Big Monitoring Fabric

2,012 views

Published on

Big Monitoring Fabric™ (BMF) enables pervasive security and monitoring of network traffic for an organization and selectively delivers it to multiple security, monitoring, performance measurement and compliance tools—both Inline and Out-of-Band. Big Monitoring Fabric is a modern 1G/10G/40G/100G network visibility fabric that leverages high-performance, open Ethernet switches to provide pervasive security monitoring and visibility of an organization’s network traffic. Using an SDN-centric architecture, Big Monitoring Fabric enables scale-out fabric for enterprise-wide monitoring, single pane of glass for operational simplicity, and multi-tenancy for multiple IT teams (NetOps, DevOps, SecOps) to simultaneously perform network monitoring using tenant-specific inline or out-of-band tools and policies.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,012
On SlideShare
0
From Embeds
0
Number of Embeds
47
Actions
Shares
0
Downloads
161
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Big Monitoring Fabric

  1. 1. Big Monitoring Fabric Simple, Scalable, Economical SUNIT CHAUHAN HEAD OF PRODUCT MARKETING BIG SWITCH NETWORKS
  2. 2. Big Monitoring Fabric Overview
  3. 3. EVERY ORGANIZATION NEEDS PACKET MONITORING... 3 Application Performance Monitoring Network Performance Monitoring Security Monitoring Traffic Analytics / Recorders Customer Experience Monitoring TOOLS Lawful Intercept Billing Verification But where do you attach the tools? “Everywhere” is too expensive. (c) 2016, BIG SWITCH NETWORKS, INC.
  4. 4. NETWORK MONITORING EVOLUTION Current Generation  Modern SDN-based Approach (c) 2016, BIG SWITCH NETWORKS, INC. SECOND GENERATION ARCHIITECTURE SPAN SPAN TAP 1/10G TAP 1/10G NPB NPB NPB THIRD GENERATION – SDN ARCHITECTURE Control Network BSN NPB White-boxBasedScalableFabric 1/10/40/100 GE Tool Farm Packet Services Big Mon Controller SPAN SPAN TAP 10/40G TAP 1/10G Monitored Traffic 4
  5. 5. BIG MONITORING FABRIC Enabling Pervasive Security & Visibility (c) 2016, BIG SWITCH NETWORKS, INC. Monitor Everywhere✓ Scale-out Architecture✓ Open, Fast Innovation✓ Very Economical✓ THIRD GENERATION – SDN ARCHITECTURE Control Network BSN NPB White-boxBasedScalableFabric 1/10/40/100 GE Tool Farm Packet Services Big Mon Controller SPAN SPAN TAP 10/40G TAP 1/10G Monitored Traffic 5
  6. 6. Centralized Tool Farm ENABLING PERVASIVE SECURITY/TAP EVERY RACK 6 (c) 2016, BIG SWITCH NETWORKS, INC. Actual Topology Diagram: Tier-1 US Financial Services Institution
  7. 7. BIG MONITORING FABRIC Simple, Scalable, Economical 7 (c) 2016, BIG SWITCH NETWORKS, INC. • Simple to Provision • Simple to Manage • Simple to Troubleshoot • Centralized Programmability Simple • Monitor Any Rack (1000’s of Links) • Monitor Any Location (Remote or DMZ Inline) • 1/10/40/100G • Elastic Infrastructure Scalable • Over 60% Reduction in Total Cost of Ownership • Reduced CapEx • Reduced OpEx Economical
  8. 8. CUSTOMER VALIDATIONS 8 (c) 2016, BIG SWITCH NETWORKS, INC. “…We have a number of packet analysis tools and we were using Gigamon to gather packets, but when you want to gather packets from everywhere that price point gets too high… So we decided to go with a white box solution and Big Mon from Big Switch to gather packets and forward them to the tools as needed. We’re using software-defined networking first in non-production, in our monitoring space, and evaluating where we want to go next. It’s done well for us. We used it through our first peak of tax year 2014, which was in early February…” Ted Turner, Sr. Network Engineer
  9. 9. (c) 2016, BIG SWITCH NETWORKS, INC. “Big Switch’s Big Monitoring Fabric Is the Killer App for SDN” -- Andrew Lerner, Research Director Gartner DC Conference, Dec 2015 9
  10. 10. Big Monitoring Fabric Deployment Scenarios
  11. 11. USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK Centralized Tool Farm (c) 2016, BIG SWITCH NETWORKS, INC. Tier-1 US Financial Services Institution • Centralized tool farm for 120 racks • Mix of 1GE, 10GE and 40GE taps and tools • Re-used legacy NPBs as ‘service nodes’ 11
  12. 12. Centralized Tool Farm USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK 12 (c) 2016, BIG SWITCH NETWORKS, INC. Actual Topology Diagram: Tier-1 US Financial Services Institution
  13. 13. USE CASE 2: DMZ SECURITY TOOL CHAINING (INLINE) 13 (c) 2016, BIG SWITCH NETWORKS, INC. FIREWALL FIREWALL IPS WEB PROXY CENTRALIZED TOOL FARM CORE SWITCH 1 CORE SWITCH 2 TRUSTED ZONE INTERNET / UNTRUSTED ZONE DMZ/EXTRANET BIG MONITORING FABRIC CONTROLLER INLINE TOOLS UNTRUST ED TRUSTED OUT OF BAND Fortune 50 Oil and Gas Company • Inline Deployment Across 10s of Global Data Centers • Selective SPAN of Traffic to Out-of-Band Tools • Optimal Tool Utilization (Asymmetric Chaining)
  14. 14. USE CASE 2: DMZ SECURITY TOOL CHAINING (INLINE) 14 (c) 2016, BIG SWITCH NETWORKS, INC. FIREWALL FIREWALL IPS WEB PROXY CENTRALIZED TOOL FARM CORE SWITCH 1 CORE SWITCH 2 TRUSTED ZONE INTERNET / UNTRUSTED ZONE DMZ/EXTRANET BIG MONITORING FABRIC CONTROLLER INLINE TOOLS UNTRUST ED TRUSTED OUT OF BAND
  15. 15. USE CASE 3: MOBILE / LTE NETWORK MONITORING Enabling Advanced Monitoring for Mobile Core Networks 15 (c) 2016, BIG SWITCH NETWORKS, INC. SPAN SPAN 4G (eNode B) RAN MOBILE CORE / DATA CENTER 3G S5/S8S1-U S12 SGi TAP TAP TAP TAP SPAN TAP TAP SPAN S-GW P-GW NPB MONITORING FABRIC NPB Big Tap Controller Tier-1 Mobile Service Providers in Japan • Scale-out Deployment: 1K+ Taps, growing to 5K+ • Support for matching multiple 3G/4G/LTE protocols • Load Balance traffic to multiple tools (3rd party/Internal)
  16. 16. USE CASE 3: MOBILE / LTE NETWORK MONITORING Enabling Advanced Monitoring for Mobile Core Networks 16 (c) 2016, BIG SWITCH NETWORKS, INC. SPAN SPAN 4G (eNode B) RAN MOBILE CORE / DATA CENTER 3G S5/S8S1-U S12 SGi TAP TAP TAP TAP SPAN TAP TAP SPAN S-GW P-GW NPB MONITORING FABRIC NPB Big Mon Controller Flexible & Deeper Packet Matching  Policies based on Tunnel End-point ID (TEID), GTP version, SCTP port number, etc.  Match inner headers of encapsulated packets like VXLAN, MPLS... (up to 128 bytes)  Replicate and load balance traffic to any tool
  17. 17. USE CASE 4: REMOTE DATA CENTER MONITORING Extending Tool Farm to Taps in Remote Locations 17 (c) 2016, BIG SWITCH NETWORKS, INC. NPB FILTER PORTS DELIVERYPORTS SERVICE PORTS MONITORING FABRIC VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING NPB PRIMARY DATA CENTER CENTRALIZED BIG MON CONTROLLER REMOTE DATA CENTER(S) L2-GRE Tunnels REMOTEFP TUNNEL PORTS PRODUCTION TAP & SPAN Remote Location Monitoring: Trouble-shoot network problems in remote locations via centralized tools
  18. 18. Big Monitoring Fabric Architecture
  19. 19. BIG MONITORING FABRIC Architecture FILTERPORTS DELIVERY PORTS SERVICE PORTS VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING PRODUCTION NETWORK TAP&SPAN PORTS 1/10/40/100G* ETHERNET SWITCH FABRIC OptionalBSN NPB DC / CAMPUS NETWORK ETHERNET SWITCHING FABRIC WITH SERVICE NODES (c) 2016, BIG SWITCH NETWORKS, INC. CENTRALIZED TOOL FARM BIG MONITORING FABRIC CONTROLLER 19
  20. 20. BIG MONITORING FABRIC Architecture FILTERPORTS DELIVERY PORTS SERVICE PORTS VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING PRODUCTION NETWORK TAP&SPAN PORTS 1/10/40/100G* ETHERNET SWITCH FABRIC OptionalBSN NPB DC / CAMPUS NETWORK ETHERNET SWITCHING FABRIC WITH SERVICE NODES (c) 2016, BIG SWITCH NETWORKS, INC. CENTRALIZED TOOL FARM BIG MONITORING FABRIC CONTROLLER  Simple: Single Pane of Glass Management (No box-by-box)  Resilient: HA with Headless Mode  Programmable: Event Triggered Monitoring  Advanced Telemetry & Analytics 20
  21. 21. BIG MONITORING FABRIC Architecture FILTERPORTS DELIVERY PORTS SERVICE PORTS VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING PRODUCTION NETWORK TAP&SPAN PORTS 1/10/40/100G* ETHERNET SWITCH FABRIC OptionalBSN NPB DC / CAMPUS NETWORK ETHERNET SWITCHING FABRIC WITH SERVICE NODES (c) 2016, BIG SWITCH NETWORKS, INC. CENTRALIZED TOOL FARM BIG MONITORING FABRIC CONTROLLER 21
  22. 22. BIG MONITORING FABRIC Advanced Analytics & Telemetry 22 (c) 2016, BIG SWITCH NETWORKS, INC. Enhanced Features with Release 5.5: • Advanced Trackers (Host, Network, …) • Historical Time Series Data • sFlow Collection & Analysis FILTERPORTS DELIVERY PORTS SERVICE PORTS 1/10/40/100G ETHERNET SWITCH FABRIC OptionalBSN NPB ETHERNET SWITCHING FABRIC WITH SERVICE NODES BIG MONITORING FABRIC CONTROLLER
  23. 23. BIG MONITORING FABRIC Architecture FILTERPORTS DELIVERY PORTS SERVICE PORTS VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING PRODUCTION NETWORK TAP&SPAN PORTS 1/10/40/100G* ETHERNET SWITCH FABRIC OptionalBSN NPB DC / CAMPUS NETWORK ETHERNET SWITCHING FABRIC WITH SERVICE NODES (c) 2016, BIG SWITCH NETWORKS, INC. CENTRALIZED TOOL FARM BIG MONITORING FABRIC CONTROLLER  High Density 1RU White-box Switches (HCL: Dell-ON / Accton / Quanta)  Scalable: Up to 1000s of Ports 23
  24. 24. BIG MONITORING FABRIC 100G Switch Hardware 24 (c) 2016, BIG SWITCH NETWORKS, INC. Introduced with Release 5.5: • 32 ports of 100G • 32 ports of 40G • 128 ports of 10G FILTERPORTS DELIVERY PORTS SERVICE PORTS 1/10/40/100G ETHERNET SWITCH FABRIC OptionalBSN NPB ETHERNET SWITCHING FABRIC WITH SERVICE NODES BIG MONITORING FABRIC CONTROLLER  High-density, Open Networking 1RU Switches  Non-blocking, Line-rate 3.2Tb switching (sub usec latency)  Supports Port-side Intake/Egress airflow  BRCM Tomahawk ASIC (HW supports 10G/25G/40G/50G/100G) Accton AS7712-32X Dell Z9100-ON
  25. 25. BIG MONITORING FABRIC Architecture FILTERPORTS DELIVERY PORTS SERVICE PORTS VISIBILITY TOOLS NETWORK PERF MONITORING APPLICATION PERF MONITORING SECURITY TOOLS VOIP MONITORING PRODUCTION NETWORK TAP&SPAN PORTS 1/10/40/100G* ETHERNET SWITCH FABRIC OptionalBSN NPB DC / CAMPUS NETWORK ETHERNET SWITCHING FABRIC WITH SERVICE NODES (c) 2016, BIG SWITCH NETWORKS, INC. CENTRALIZED TOOL FARM BIG MONITORING FABRIC CONTROLLER  Advanced Packet Services with Big Switch x86 Service Appliance (Packet De-dup / Slicing / Regex Match)  Reuse Current NPB Investment 25
  26. 26. BIG MONITORING FABRIC Service Node Details 26 (c) 2016, BIG SWITCH NETWORKS, INC. Intel DPDK based Appliance for Advance Packet Services: • De-duplication • Packet Slicing • Regex / Pattern Match FILTERPORTS DELIVERY PORTS SERVICE PORTS 1/10/40/100G ETHERNET SWITCH FABRIC OptionalBSN NPB ETHERNET SWITCHING FABRIC WITH SERVICE NODES BIG MONITORING FABRIC CONTROLLER  1RU Appliance (NEBS Level 3 and ETSI Compliant)  Multiple Services on Single Appliance  4 x 10G ports, Bi-directional (RX/TX on same I/F)  Up to 24 service nodes can be attached to BMF
  27. 27. TOOL / TECHNOLOGY ALLIANCE PARTNERSHIPS Sample List 27 (c) 2016, BIG SWITCH NETWORKS, INC. Thunder Threat Protection System Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-a10-bsn.pdf Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-fireeye-bsn.pdf FireEye Threat Prevention Platform Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-bluecoat-bsn.pdf Security Analytics Platform Solution Summary: http://www.bigswitch.com/sites/default/files/sdnresources/solutionsummary-riverbed-bsn.pdf SteelCentral for Performance Management and Control Performance Management for Multimedia applications Partner Portal: http://www.bigswitch.com/technology-alliance-partners
  28. 28. How To Get Started
  29. 29. 29 (c) 2016, BIG SWITCH NETWORKS, INC.
  30. 30. Labs.BigSwitch.com (c) 2016, BIG SWITCH NETWORKS, INC.30
  31. 31. CUSTOMER ENGAGEMENT OPTIONS Introducing Community Edition • Subscription Licenses • ELA (3+Years) • Elastic Pricing • Free Software on Premise: Evaluate Big Switch SDN solutions on your Network  Big Cloud Fabric & Big Monitoring Fabric • Online E-store for Switch Hardware: White-box or Open Networking Switches (c) 2016, BIG SWITCH NETWORKS, INC.31
  32. 32. Thank You

×