James Tai
Sales Engineer, APJ
ETDA Open Forum
Gigamon Service Provider Solutions
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 2
Trusted by the World’s Leading OrganizationsGigamon Customers
of the top ten
Global Banks7
of the top ten
Healthcare Providers8
of the top ten
U.S. Federal Agencies10
of the top ten largest
Tech Companies8
of the
Fortune 10083
of the top ten
Mobile Phone Network Operators
8
Customer data from April 2018. List sources available upon request.
© 2018 Gigamon. All rights reserved. 3
Service Providers Customers Today
* Partial customer logo available.
144 customers in global telecom carrier. +10 customers in Japan telecom carrier.
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 4
Security
Intelligence
Visibility Nodes
Physical, Virtual, and Cloud Infrastructure
Management and
Orchestration
Gigamon Product Portfolio
GigaVUE-FM
▸ Flow Mapping® ▸ Clustering▸ Inline Bypass
▸ GigaVUE H SeriesIntelligent Visibility
Virtual
▸ GigaVUE TA SeriesTap Aggregators
▸ G-TAPTaps
GigaVUE-OS
▸ GigaStream®
Physical
▸ GigaVUE-VMTap Aggregator
Cloud
▸ GigaVUE V SeriesIntelligent Visibility
▸ G-vTAPVirtual Taps
Core Intelligence
InsightData Store
▸ Detect
▸ Investigate
GigaSMART® Application Intelligence
► Application Visualization
► Application Filter Intelligence
► Application Metadata Intelligence
Subscriber Intelligence
▸ GTP Correlation
▸ FlowVUE® Flow Sampling
▸ SIP/RTP Correlation
▸ 5G/CUPS Correlation
Traffic Intelligence
▸ De-duplication
▸ Slicing
▸ Masking
▸ SSL/TLS Decryption
▸ NetFlow Generation
▸ Advanced Load Balancing
▸ Tunneling
▸ Adaptive Packet Filtering
▸ Header Stripping
API IQL
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 5
GTP Correlation Challenges
Billings
Monitor
4G
3G
TAP / Aggregators
Customer
Experience
Management
(CEM)
Application
Performance
Sub A
Sub B
Sub C
Sub n
Sub D
SUBSCRIBER-AWARE FORWARDING
• Basic TAP and aggregators cannot
correlate subscriber traffic sessions
from LTE and 3G networks
• No subscriber-aware filtering,
forwarding, and replication for one
or multiple billing/monitoring tools
• Result: Uncorrelated control and
data packets. Packet fragmentation
of subscriber traffic
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 6
Flow Mapping®
GTP Correlation
SUBSCRIBER-AWARE FORWARDING
Customer
Experience
Management
(CEM)
Billings
Monitor
Application
Performance
Sub A
Sub C
Sub D
4G
3G
Sub A
Sub B
Sub C
Sub n
Sub DGTP Correlation
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 7
SIP/RTP Correlation and Load Balancing
Customer
Experience
Management
(CEM)
Network
Performance
Management
(NPM)
SIP/RTP Correlation
Ta
p 1
EPC
Ta
p 2
IMS
Ta
p 3 SIP
PEERING
SIP
RTP
Sub A
Sub B
Sub C
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 8
EPC/IMS Correlation of VoLTE
Tools
Application Performance
Management
Network Performance
Management
Customer Experience
Management
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 9
SIP/RTP Correlation across non-IMS network
SIP and RTP packets belonging to the same session are tapped across various
SIP and RTP interfaces and correlated before being filtered and forwarded to
tools.
SIP/RTP 5.3 Release
USE CASE 1
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 10
Direct jump from 4G to 5G network is unlikely
Many deployment options available to service providers
Industry is converging on subset of deployment options (options 3, and 2)
SA – Standalone (EPC core is 5G)
NSA – Non Standalone (EPC core is LTE)
The Journey From 4G To 5GWhat is changing?
Ref: blog.3g4g.co.uk
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 11
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 12
How does GTP Subscriber Awareness Work – 3G/LTE (Non-CUPS)3G/LTE (Non CUPS)
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 13
How does GTP Subscriber Awareness Work – LTE CUPS3G/LTE-CUPS
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 14
LTE / CUPS
IMSI – International Mobile Subscriber ID (SIM Card)
IMEI – International Mobile Equipment ID (Device)
MSISDN – Mobile Station International Subscriber
Directory Number (Phone number)
APN – Access Point Name
QCI – QoS Class ID
User Plane Interface (S1U, S11U, S2b, S5/S8,
Gn/Gp)
5G
SUPI – Subscription Permanent Identifier
PEI – Permanent Equipment Identifier
DNN – Data Network Name
5QI – 5G QoS Identifier
User Plane Interface (N3, N9)
New 5G Subscriber Aware Configuration Attributes
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 15
How does GTP Subscriber Awareness Work – 5G
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 16
Subscriber Aware Visibility EvolutionHow we do it better - distributed real-time visibility
Monolithic
Subscriber Awareness
Control Plane Node
Disaggregated & Distributed
Subscriber Awareness
User Plane Node
Control Plane Node
User Plane Node User Plane Node
OpenStack Cloud
Control Plane Node
LTE to
LTE CUPS
Transition
Transition
to 5G
Hybrid or Virtualized
Subscriber Awareness
CPN to UPN communication interface
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 17
Initially applied in virtualization of EPC and IMS network functions
Control plane functions, such as MME, HSS, DNS, and PCRF
User plane functions, such as SBC
NFV is now the preferred deployment technique for 5G network functions
The 5G architecture is defined with NFV and SDN in mind
Virtual and physical network functions will co-exist
Growing Network Function Virtualization Adoption
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 18
Modular & Flexible, Multi-Functional GigaVUE® HC Series Visibility Node
GigaVUE-HC3 Physical Chassis
Extension BoardUSB Port Four modular bays for front ports, GigaSMART®, etc.
Front to back airflow Front to back airflow
Rear fan tray
(blowing out)
Redundant,
load-sharing
power supplies
FRONT
REAR
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 19
Data Optimization with GigaVUE V SeriesReduce visibility overhead by optimizing traffic distribution to tools
Feature Highlights Benefits
Flow MappingGranularly filter, replicate and forward traffic to specific monitoring tools
Packet slicingReduce bandwidth consumption by truncating packets to only what is needed for analysis
De-duplicationOptimize bandwidth and monitoring resource consumption, by eliminating redundant packets
GTP Correlation*Enable horizontal scaling of monitoring solution and improve monitoring tool utilization with subscriber-aware traffic distribution
CUPS Correlation*Enable monitoring of distributed control and user plane functions with CUPS support
Service Chained Visibility Functions
De-dup*Slicing NetFlow FlowVUE*Flow Mapping® Sampling Load
Balancing*
…CUPS
CUPS
Correlation*
NFV Infrastructure (NFVI)
Visibility as
VNF
* Roadmap
Visibility layer
Virtualization Layer
Hardware Resources
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 20
Network Functions Virtualization (NFV) Visibility SolutionOpenStack
Mobile network elements Service assurance tools
Horizon
Nova
Glance
NFV Infrastructure (NFVI)
Virtualization Layer
Hardware Resources
Virtual
Network
Functions
VNF
Virtual
ToolsTool Tool Tool
3rd
party tunnel
OVS mirror
Virtual Network
VNF VNF
NFV Infrastructure (NFVI)
Virtualization Layer
Hardware Resources
Data access layer
GigaVUE-FMService Chained Visibility Functions
De-dup*Slicing NetFlow FlowVUE*Flow Mapping® Sampling Load
Balancing*
…CUPS
CUPS
Correlation*
NFV Infrastructure (NFVI)
Visibility as
Virtual Network
Functions
* Roadmap
Visibility layer
Virtualization Layer
Hardware Resources
Data optimization layer
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 21
Virtual networking options: Standard OVS, OVS with DPDK, SR-IOV
Ref: https://www.youtube.com/watch?v=AULt3BuwMnY
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 22
Different traffic acquisition options for different virtual environments
Capture East-West and North-South traffic among VNFs to eliminate blind spots
Pre-filtering to minimize bandwidth consumption
L2GRE, VxLAN tunneling for standardized traffic delivery to third party probes
Traffic Acquisition with GigaVUE G-vTAP
* Roadmap
Mobile network elements
NFV Infrastructure (NFVI)
Virtualization Layer
Hardware Resources
Virtual
Network
Functions
VNF
Virtual Network
VNF VNF
G-vTAP Version DPDK CompatibleSR-IOV Compatible
VNF-based mirroring - ✓
OVS/OVS-with-DPDK mirroring* ✓ -
Container-based mirroring* - -
SR-IOV mirroring* - ✓
Service Function Chaining* ✓ -
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 23
G-vTAP traffic access
VNF-Based Mirroring
Traffic
Policies
Horizon Tenant
Nova
Glance
Any vSwitch
KVMKVM
Any vSwitch
Tunnel
GigaVUE-FM
APM
NPM
Security
CEM
Tunnel
VNF VNFVNF VNF
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 24
OpenStack
GigaVUE-FM orchestrates solution on OpenStack
G-vTAP service deployment
GigaVUE-FM manages G-vTAP container policies
OVS mirroring configuration
Supports Open vSwitch with
DPDK acceleration
Mirrored traffic may be delivered to GigaVUE V Series
Enables traffic aggregation and
processing
Tunneling directly to virtual or
physical tools
Tunneling to Visibility Fabric
Open vSwitch Mirroring
Horizon
Nova
Glance
GigaVUE-FM
KVM
Open vSwitch
VNF VNF VNF VNF
Probe 1
Probe 2
Probe n
Tunnel
Tunnel
Mirrored Traffic
KVM
Open vSwitch
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 25
Kubernetes
GigaVUE-FM orchestrates solution via Kubernetes master
G-vTAP Container deployment
Container network mirroring
GigaVUE-FM manages G-vTAPcontainer policies
G-vTAP container receives mirrored traffic from container network
Supports Flannel and Calico container networking
G-vTAP tunnels captured traffic to destination
Directly to physical probe
Directly to virtual probe (not shown)
Via Visibility Fabric to physical or virtual tool
Container-Based Mirroring
GigaVUE-FM
Container
Probe 1
Probe 2
Probe n
Tunnel
Tunnel
Container G-vTAP
Container
Flannel Flannel
Container Container G-vTAP
Container
Kubernetes Master (VM-a)
Kubernetes Worker (VM-b) Kubernetes Worker (VM-c)
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 26
High-level concept
GigaVUE-FM orchestrates solution via OpenStack
G-vTAP VM deployment
G-vTAP service deployment
GigaVUE-FM manages G-vTAP policiesSR-IOV mirroring
G-vTAP VM policies
G-vTAP VM receives mirrored traffic from NIC
Traffic mirrored from target SR-IOV virtual ports to G-vTAP SR-IOV virtual port
G-vTAP VM tunnels captured traffic to destination
Directly to physical probe
Directly to virtual probe
Via Visibility Fabric to physical or virtual tool
SR-IOV Mirroring
Horizon
Nova
Glance
GigaVUE-FM
KVM
Open vSwitch
VNF VNFG-vTAP
VM
Probe 1
Probe 2
Probe n
Tunnel
Tunnel
SR-IOV NIC
vP1 vP2 vPn…
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 27
A Common Architecture for Public and Private CloudsElastic scale in a cloud-native architecture
Analytics
Tools
Applications VPC
Virtual
apps
Amazon CloudWatch
Visibility tier Visibility tier
Azure API
AWS Direct Connect
(for hybrid connectivity)
Azure
ExpressRoute
Applications VNet
Tools
Security
Tools
Perf Mgmt
Tools
Amazon Azure
Visibility tier
Tenant Networks
OpenStack Cloud
Tools
Virtual
apps
Virtual
apps
MME SGW
Virtual Network Functions
PGW
MME SGW
Virtual Network Functions
PGW
MME SGW
Virtual Network Functions
PGW
Horizon
Nova
Glance
To other physical / virtual
elements in Gigamon Platform
GigaVUE-FM Fabric Manager
Tools
Visibility tier
Virtualized workloads
VMware Cloud*
Tools
Virtual
apps
MME SGW
Virtual Network Functions
PGW
MME SGW
Virtual Network Functions
PGW
MME SGW
Virtual Network Functions
PGW
To other physical / virtual
elements in Gigamon Platform
* Future
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 28
Application Intelligence for GTP Session Traffic
Confidential and Proprietary. © 2018 Gigamon. All rights reserved. Discussed under NDA 29
Top Related