Total Virtual Network Visibility
-
Upload
wildpackets -
Category
Technology
-
view
1.444 -
download
0
description
Transcript of Total Virtual Network Visibility
www.wildpackets.com© WildPackets, Inc.
Jay Botelho
Director of Product Management
WildPackets
Ran Nahmias
Director, Virtualization and Cloud Services
Net Optics
Show us your tweets!Use today’s webinar hashtag:
#wp_virtualnetworkwith any questions, comments, or feedback.
Follow us @wildpackets
© WildPackets, Inc.
Agenda
• Current Trends in Virtualization
• What Causes Virtual Network Blind Spots?
• Eliminating the Blind Spot
• Network Analysis in Virtual Environments
• Net Optics Overview
• WildPackets Overview
© WildPackets, Inc.
Current State of Virtualization
• 75% of large companies have implemented some form of
virtualization1
• Percentage of servers actually virtualized remains small at
approximately 10 – 15% in these companies1
• Virtual systems are a tempting target for security breaches
‒ Compromising only one layer provides access to many2
• Storage virtualization – 45% adoption; 5th most effective
strategy3,7
‒ Deduplication
‒ Thin provisioning
‒ Tiering
© WildPackets, Inc.
Current Trends in Virtualization
• Bundling virtualization with servers1
• SMBs get into the action4, 5
• Automation on the rise5, 6
• Better backup, recovery and live migration tools5, 6
• I/O virtualization 6
• Desktop Virtualization5, 6, 8
‒ Benefits depend on vertical industry
‒ Mobile access devices (eg. iPads) driving adoption
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 4
© WildPackets, Inc.
What Causes Network Blind Spots
11000110101 11000110101
11000110101?
www.wildpackets.com© WildPackets, Inc.
Eliminating the Blind Spot
© WildPackets, Inc.WildPackets Overview PROPRIETARY AND CONFIDENTIAL 7
© WildPackets, Inc.
Hypervisor Virtual Stack Monitoring
Challenge
vm1 vm2 vm3
Physical Host Server
ESX Virtual Stack
Virtual Switch Analyzer
IDS
Physical Network
Security &
MonitoringVirtualization Creates
Security, Monitoring and
Compliance Risks
• No visibility into inter-VM traffic,
vulnerabilities or threats
• Lacks auditing of data passing
between virtual servers
• Inability to pinpoint resource
utilization issues
© WildPackets, Inc.
Phantom Virtual Tap Solution
vm1 vm2 vm3
Analyzer
IDS
Physical Network
Security &
Monitoring
Physical Host Server
ESX Virtual Stack with
Phantom InstalledPhantom
Controlle
r
(VM)
Enables Security,
Performance Monitoring and
Compliance
• 100% visibility of inter-VM traffic
• Kernel implementation—
no need for SPAN Ports on Virtual
Switch / Promiscuous Mode
• Bridges virtual traffic to physical
monitoring tools
Phantom Virtual Tap
Virtual Switch
© WildPackets, Inc.
Net Optics Converged Network Solution
Physical and Virtual
Monitoring Access
• Hypervisor-specific Tap
• Purpose-built for virtualization
• Monitor through Live-Migration
(VMotion)
• TAP for each VM instance
(by VM ID)
• Tight Integration with VMware vCenter
• Fault-Tolerant and Non disruptive
Architecture
Director™
ESX
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
Encapsulated
Tunnel
Phantom Manager™
LAN/W
AN
Indigo Pro™
Analyzer
IDS
Physical Server
Physical Server
Physical Server
Phantom
Controlle
r
(VM)
© WildPackets, Inc.
Phantom
Manager™
LAN/WAN
Support for vMotion Migration
ESX 1
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
ESX 2
vm5 vm6
Hypervisor
Phantom
Monitor™
© WildPackets, Inc.
Net Optics Standalone Network Solution
Phantom Virtual Tap
Standalone Implementation
• Phantom Tap can be deployed as total
virtualization monitoring solution
• Can capture and bridge traffic of
interest directly to select inspection
tools
• No hardware required, can be installed
and deployed off of data center floor
ESX
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
Encapsulated Tunnel
Phantom Manager™
LAN/W
AN
Indigo Pro™
Analyzer
IDS
Physical Server
Physical Server
Physical Server
Phantom
Controlle
r
(VM)
© WildPackets, Inc.
Phantom Virtual Tap Key Advantages
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 14
• Achieve security,
compliance and
performance
monitoring standards
• Gain end-to-end
traffic visibility in
the virtual
environment
• Realize the full
potential of your
virtual data center
www.wildpackets.com© WildPackets, Inc.
Establishing Goals for Network
Analysis in Virtual Environments
© WildPackets, Inc.
Net Optics and WildPackets
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 16
© WildPackets, Inc.
What’s The Difference?
• All the same goals apply‒ Monitoring/reporting
‒ Background analysis with alarms/alerts
‒ Real-time vs. post-capture analysis
‒ Network performance/application performance/VoIP
• Only the implementation is different
Traditional NA – Virtual NA = 0
© WildPackets, Inc.
Understand Your Virtual Environment
• Traffic levels per
virtual interface
‒ Mbps?
‒ Packets per
second?
‒ Packet size
distribution?
• Traffic level per
application
‒ Average rates
‒ Peak rates
‒ Weekly patterns
• Baselines
‒ Establish and re-establish
‒ Use Expert events for further
classification
© WildPackets, Inc.
Real-time vs. Post Capture Analysis
• Real-time analysis‒ RAM is your friend
‒ Flexible, on-the-fly changes
‒ Network utilization under 3Gbps
‒ Validating theories
• Post-capture analysis‒ Disk capacity is your friend - steady-state traffic at 1Gbps requires:
7.68 GB/min
460 GB/hr
11 TB/day
‒ Wide-open analysis
‒ Network utilization at full line rate (10Gbps)
‒ Need to retain ALL data for post-capture analysis
‒ Forensics searches are CPU and RAM intensive
© WildPackets, Inc.
Real-time Statistics Always Available
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 20
www.wildpackets.com© WildPackets, Inc.
Net Optics Overview
© WildPackets, Inc.
Introduction to Net Optics
• Financial, Telco, Enterprise, Government, Healthcare
• 85% of the Fortune 100
• 52% of the Fortune 500
• 7,500 Global Deployments
Customers
• Founded in 1996, Private, Self-Funded
• 60 Quarters of Growth & Profitability
• Strong Management Team
• Headquarters in Silicon Valley, USA
• Sales Offices in New York, Atlanta, Seattle, Germany, China
Highlights
• 30% Direct Sales
• 25% OEM/Partner Relationship
• 45% Global Channel
Go to Market Strategy
• Four new inventions each year
• 20+ patents and patent pending applications
Technology
N. America
60%EMEA18%
APAC16%
BRIC6%
Markets
© WildPackets, Inc.
Selected Customers
EnterpriseTelcoFinancial Healthcare Government
© WildPackets, Inc.
New Applications
Network Stability
Low Latency
Data Center Consolidation
Network must be designed for
scalability & agility
Compliance
Internal/External Intrusions
Lawful Interception
Cybercrime
Security must be architected in,
not a point solution
Link Saturation
Oversubscription
10G 40G 100G
Tools & instruments can’t keep up
Explosive Growth
CAPEX Improvements
No Compliance Monitoring
No visibility into the virtualized
network
Networking Industry Trends and Pain
Points
Security
VirtualizationNetwork
Complexity
NetworkSpeeds
© WildPackets, Inc.
Net Optics Position in the Network
• Oversubscribed Analysis & Security
Tools
• Requirement for Total Visibility
• Need for Multiple Tool Deployment
• Network Scalability
• Visibility into Virtualization
• High Availability & Tool Redundancy
Net Optics Products Solve
Director
Aggregation
Access & Control Layer
Regeneration Tap™
xBalancer™
Gig Zero Delay Tap™
Director™
Director xStream Pro™
Indigo Pro™
Phantom™ Virtual Tap
Applications Layer
Protocol
Analyzers
IPS
Forensics
Performance
Data Loss
Prevention
VoIP Analyzer
Network Layer
Core Network
Data Center
User Access
Virtual Data
Center
Cloud
ESX Stack
Hypervisor
PhantomMonitor™
V Switch
vm1
Vm 2
Vm3
Taps
Bypass Switches
© WildPackets, Inc.
Net Optics Products
Control Management
Indigo Pro™
appTap™
Access
Bypass Switches
Intelligent Taps
Network Taps
Virtual Tap
© WildPackets, Inc.WildPackets Overview PROPRIETARY AND CONFIDENTIAL 27
www.wildpackets.com© WildPackets, Inc.
WildPackets Overview
© WildPackets, Inc.
Corporate Background
• Experts in network monitoring, analysis, and troubleshooting
‒ Founded: 1990 / Headquarters: Walnut Creek, CA
‒ Offices throughout the US, EMEA, and APAC
• Our customers are leading edge organizations
‒ Mid-market, and enterprise lines of business
‒ Financial, manufacturing, ISPs, major federal agencies,
state and local governments, and universities
‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000
• Award-winning solutions that improve network performance
‒ Internet Telephony, Network Magazine, Network Computing Awards
‒ United States Patent 5,787,253 issued July 28, 1998• Different approach to maintaining availability of network services
© WildPackets, Inc.
What We Do
• Provide network visibility and intelligence …‒ WatchPoint, OmniPeek, OmniEngines
• Expert systems – we find the problems for you
• Superior drill-down capability – trouble-shoot from anywhere
• Flexible, customizable, extensible – leverage your investment
‒ Professional services, training, best practices
• For all network segments …‒ Data center to desktop to remote office
‒ LAN, WAN, Wireless …
‒ HTTP, Email, Database, VoIP, Video …
• To …‒ Network engineers; IT Management; Developers
© WildPackets, Inc.
Real-World Deployments
Education
Health Care / Retail
Financial
Telecom
Government
Technology
© WildPackets, Inc.
Product OfferingsSoftware and Turnkey Appliances
• Enterprise Monitoring and Reporting‒ WatchPoint Server
‒ OmniFlow, NetFlow, and sFlow Collectors
• Network Probes & Recorders‒ Omnipliance Network Recorders – Edge, Core
‒ TimeLine Network Recorder
‒ OmniAdapter Analysis Cards
• Distributed Analysis Software‒ OmniPeek – Enterprise, Professional, Basic, Connect
‒ OmniEngine – Enterprise, Desktop, OmniVirtual
• Portable Solutions‒ OmniPeek software
‒ Omnipliance Portable
© WildPackets, Inc.
TimeLine Network Recorder11.7Gbps Sustained Capture
• Fastest network recording and real-time statistical
display — simultaneously‒ Network statistics display in TimeLine visualization format
• Rapid, intuitive forensics search and retrieval‒ Historical network traffic analysis and quick data rewinding
‒ Several pre-defined forensics search templates making
searches easy and fast
• A natural extension to the WildPackets product line
• Turnkey bundled solution
© WildPackets, Inc.
Omnipliance Network RecordersPrice/performance solutions for every application
Portable Edge Core TimeLineRuggedized
Troubleshooting
Small Networks /
Remote Offices
Regional Offices /
Small Datacenter
Datacenter
Workhorse
Chassis 1U 3U 3U
Memory 2 GB / 8 GB 4 GB / 8 GB 6 GB / 24 GB 18 GB / 24 GB
Expansion 1 PCI-E / 2 PCI-X 1 PCI-E or 1 PCI-X 4 PCI-E 4 PCI-E
Storage 500 GB / 2.5 TB 1 TB 8 TB 8 TB / 16 TB / 32 TB
© WildPackets, Inc.
Key Differentiators
• High-level network monitoring to root-cause analysis
• Single solution for today’s converged networks‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV
• Reduce and even eliminate network downtime‒ Automated monitoring 24x7
‒ Speedy resolution of network bottlenecks
• Improve network and application performance
• Uniquely Extensible Platform – tailored to your needs‒ Plug-ins and APIs for integration and customization
www.wildpackets.com© WildPackets, Inc.
Q&A
Show us your tweets!Use today’s webinar hashtag:
#wp_virtualnetworkwith any questions, comments, or feedback.
Follow us @wildpackets
Follow us on SlideShare!Check out today’s slides on SlideShare
www.slideshare.net/wildpackets
www.wildpackets.com© WildPackets, Inc.
Thank You!
WildPackets, Inc.
1340 Treat Boulevard, Suite 500
Walnut Creek, CA 94597
(925) 937-3200
Net Optics, Inc.
5303 Betsy Ross Drive
Santa Clara, CA 95054
(408) 737-7777