Gigamon Systems


Published on

The DAN or Data Access Network is a newly emerging “best practice” for passive monitoring of mission critical networks that solves real access problems, improves network performance and uptime, and saves capital, operation and maintenance costs. A DAN is a combination of out-of-band data access switching plus passive monitoring instrumentation to enable required security, compliance, forensics review, application performance, VoIP QoS, uptime and other network management tasks. Data is acquired from multiple SPAN ports or taps and multicast to multiple tools, aggregated to a few consolidated tools, and filtered or divided across many instances of the same tools. The DAN may be thought of as a “data socket” providing immediate access for ad hoc tool deployment without impact to the production network and outside of the scope of configuration management policies. Data Access Networking is a concept whose time has come due to a recent confluence of factors including enhanced fiduciary responsibilities, heightened threats to network security, real convergence of voice, video and data networks, plus greater economic dependency on network uptime and performance. This Podcast recommends the DAN as a solution to those who suffer real problems like too many tools and not enough span ports, too many links to monitor and not enough money to deploy distributed tools, or too much traffic that threatens to overflow even the highest capacity tool. For more details, visit

Published in: Business, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Gigamon Systems

    1. 1. LAN, WAN, SAN, and now DAN D ata A ccess N etwork Tom Gallatin Gigamon Systems A Network Infrastructure Company
    2. 2. What’s a DAN? Out-of-Band Monitoring Network Includes Passive Tools like: Sensors, Probes, Monitors, Recorders, Analyzers, and Access Switching Proprietary & Confidential
    3. 3. What’s a DAN? <ul><ul><li>A new “Best Practice” </li></ul></ul><ul><ul><li>Part of the network infrastructure </li></ul></ul><ul><ul><li>Facilitates instrumentation of a network </li></ul></ul><ul><ul><li>Enterprise or Telco </li></ul></ul><ul><ul><li>What’s new is how data is fed to the tools </li></ul></ul><ul><ul><li> By a Data Access Switch or Aggregator </li></ul></ul><ul><ul><li>Unobtrusive to the primary network </li></ul></ul>Proprietary & Confidential
    4. 4. Example of a DAN Proprietary & Confidential
    5. 5. Why are DANs Needed Now? <ul><li>Things Have Changed </li></ul><ul><ul><li>9/11 spawned new security and lawful intercept requirements </li></ul></ul><ul><ul><li>Enron spawned new auditing and monitoring laws </li></ul></ul><ul><ul><li>New tools optimize E-commerce and internet applications </li></ul></ul><ul><ul><li>VoIP and media convergence make the network more strategic </li></ul></ul><ul><ul><li>Network is more valuable; Downtime is unacceptable </li></ul></ul>Proprietary & Confidential
    6. 6. <ul><ul><li>New SOX compliance transaction monitors </li></ul></ul><ul><ul><li>Keep your boss out of jail! </li></ul></ul><ul><ul><li>IDS Sensors detect external hacker attacks </li></ul></ul><ul><ul><li>NAC Appliance protects networks from inside </li></ul></ul><ul><ul><li>From your own people! </li></ul></ul><ul><ul><li>Forensic recorders capture events </li></ul></ul><ul><ul><li>and how the network being used! </li></ul></ul><ul><ul><li>Configuration monitoring tools watch over network resources </li></ul></ul><ul><ul><li>Application and Network troubleshooting </li></ul></ul>Proprietary & Confidential Proliferation of Tools
    7. 7. Proprietary & Confidential Proliferation Causes Contention for Span Ports Security and IT Engineers seen here “ Negotiating” Over a SPAN Port
    8. 8. What Other Problems do DANs solve? <ul><ul><li>Consolidate tools and sensors </li></ul></ul><ul><ul><li>Save money on capital and operational budgets </li></ul></ul><ul><ul><li>Aggregate flows from parallel links - etherchannel </li></ul></ul><ul><ul><li>Give tools the “big pipe” network wide view </li></ul></ul><ul><ul><li>Filter and divide high bandwidth traffic </li></ul></ul><ul><ul><li>Reduce and balance load to match tool capacity </li></ul></ul><ul><ul><li>Overcome the tyranny of Configuration Management Policies </li></ul></ul><ul><ul><li>Deploy tools and make changes on your own schedule </li></ul></ul>Proprietary & Confidential
    9. 9. Proprietary & Confidential Too Many Power Tools? Not Enough Sockets? ? ? ? ?
    10. 10. Proprietary & Confidential For Power Tools, use a Power Strip
    11. 11. Proprietary & Confidential Too Many Monitoring Tools? Not Enough Span Ports ? ? ? ? ?
    12. 12. Proprietary & Confidential For Sensors/Monitors/Analyzers, Use a Data Access Switch One Span port serves Many tools
    13. 13. Proprietary & Confidential Monitoring a Mesh Network?
    14. 14. Proprietary & Confidential Could Distribute Tools, Deploy one tool per span port/switch Lots of hardware…very expensive!
    15. 15. Proprietary & Confidential Better to Distribute Connections with a DAN Aggregate and balance flows to Consolidated Tools
    16. 16. <ul><li>Plug-in multiple out-of-band tools – any tool to any data </li></ul><ul><li>Unobtrusive tool changes – never touch the network </li></ul><ul><li>Do moves, adds, changes at any convenient time </li></ul>DAN is out-of-band “Data Socket” Part of the Reliable Network Infrastructure Performance Monitor Security IDS Transaction Auditor Forensic Recorder Protocol Analyzer Edge Router Switch Storage Area Network Switch Server Farm Consolidated Tool Farm Config Monitor “ Data Socket”
    17. 17. DAN Solves Access Problems By <ul><li>Aggregating many links to any tool </li></ul><ul><ul><li>Multicasting any link to many tools </li></ul></ul><ul><ul><ul><li>Filtering data to map packets to tools </li></ul></ul></ul><ul><ul><ul><ul><li>Saving $$ Cap Ex and Op Ex budget$ </li></ul></ul></ul></ul>Proprietary & Confidential Any to Any Any to Many Many to Any Bit-Mask Filtering