Total Virtual Network Visibility


Published on

Watch the full OnDemand Webcast:

The migration to virtual computing architectures has created a new blind spot in the enterprise: the traffic between virtual servers in the same physical chassis. This “invisible traffic” never crosses any physical network segment where it can be easily captured, creating a problem for any data center team trying to troubleshoot, optimize, or secure its virtual server operations.

As enterprises virtualize more and more of their data center operations, these blind spots grow. As a result, network engineers have little or no visibility into the traffic among virtual servers. Until now…

With the combination of Net Optics Phantom Virtual Tap and WildPackets OmniPeek® network analyzer, network engineers get complete access to the network and application traffic traversing virtual servers. The Phantom Virtual Tap eliminates the blind spots created by invisible traffic and enables network engineers to use the powerful root-cause analysis capabilities of OmniPeek to troubleshoot, optimize, benchmark, and secure virtual servers and virtual applications.

In this joint webinar from Net Optics and WildPackets, you will learn how to:

1. Establish goals and best practices for virtual network analysis
2. Define hardware requirements to meet analysis goals
3. Configure your virtual network for the realities of network analysis

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Total Virtual Network Visibility

  1. 1. Jay BotelhoDirector of Product ManagementWildPackets Show us your tweets! Use today’s webinar hashtag:Ran Nahmias #wp_virtualnetwork with any questions, comments, or feedback.Director, Virtualization and Cloud Services Follow us @wildpacketsNet © WildPackets, Inc.
  2. 2. Agenda• Current Trends in Virtualization• What Causes Virtual Network Blind Spots?• Eliminating the Blind Spot• Network Analysis in Virtual Environments• Net Optics Overview• WildPackets Overview © WildPackets, Inc.
  3. 3. Current State of Virtualization• 75% of large companies have implemented some form of virtualization1• Percentage of servers actually virtualized remains small at approximately 10 – 15% in these companies1• Virtual systems are a tempting target for security breaches ‒ Compromising only one layer provides access to many2• Storage virtualization – 45% adoption; 5th most effective strategy3,7 ‒ Deduplication ‒ Thin provisioning ‒ Tiering © WildPackets, Inc.
  4. 4. Current Trends in Virtualization • Bundling virtualization with servers1 • SMBs get into the action4, 5 • Automation on the rise5, 6 • Better backup, recovery and live migration tools5, 6 • I/O virtualization 6 • Desktop Virtualization5, 6, 8 ‒ Benefits depend on vertical industry ‒ Mobile access devices (eg. iPads) driving adoptionWildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 4
  5. 5. What Causes Network Blind Spots 11000110101 11000110101 ?11000110101 © WildPackets, Inc.
  6. 6. Eliminating the Blind Spot © WildPackets, Inc.
  7. 7. WildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 7
  8. 8. Hypervisor Virtual Stack Monitoring Challenge ESX Virtual Stack vm1 vm2 vm3 Physical Network Security & Virtualization Creates Monitoring Security, Monitoring and Compliance Risks Virtual Switch Analyzer• No visibility into inter-VM traffic, IDS vulnerabilities or threats• Lacks auditing of data passing between virtual servers Physical Host Server• Inability to pinpoint resource utilization issues © WildPackets, Inc.
  9. 9. Phantom Virtual Tap Solution ESX Virtual Stack with Phantom Installed Phantom  Controlle vm1 vm2 vm3 r (VM) Enables Security, Physical NetworkPerformance Monitoring and Security & Compliance Phantom Virtual Tap Monitoring• 100% visibility of inter-VM traffic Analyzer• Kernel implementation— Virtual Switch no need for SPAN Ports on Virtual Switch / Promiscuous Mode IDS• Bridges virtual traffic to physical monitoring tools Physical Host Server © WildPackets, Inc.
  10. 10. Net Optics Converged Network Solution ESX  Phantom vm1 vm2 vm3 Controlle r (VM) Physical Server Physical and Virtual Analyzer Monitoring Access Phantom Physical Server Monitor™• Hypervisor-specific Tap IDS Physical Server Hypervisor• Purpose-built for virtualization Encapsulated• Monitor through Live-Migration Tunnel (VMotion)• TAP for each VM instance (by VM ID) Phantom Manager™ Director™ Indigo Pro™• Tight Integration with VMware vCenter• Fault-Tolerant and Non disruptive Architecture LAN/W AN © WildPackets, Inc.
  11. 11. Support for vMotion MigrationESX 1 ESX 2 vm1 vm2 vm3 vm5 vm6 Phantom Phantom Monitor™ Monitor™ Hypervisor Hypervisor LAN/WAN Phantom Manager™ © WildPackets, Inc.
  12. 12. Net Optics Standalone Network Solution ESX  Phantom vm1 vm2 vm3 Controlle r (VM) Physical Server Phantom Virtual Tap AnalyzerStandalone Implementation Phantom Physical Server Monitor™• Phantom Tap can be deployed as total IDS virtualization monitoring solution Physical Server Hypervisor• Can capture and bridge traffic of interest directly to select inspection tools Encapsulated Tunnel• No hardware required, can be installed and deployed off of data center floor Phantom Manager™ Indigo Pro™ LAN/W AN © WildPackets, Inc.
  13. 13. Phantom Virtual Tap Key Advantages • Gain end-to-end • Achieve security, • Realize the full traffic visibility in compliance and potential of your the virtual performance virtual data center environment monitoring standardsWildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 14
  14. 14. Establishing Goals for NetworkAnalysis in Virtual Environments © WildPackets, Inc.
  15. 15. Net Optics and WildPacketsWildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 16
  16. 16. What’s The Difference? Traditional NA – Virtual NA = 0• All the same goals apply ‒ Monitoring/reporting ‒ Background analysis with alarms/alerts ‒ Real-time vs. post-capture analysis ‒ Network performance/application performance/VoIP• Only the implementation is different © WildPackets, Inc.
  17. 17. Understand Your Virtual Environment• Traffic levels per • Baselines virtual interface ‒ Establish and re-establish ‒ Mbps? ‒ Use Expert events for further ‒ Packets per classification second? ‒ Packet size distribution?• Traffic level per application ‒ Average rates ‒ Peak rates ‒ Weekly patterns © WildPackets, Inc.
  18. 18. Real-time vs. Post Capture Analysis• Real-time analysis ‒ RAM is your friend ‒ Flexible, on-the-fly changes ‒ Network utilization under 3Gbps ‒ Validating theories• Post-capture analysis ‒ Disk capacity is your friend - steady-state traffic at 1Gbps requires: 7.68 GB/min 460 GB/hr 11 TB/day ‒ Wide-open analysis ‒ Network utilization at full line rate (10Gbps) ‒ Need to retain ALL data for post-capture analysis ‒ Forensics searches are CPU and RAM intensive © WildPackets, Inc.
  19. 19. Real-time Statistics Always AvailableWildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 20
  20. 20. Net Optics Overview © WildPackets, Inc.
  21. 21. Introduction to Net OpticsCustomers• Financial, Telco, Enterprise, Government, Markets Healthcare• 85% of the Fortune 100 BRIC• 52% of the Fortune 500 6%• 7,500 Global Deployments APAC 16%Highlights N. America• Founded in 1996, Private, Self-Funded EMEA 60%• 60 Quarters of Growth & Profitability 18%• Strong Management Team• Headquarters in Silicon Valley, USA• Sales Offices in New York, Atlanta, Seattle, Germany, ChinaGo to Market Strategy• 30% Direct Sales• 25% OEM/Partner Relationship• 45% Global ChannelTechnology• Four new inventions each year• 20+ patents and patent pending applications © WildPackets, Inc.
  22. 22. Selected CustomersFinancial Telco Enterprise Healthcare Government © WildPackets, Inc.
  23. 23. Networking Industry Trends and Pain PointsNetwork must be designed for No visibility into the virtualizedscalability & agility networkNew Applications Explosive GrowthNetwork Stability CAPEX ImprovementsLow Latency Network No Compliance Monitoring VirtualizationData Center Consolidation ComplexityCompliance Network Link Saturation SecurityInternal/External Intrusions Speeds OversubscriptionLawful Interception 10G 40G 100GCybercrimeSecurity must be architected in,not a point solution Tools & instruments can’t keep up © WildPackets, Inc.
  24. 24. Net Optics Position in the NetworkApplications Layer Protocol Analyzers IPS Forensics Performance Data Loss Prevention VoIP AnalyzerAccess & Control Layer Net Optics Products Solve Indigo Pro™ Director xStream Pro™ Taps • Oversubscribed Analysis & Security Aggregation Tools Director™ Bypass Switches • Requirement for Total Visibility Director xBalancer™ • Need for Multiple Tool Deployment Phantom™ Virtual • Network Scalability Tap Gig Zero Delay • Visibility into Virtualization Tap™ Regeneration Tap™ • High Availability & Tool RedundancyNetwork Layer ESX Stack Core Network vm Vm Vm 1 2 3 Data Center User Access Virtual Data Center Phantom Monitor™ Cloud V Switch Hypervisor © WildPackets, Inc.
  25. 25. Net Optics Products Access Control ManagementBypass Switches Indigo Pro™Intelligent TapsNetwork TapsVirtual Tap appTap™ © WildPackets, Inc.
  26. 26. WildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 27
  27. 27. WildPackets Overview © WildPackets, Inc.
  28. 28. Corporate Background• Experts in network monitoring, analysis, and troubleshooting ‒ Founded: 1990 / Headquarters: Walnut Creek, CA ‒ Offices throughout the US, EMEA, and APAC• Our customers are leading edge organizations ‒ Mid-market, and enterprise lines of business ‒ Financial, manufacturing, ISPs, major federal agencies, state and local governments, and universities ‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000• Award-winning solutions that improve network performance ‒ Internet Telephony, Network Magazine, Network Computing Awards ‒ United States Patent 5,787,253 issued July 28, 1998 • Different approach to maintaining availability of network services © WildPackets, Inc.
  29. 29. What We Do• Provide network visibility and intelligence … ‒ WatchPoint, OmniPeek, OmniEngines • Expert systems – we find the problems for you • Superior drill-down capability – trouble-shoot from anywhere • Flexible, customizable, extensible – leverage your investment ‒ Professional services, training, best practices• For all network segments … ‒ Data center to desktop to remote office ‒ LAN, WAN, Wireless … ‒ HTTP, Email, Database, VoIP, Video …• To … ‒ Network engineers; IT Management; Developers © WildPackets, Inc.
  30. 30. Real-World Deployments Education Financial GovernmentHealth Care / Retail Telecom Technology © WildPackets, Inc.
  31. 31. Product Offerings Software and Turnkey Appliances• Enterprise Monitoring and Reporting ‒ WatchPoint Server ‒ OmniFlow, NetFlow, and sFlow Collectors• Network Probes & Recorders ‒ Omnipliance Network Recorders – Edge, Core ‒ TimeLine Network Recorder ‒ OmniAdapter Analysis Cards• Distributed Analysis Software ‒ OmniPeek – Enterprise, Professional, Basic, Connect ‒ OmniEngine – Enterprise, Desktop, OmniVirtual• Portable Solutions ‒ OmniPeek software ‒ Omnipliance Portable © WildPackets, Inc.
  32. 32. TimeLine Network Recorder 11.7Gbps Sustained Capture • Fastest network recording and real-time statistical display — simultaneously ‒ Network statistics display in TimeLine visualization format • Rapid, intuitive forensics search and retrieval ‒ Historical network traffic analysis and quick data rewinding ‒ Several pre-defined forensics search templates making searches easy and fast • A natural extension to the WildPackets product line • Turnkey bundled solution © WildPackets, Inc.
  33. 33. Omnipliance Network Recorders Price/performance solutions for every application Portable Edge Core TimeLine Ruggedized Small Networks / Regional Offices / Datacenter Troubleshooting Remote Offices Small Datacenter WorkhorseChassis 1U 3U 3UMemory 2 GB / 8 GB 4 GB / 8 GB 6 GB / 24 GB 18 GB / 24 GBExpansion 1 PCI-E / 2 PCI-X 1 PCI-E or 1 PCI-X 4 PCI-E 4 PCI-EStorage 500 GB / 2.5 TB 1 TB 8 TB 8 TB / 16 TB / 32 TB © WildPackets, Inc.
  34. 34. Key Differentiators• High-level network monitoring to root-cause analysis• Single solution for today’s converged networks ‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV• Reduce and even eliminate network downtime ‒ Automated monitoring 24x7 ‒ Speedy resolution of network bottlenecks• Improve network and application performance• Uniquely Extensible Platform – tailored to your needs ‒ Plug-ins and APIs for integration and customization © WildPackets, Inc.
  35. 35. Q&A Show us your tweets! Use today’s webinar hashtag: Follow us on SlideShare! Check out today’s slides on SlideShare #wp_virtualnetwork any questions, comments, or feedback. Follow us @wildpackets © WildPackets, Inc.
  36. 36. Thank You!WildPackets, Inc. Net Optics, Inc.1340 Treat Boulevard, Suite 500 5303 Betsy Ross DriveWalnut Creek, CA 94597 Santa Clara, CA 95054(925) 937-3200 (408) 737-7777 © WildPackets, Inc.