Converged Monitoring Fabric for SDN-based Environments, an IBM and VSS Monitoring Solution


Published on

SDN-based traffic, such as traffic from OpenFlow switches, are now optimized for performance monitoring and enhanced security by this joint solution from IBM SDN Virtual Environments and VSS Monitoring Network Packet Brokers.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Converged Monitoring Fabric for SDN-based Environments, an IBM and VSS Monitoring Solution

  1. 1. Converged Monitoring Fabric For Software Defined Networks VSS Monitoring NPBs and IBM Software Defined Network for Virtual Environments Solution Brief INDUSTRY CHALLENGES The IBM and VSS Monitoring The open-source nature of SDN systems has made it challenging to deploy because it requires network engineers to develop new software engineering skills. This has complicated deployments and limited many projects to “do-it-yourself” or small-scale instances. Along with the challenge of SDN’s open-source beginnings (as well as features still in development), monitoring systems leveraging network packet broker (NPB) capabilities similarly required modifications and qualification to support SDN. converged monitoring fabric solution enables large-scale, cost-effective monitoring for virtual-host traffic, physical networks, cloud infrastructure, and SDNs ensuring performance and delivering security for enterprises and service providers alike. VSS Monitoring has collaborated with IBM to combine the benefits of SDN and NPBs in a converged solution that delivers wire-speed operation and fail-safe monitoring, ensures deterministic delivery of packets to security systems and analytics tools. The unified controller in the IBM SDN VE solution and VSS Monitoring network packet brokers provides hardware-accelerated SDN for performance and security monitoring. INTRODUCING VSS MONITORING NETWORK PACKET BROKERS WITH HIGHLIGHTS IBM SOFTWARE DEFINED NETWORK FOR VIRTUAL ENVIRONMENTS ƒƒ VSS Monitoring with network packet brokers Monitoring & IBM combine the benefits of SDN and NPBs ƒƒ Converged monitoring fabric delivers wire-speed operation and fail-safe monitoring ƒƒ Combines purpose-built NPB performance and optimization with IBM Unified OpenFlow Controller ƒƒ Leverages hardwareaccelerated SDN for monitoring and security Network packet brokers (NPBs) have emerged over the last several years as a critical element that enable network and security engineers to operate at the scale of today’s networks. Without NPBs, the task of ensuring network performance and securing large-scale networks has become exceptionally difficult. With terabytes of data to sift through, delivering the right data to the right tools and systems proves difficult. This can cause time to resolution for many network problems to grow longer and can expose a network to security risk. Performance tools and security systems need to receive traffic of interest so they can monitor networks while NPBs ensure that traffic is delivered in a flexible, cost-effective manner. For both security analysis systems, such as IDS/IPS, and network visibility tools that manage performance, NPBs provide enablement and operation efficiency for TAP aggregation, time stamping, packet cleanup, payload slicing, protocol stripping, and traffic delivery optimization services. Delivering traffic to these tools is the challenge for network engineers tasked with network troubleshooting and problem resolution. NPBs address that challenge. Adopting software-defined networks As network architectures evolve to include software-defined networks, the need for network packet brokers increases. Like traditional networks, software defined networks also require performance management and network security systems due to their dynamic nature and multi-tenant architectures. As network providers adopt SDN and take their deployments out of the lab, they are looking to build on their existing infrastructure to monitor and manage large-scale networks.
  2. 2. Converged Monitoring Fabric Using SDN, OpenFlow, and Network Packet Brokers; Solution Brief Combining SDN with NPB As workloads become virtualized and distributed, associating monitoring tools with a single physical port poses problems. As network performance gains are achieved and speeds surpass 10Gbps, reaching 40Gbps and even 100Gbps, monitoring tools and security systems require their traffic optimization infrastructure, such as load balancing, and health monitoring systems to keep pace with network speeds and maintain continuous monitoring. Consistent traffic forwarding optimization and advanced packet optimization features require purpose-built equipment to maintain line-rate performance. By using NPBs to aggregate traffic from SDN OpenFlow switches, virtual hosts, and traditional networks in a high performance system and then forwarding that traffic to monitoring tools over a monitoring fabric, network operators can maintain network visibility as they roll out new services. Employing NPBs in combination with monitoring OpenFlow enabled switches allows enterprises and network providers to use SDN technologies in combination with NPBs to facilitate SDN deployments. As with performance monitoring, traffic delivery can also be optimized for high-traffic loads. Tasks can be optimized as networks grow by enabling the ports that egress the SDN to be captured by an NPB similarly to traditional network mirrors or TAP ports. Such architectures enable OpenFlowbased SDN systems to share the duty of aggregating and forwarding traffic with NPBs. The OpenFlow switches can be programmed by the controller to filter and forward traffic to specified NPB supported ports. The NPB ports can provide further filtering, including forwarding specified traffic of interest to different tools and systems, as well as optimizing the packet flows with a range of packet services, such as time stamping, slicing, de-duplication, fragment reassembly, protocol stripping, encapsulation filtering, and load balancing. With traditional platforms, these packet manipulation and modification services are not typically supported within SDN-based systems, while they are crucial for both performance management and security deployments. The combined system supports the best of both worlds and can be part of an SDN infrastructure that is easier to manage and deploy without foregoing elements required for successful monitoring applications. Converged monitoring fabric: vMesh and OpenFlow The VSS Monitoring vMesh architecture provides a powerful foundation for a monitoring fabric. The vMesh architecture uses proprietary technology in a high availability management platform that enables users to build a managed mesh of NPB systems. This enables complete traffic access and visibility, including traffic that is forwarded from an OpenFlow switch within an SDN. Traffic that enters the vMesh network can be made available to tools and systems on the LAN and across WAN segments, including private clouds. The VSS vMesh technology is available on all vBroker, vProtector Series, Distributed Series, and Finder Series models, which are managed by VSS Management Center (vMC). Each NPB functions as a node in a vMesh architecture, allowing users to design and build global NPB systems for accessing traffic where each node connects with up to 255 other nodes as part of the monitoring fabric. Deploying the IBM SDN VE solution to support OpenFlow switches enables SDN traffic to be added to this system. In the combined system, traffic from thousands of ports can be monitored for traditional networks and virtualized networks. The vMesh architecture supports auto-discovery and self-configuration to ease management. If a port or node fails, traffic is automatically redirected to an open pathway to ensure traffic delivery to the destination tool or system. In the converged monitoring fabric solution, adding SDN traffic is as simple as connecting OpenFlow switches to any NPB that supports vMesh. VSS Monitoring network packer brokers and the IBM SDN VE solution combine to deliver a converged monitoring fabric. This unified system delivers significant flexibility while maintaining network visibility on physical networks, virtual networks, and within private cloud infrastructures. In SDN VE network VSS Monitoring NPBs can deliver increased performance, visibility, and other advanced services. The IBM components of the combined system insert an SDN layer that provides TAP aggregation for virtual hosts and OpenFlow networks, achieving a high degree of flexibility that leverages the benefits of the IBM SDN VE solution. For KVM and VMware virtual networks on existing physical switches, this enables automated network provisioning and application deployment, including OpenStack support (via a Neutron plug-in). The converged monitoring fabric from VSS Monitoring and IBM helps network administrators deliver a monitoring network that scales at the pace of modern data center networks. The system can operate in conjunction with production SDN networks or the solution can be deployed as a stand-alone monitoring network. In a monitoring network deployment, the OpenFlow switches are used to aggregate and forward traffic for monitoring purposes only. The monitoring network
  3. 3. Converged Monitoring Fabric Using SDN, OpenFlow, and Network Packet Brokers; Solution Brief application can be deployed incrementally, a few SDN switches and a few NPBs at a time, and, because the system operates on copied traffic and not production data, network managers may use OpenFlow switches in a lower-risk environment while gaining expertise in SDN. The solution transforms OpenFlow-enabled switches into aggregation devices that work with NPBs to filter and selectively forward network traffic to NPBs, where further brokering services can be applied. The inbound traffic is filtered on ingress ports from network TAPs or SPAN ports and forwarded to NPB nodes within the vMesh. Advanced services can be applied before the traffic is forwarded to other nodes in the vMesh or on to security systems and monitoring tools. IBM SDN VE Reference Architecture with VSS Monitoring Network Packet Brokers Host Host Host SDN VE VGW Virtual Network 2 SDN VE EGW VMs 5000V Virtual Distributed Switch Controller VMs SDN VE Connectivity Service VMs SDN VE Management Console VMs IBM SDN VE with OpenFlow Controller Virtual Network 1 Distributed vSwitch 5000V VDS vSwitch 5000V VDS vSwitch Distributed vSwitch IP Underlay NW VLAN/VNID Mapped NW Host Distributed vSwitch Data Center Physical IP Network VMs VMs To Network Ports (SPAN/TAP) VSS Management Console TO Tools Figure 1: IBM SDN VE with Converged monitoring fabric, NPBs and OpenFlow switches aggregating and forwarding traffic and NPBs providing advanced services.
  4. 4. Converged Monitoring Fabric Using SDN, OpenFlow, and Network Packet Brokers; Solution Brief ƒƒ Diagram depicts This Host SDN VE Overlay IP Networks SDN VE Controls and Gateways hosts Virtual Network 2 SDN VE VGW deployed on physical VMs SDN VE EGW and gateways are VMs 5000V Virtual Distributed Switch Controller ƒƒ SDN VE Controls VMs SDN VE Connectivity Service network deployment VMs Host SDN VE Management Console an SDN VE Overlay Host Virtual Network 1 Distributed vSwitch 5000V VDS vSwitch 5000V VDS vSwitch Distributed vSwitch ƒƒ 5000V VDS vSwitches IP Underlay NW host Virtual Networks VLAN/VNID Mapped NW ƒƒ SDN VE solution is The Host Distributed vSwitch Data Center Physical IP Network agnostic with regard to the make/model of the underlay Layer VMs 2/3 network VMs WAN Figure 2: SDN VE Reference Architecture Conclusion – VSS Monitoring and IBM SDN VE enable SDN monitoring A converged monitoring fabric brings together the IBM SDN VE OpenFlow based solution with the vMesh architecture from VSS Monitoring, enabling networking and security managers to collaborate more effectively. The solution creates a unified monitoring fabric based on OpenFlow physical switches and purpose-built NPBs that is capable of delivering the right traffic to the right tool at the right time. Combining the IBM SDN VE OpenFlow solution with NPBs ensures a cost-effective approach to network visibility that does not trade off performance or relinquish the necessary network optimization services. A monitoring fabric that uses OpenFlow in combination with TAP infrastructure and the vMesh architecture increases security and simplifies maintaining compliance by ensuring that NPBs remove personal information from packets while accelerating troubleshooting and problem resolution capability. From transactional data center deployments to click-to-compute systems, the converged monitoring fabric addresses emerging requirements and delivers a next-generation monitoring network that is simultaneously cost-effective and high performance. FOR MORE INFORMATION To learn more about IBM SDN solutions, please visit: or contact your IBM representative. For more information about VSS Monitoring Network Packet Brokers, please visit: VSS Monitoring is a world leader in network packet brokers (NPB), providing a visionary, unique systems approach to integrating network switching and the broad ecosystem of network analytics, security, and monitoring tools. VSS Monitoring, the VSS Monitoring logo, vBroker Series, Distributed Series, vProtector Series, Finder Series, TAP Series, vMC, vAssure, LinkSafe, vStack+, vMesh, vSlice, vCapacity, vSpool, vNetConnect and PowerSafe are trademarks of VSS Monitoring, Inc. in the United States and other countries. Any other trademarks contained herein are the property of their respective owners. © Copyright 2003 – 2014. VSS Monitoring Inc. All rights reserved.