detection Tools• Network/Application QOS Tools
• API – approximately 40system calls exposedthrough REST & SOAPinterfaces
Solera Networks® 2007
About Solera NetworksWho we are?
We are the TiVo® for your Network
What we do?We are the foundation for a comprehensive network
management and security architecture. We answer: “Whathappened on my network?”
How we do it?Full network packet capture and playback technology
Solera Networks® 2007
For more information and torequest a demo visit:
www.soleranetworks.com