Distributed Taps are intelligent, hardware-based network traffic capture devices designed to passively tap inline networks or connect to SPAN ports for capturing and forwarding traffic to monitoring or security tools.
Converged Monitoring Fabric for SDN-based Environments, an IBM and VSS Monito...VSS Monitoring
SDN-based traffic, such as traffic from OpenFlow switches, are now optimized for performance monitoring and enhanced security by this joint solution from IBM SDN Virtual Environments and VSS Monitoring Network Packet Brokers.
Discover Net Optics solutions for raising monitoring performance and productivity while lowering costs.
The demands to virtualize, scale, and implement new applications while conducting security, forensics, compliance and performance monitoring activities are adding to the list of hurdles facing IT teams. Challenges include multiple devices from many vendors, proliferating threats, soaring costs, scalability needs, 10G/40G/100G transition, environmental and compliance concerns—and more. We've collected and condensed a set of industry insights into what the driving need for increased network visibility, and the solutiuons necessary to meet this goal.
How to Thrive in the Changing Network Landscape
Net Optics offers a growing family of best-in-class solutions to let you access and monitor all traffic at all times and maintain a healthy, secure, and cost-efficient infrastructure. Download this guide to network visibility challenges and solutions for insights into network monitoring management and optimization.
Software Defined Networking (SDN) is an emerging trend in the networking and communication industry and promises to deliver enormous benefits, from reduced costs to more efficient network operations. It is a new approach that gives network operators and owners more control of the infrastructure, allowing optimization, customization and virtualization that enable the creation of new types of network services. This is done by decoupling the management and control planes that make decisions about where traffic is sent from (the control plane) the underlying hardware that forwards data traffic to the selected destination (the data plane).
Converged Monitoring Fabric for SDN-based Environments, an IBM and VSS Monito...VSS Monitoring
SDN-based traffic, such as traffic from OpenFlow switches, are now optimized for performance monitoring and enhanced security by this joint solution from IBM SDN Virtual Environments and VSS Monitoring Network Packet Brokers.
Discover Net Optics solutions for raising monitoring performance and productivity while lowering costs.
The demands to virtualize, scale, and implement new applications while conducting security, forensics, compliance and performance monitoring activities are adding to the list of hurdles facing IT teams. Challenges include multiple devices from many vendors, proliferating threats, soaring costs, scalability needs, 10G/40G/100G transition, environmental and compliance concerns—and more. We've collected and condensed a set of industry insights into what the driving need for increased network visibility, and the solutiuons necessary to meet this goal.
How to Thrive in the Changing Network Landscape
Net Optics offers a growing family of best-in-class solutions to let you access and monitor all traffic at all times and maintain a healthy, secure, and cost-efficient infrastructure. Download this guide to network visibility challenges and solutions for insights into network monitoring management and optimization.
Software Defined Networking (SDN) is an emerging trend in the networking and communication industry and promises to deliver enormous benefits, from reduced costs to more efficient network operations. It is a new approach that gives network operators and owners more control of the infrastructure, allowing optimization, customization and virtualization that enable the creation of new types of network services. This is done by decoupling the management and control planes that make decisions about where traffic is sent from (the control plane) the underlying hardware that forwards data traffic to the selected destination (the data plane).
This slides about Wireless sensor network MAC protocol,
There are bunch of MAC protocol in research field.
It classify the MAC protocol and summarize the feature of typical sensor network MAC protcol
2014 IEEE Network Simulations(NS-2&NS-3) based Network Communication ProjectsChinnasamy C
Hi,
Pantech ProEd Pvt Ltd, Provides Projects guidance for ME, M.Tech, Msc &MCA and all Electrical science Students......
Related to : final year project, Live project, Real time projects, Sensor Networks, Ad Hoc Network, Radio Networks, CRN, Multi Hop Network, etc....
Network Simulator – 2(NS2&NS3):
MANET Security
VANET Security
Wimax Security
Wireless Mesh network
Wireless Sensor Network
Wireless Network security
Cognitive wireless network
Wi-Fi based projects
cognitive radio project
Mobile network project
Contact:
Pantech ProEd Pvt Ltd.,
Ameerpet, Hyderabad-16
Ph:040-40077960/8897565645.
Introduction
Background
WSN Design Issues: MAC Protocols, Routing Protocols, Transport Protocols
Performance Modeling of WSNs: Performance Metrics, Basic Models, Network Models
Case Study: Simple Computation of the System Life Span
Practical Example.
Performance of Vehicle-to-Vehicle Communication using IEEE 802.11p in Vehicul...IJNSA Journal
Traffic safety applications using vehicle-to-vehicle (V2V) communication is an emerging and promising area within the ITS environment. Many of these applications require real-time communication with high reliability. To meet a real-time deadline, timely and predictable access to the channel is paramount. The medium access method used in 802.11p, CSMA with collision avoidance, does not guarantee channel
access before a finite deadline. The well-known property of CSMA is undesirable for critical communications scenarios. The simulation results reveal that a specific vehicle is forced to drop over 80% of its packets because no channel access was possible before the next message was generated. To overcome this problem, we propose to use STDMA for real-time data traffic between vehicles. The realtime properties of STDMA are investigated by means of the highway road simulation scenario, with promising results.
Survey on energy efficiency in wireless sensor network using mac protocol wit...Editor Jacotech
Dynamic feature evaluation and concept evaluation is major challenging task in the field of data classification. The continuity of data induced a new feature during classification process, but the classification process is predefined task for assigning data into class. Data comes into multiple feature sub-set format into infinite length. The infinite length not decided the how many class are assigned. Support vector machine is well recognized method for data classification. For the process of support vector machine evaluation of new feature during classification is major problem. The problem of feature evaluation decreases the performance of Support Vector Machine (SVM). For the improvement of support vector machine, particle of swarm optimization technique is used. Particle of swarm optimization controls the dynamic feature evaluation process and decreases the possibility of confusion in selection of class and increase the classification ratio of support vector machine. Particle of swarm optimization work in two phases one used as dynamic population selection and another are used for optimization process of evolved new feature.
High Speed Networks - Applications in FinanceOmar Bashir
Speed and agility in finance and banking is essential in executing a successful trade. In modern banking systems, including algorithmic and high frequency trading platforms, high speed networks communicate timely market data and liquidity information and carry execution instructions to trading venues and counterparties. Suboptimal networks, protocol stacks and applications can easily result in a financial impact when execution instructions are delayed or are based on stale market data.
This talk suggest optimisation opportunities in computer networks and introduces performant banking systems.
This slides about Wireless sensor network MAC protocol,
There are bunch of MAC protocol in research field.
It classify the MAC protocol and summarize the feature of typical sensor network MAC protcol
2014 IEEE Network Simulations(NS-2&NS-3) based Network Communication ProjectsChinnasamy C
Hi,
Pantech ProEd Pvt Ltd, Provides Projects guidance for ME, M.Tech, Msc &MCA and all Electrical science Students......
Related to : final year project, Live project, Real time projects, Sensor Networks, Ad Hoc Network, Radio Networks, CRN, Multi Hop Network, etc....
Network Simulator – 2(NS2&NS3):
MANET Security
VANET Security
Wimax Security
Wireless Mesh network
Wireless Sensor Network
Wireless Network security
Cognitive wireless network
Wi-Fi based projects
cognitive radio project
Mobile network project
Contact:
Pantech ProEd Pvt Ltd.,
Ameerpet, Hyderabad-16
Ph:040-40077960/8897565645.
Introduction
Background
WSN Design Issues: MAC Protocols, Routing Protocols, Transport Protocols
Performance Modeling of WSNs: Performance Metrics, Basic Models, Network Models
Case Study: Simple Computation of the System Life Span
Practical Example.
Performance of Vehicle-to-Vehicle Communication using IEEE 802.11p in Vehicul...IJNSA Journal
Traffic safety applications using vehicle-to-vehicle (V2V) communication is an emerging and promising area within the ITS environment. Many of these applications require real-time communication with high reliability. To meet a real-time deadline, timely and predictable access to the channel is paramount. The medium access method used in 802.11p, CSMA with collision avoidance, does not guarantee channel
access before a finite deadline. The well-known property of CSMA is undesirable for critical communications scenarios. The simulation results reveal that a specific vehicle is forced to drop over 80% of its packets because no channel access was possible before the next message was generated. To overcome this problem, we propose to use STDMA for real-time data traffic between vehicles. The realtime properties of STDMA are investigated by means of the highway road simulation scenario, with promising results.
Survey on energy efficiency in wireless sensor network using mac protocol wit...Editor Jacotech
Dynamic feature evaluation and concept evaluation is major challenging task in the field of data classification. The continuity of data induced a new feature during classification process, but the classification process is predefined task for assigning data into class. Data comes into multiple feature sub-set format into infinite length. The infinite length not decided the how many class are assigned. Support vector machine is well recognized method for data classification. For the process of support vector machine evaluation of new feature during classification is major problem. The problem of feature evaluation decreases the performance of Support Vector Machine (SVM). For the improvement of support vector machine, particle of swarm optimization technique is used. Particle of swarm optimization controls the dynamic feature evaluation process and decreases the possibility of confusion in selection of class and increase the classification ratio of support vector machine. Particle of swarm optimization work in two phases one used as dynamic population selection and another are used for optimization process of evolved new feature.
High Speed Networks - Applications in FinanceOmar Bashir
Speed and agility in finance and banking is essential in executing a successful trade. In modern banking systems, including algorithmic and high frequency trading platforms, high speed networks communicate timely market data and liquidity information and carry execution instructions to trading venues and counterparties. Suboptimal networks, protocol stacks and applications can easily result in a financial impact when execution instructions are delayed or are based on stale market data.
This talk suggest optimisation opportunities in computer networks and introduces performant banking systems.
A Machine Learning based Network Sharing System Design with MPTCPIJMREMJournal
The information and communication technologies (ICT) integrate different types of wireless communication to
provide IT-enabled services and applications. The great majority end devices are equipped with multiple network
interfaces such as Wi-Fi and 4G. Our goal is to integrate the available network interfaces and technologies to
enhance seamless communication efficiency and increase resources utilization. We proposed a heterogeneous
network management algorithm based on machine learning methods which includes roaming and sharing
functions. The roaming function provides the multiple network resources in physical and media access control
layers. The sharing function supports multiple network resources allocation and the service handover process
based on the Multi-Path TCP protocol. The simulation result also shows that the proposed scheme can increase
the network bandwidth utilization effectively. The sharing system could be used in home, mobile and vehicular
environments to realize ubiquitous social sharing networks.
A Machine Learning based Network Sharing System Design with MPTCPIJMREMJournal
The information and communication technologies (ICT) integrate different types of wireless communication to provide IT-enabled services and applications. The great majority end devices are equipped with multiple network interfaces such as Wi-Fi and 4G. Our goal is to integrate the available network interfaces and technologies to enhance seamless communication efficiency and increase resources utilization. We proposed a heterogeneous network management algorithm based on machine learning methods which includes roaming and sharing functions. The roaming function provides the multiple network resources in physical and media access control layers. The sharing function supports multiple network resources allocation and the service handover process based on the Multi-Path TCP protocol. The simulation result also shows that the proposed scheme can increase the network bandwidth utilization effectively. The sharing system could be used in home, mobile and vehicular environments to realize ubiquitous social sharing networks.
OPTIMIZING CONGESTION CONTROL BY USING DEVICES AUTHENTICATION IN SOFTWARE-DEF...IJNSA Journal
The Internet and local networks (LAN) are essential in all organizations and aspects of our lives. These networks' performance should be at high speeds to perform efficiently. This thesis suggests several motions to improve performance. The first is a software-defined network (SDN) distinguished from traditional networks by its ability to program traffic, agility, and support for applications that need big data and virtualization. The second is to control congestion by rerouting traffic to the shortest path. Finally, to modify the above, device authentication reduces congestion and improves network performance.
Network Monitoring and Traffic Reduction using Multi-Agent TechnologyEswar Publications
In this paper the algorithms which could improve Transmission band and Network Traffic reduction for computer network has been shown. Problem solving is an area with which many Multiagent-based applications are concerned. Multiagent systems are computational systems in which several agents interact or work together to achieve some purposes. It includes distributed solutions to problems, solving distributed problems and distributed techniques for problem solving. Multiagent using for maximizing group performance with planning, execution, monitoring, communication and coordination. This paper also addresses some critical issues in developing
Multi agent-based traffic control and monitoring systems, such as interoperability, flexibility, and extendibility. Finally, several future research directions toward the successful deployment of Multiagent technology in traffic control and monitoring systems are discussed.
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKSijdpsjournal
Monitoring functionality is an essential element of any network system. Traditional monitoring solutions
are mostly used for manual and infrequent network management tasks. Software-defined networks (SDN)
have emerged with enabled automatic and frequent network reconfigurations. In this paper, a scalable
monitoring system for SDN is introduced. The proposed system monitors small, medium, and large-scale
SDN. Multiple instances of the proposed monitoring system can run in parallel for monitoring many SDN
slices. The introduced monitoring system receives requests from network management applications,
collects considerable amounts of measurement data, processes them, and returns the resulting knowledge
to the network management applications. The proposed monitoring system slices the network (switches and
links) into multiple slices. The introduced monitoring system concurrently monitors applications for
various tenants, with each tenant's application running on a dedicated network slice. Each slice is
monitored by a separate copy of the proposed monitoring system. These copies operate in parallel and are
synchronized. The scalability of the monitoring system is achieved by enhancing the performance of SDN.
In this context, scalability is addressed by increasing the number of tenant applications and expanding the
size of the physical network without compromising SDN performance.
A Proposal for End-to-End QoS Provisioning in Software-Defined NetworksIJECEIAES
This paper describes a framework application for the control plane of a network infras- tructure; the objective is to feature end-user applications with the capability of requesting at any time a customised end-to-end Quality-of-Service profile in the context of dynamic Service-Level-Agreements. Our solution targets current and future real-time applications that require tight QoS parameters, such as a guaranteed end-to-end delay bound. These applications include, but are not limited to, health-care, mobility, education, manufacturing, smart grids, gaming and much more. We discuss the issues related to the previous Integrated Service and the reason why the RSVP protocol for guaranteed QoS did not take off. Then we present a new signaling and resource reservation framework based on the cutting-edge network controller ONOS. Moreover, the presented system foresees the need of considering the edges of the network, where terminal applications are connected to, to be piloted by distinct logically centralised controllers. We discuss a possible inter-domain communication mechanism to achieve the end-to-end QoS guarantee.
The presentation is dedicated to the main products of NUVX Technologies, which will be of interest to Telco companies, ISP providers, as well as integrators.
Our key products are: NUVX.DPI, NUVX.NAT and NUVX.QoE
Feel free to contact us in case of any questions: http://nuvx.com/contacts
Architecture evolution for automation and network programmabilityEricsson
http://www.ericsson.com/review
Automation and network programmability are key concepts in the evolution of telecom networks. Architecture designed with high degrees of automation and network programmability can rapidly adapt to emerging requirements, and as such improve operational efficiency and time to market for new services.
Enabling Active Flow Manipulation in Silicon-based Network Forwarding EngineTal Lavian Ph.D.
A significant challenge arising from today’s increasing Internet traffic is the ability to flexibly incorporate intelligent control in high performance commercial network devices. This paper tackles this challenge by introducing the Active Flow Manipulation (AFM)
mechanism to enhance traffic control intelligence of network devices through programmability. With AFM, customer network services can exercise active network
control by identifying distinctive flows and applying specified actions to alter network behavior in real-time. These services are dynamically loaded through Openet by the CPU-based control unit of a network node and are closely coupled with its silicon-based forwarding engines, without negatively impacting forwarding performance. AFM is exposed as a key enabling technology of the programmable networking platform Openet. The effectiveness of our approach is demonstrated by four active network services on commercial network nodes.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Deploying Distributed Traffic Capture Systems
1. Deploying Distributed Traffic Capture Systems™
Best Practices for Total Network Visibility
White Paper
The power of unrestricted visibility. See network traffic in any part or all of the largest distributed networks.
The flexibility of integrated visibility. See what you want, wherever you need to see it. In real time, at the
packet level.
Network visibility is the critical factor in heading off the increasing number of application performance issues, outages,
data breaches and attacks against large-scale distributed networks. It is vital to accommodating growth in numbers of
users and the implementation of Ethernet speeds to 100 Gigabits per second (Gbps) and beyond. It is essential to meet
the demands of government regulation. It is crucial to maximum efficiency and optimization.
This white paper explores best practices in designing and deploying a VSS Monitoring Distributed Traffic Capture
System. Distributed traffic capture provides total network visibility to your monitoring infrastructure. Total visibility is the
only way to achieve complete, proactive network control.
Why You Can’t See What’s On Your Network
Up to now complete visibility of large Ethernet networks has been infeasible due to the prohibitive cost of deploying
analytical devices at every point where network traffic needs to be captured. As a result, at present network traffic is
typically monitored locally, using switch SPAN ports and/or inline with network taps.
SPAN ports are ubiquitous but in many IT infrastructures there are not enough available for more than minimal monitoring
coverage. In addition, SPAN ports tend to drop packets at random when the switch is busy. They can potentially degrade
switch performance, especially in full duplex, and, depending on switch configuration and network traffic, drop CRC
errors as well as under- and oversized packets. They may attempt to correct bad packets or add packets from other
than the links being monitored. If spanning is done with multiple switches as in a large network, it demands complex
configuration and can consume additional network ports. In addition, depending on the switch, remote spanning does
not support monitoring of several packet types, including bridge protocol data unit packets as well as the Layer 2 packets
used in Cisco’s Discovery, VLAN Trunking and Dynamic Trunking protocols.
Inline network taps are a direct way to capture traffic without the limitations of SPAN ports but they can present problems
of their own. Taps have not had the range of port densities and intelligence–such as selective aggregation, traffic filtering,
load balancing and distributed management features–to make them more than a standalone solution. If multiple taps are
connected, administrators may need to manage each tap separately, and if one tap fails, the entire traffic capture system
may fail. High-speed 10 Gbps taps may not have the port density (low or high) required for a given deployment. And in
Gigabit copper networks, where a tap cannot be completely passive since both sides of a link transmit simultaneously,
a tap can cause network link failure on tap power loss and restore.
With no way to get a centralized view over a LAN down to Layer 2, SLAs for real-time applications such as video, VoIP,
financial transactions and other critical applications cannot be assured and enterprises cannot comply with regulations
requiring a true-and-complete copy of transactions and lawful intercepts. This situation is exacerbated by the need to
use existing Gigabit monitoring infrastructure for cost reasons even as 10 Gbps switches continue to be rolled out at the
core and access layers.
With distributed traffic capture, more than one view of the network can exist simultaneously. Administrators
can define a centralized monitoring view of all network traffic as well as additional segmented views of
network physical topology and/or traffic types. Multiple instances of these views may be established for
different monitoring groups, such as security and performance operations, call center managers, and specific
central or branch office administrators.
1
2. Virtual Traffic Capture
A Distributed Traffic Capture System comprises intelligent traffic capture devices deployed anywhere they need to be,
architected between network infrastructure and the analytical equipment as one virtual system. In this way traffic capture
closely meshes with the network’s topology. The Distributed Traffic Capture System collects a copy of traffic at any point
and sends it in real time to centralized monitoring tools.
Monitoring
Systems
VSS Distributed
Access Platform
Communications
Infrastructure
Because it functions as one system, distributed traffic capture offers network monitoring, for the first time, fault tolerance,
ultra low latency, infinite flexibility and full optimization. A Distributed Traffic Capture System not only adapts as rapidly
as conditions require but also delivers multiple views of the network simultaneously, so that each monitoring group can
see the view appropriate to its function.
2
3. How to Deploy Distributed The additional capabilities of vStack+’s redundant mesh
topology introduces a few choices that the traffic capture
Traffic Capture
architect will need to make. First is to specify the desired level
The best deployment of a Distributed Traffic Capture System of redundancy. Triple redundancy is adequate in all but the
is one designed to exploit its core capabilities: flexibility, most critical installations. Second is to design contingency
redundancy, monitoring optimization. plans should the traffic capture system default to slower speeds
and increased number of hops in the event that multiple high-
Flexibility speed links between traffic capture devices fail. One of the
A Distributed Traffic Capture System collapses the hierarchical most important elements in this is to set alerts to be generated
schema of traditional network monitoring architecture by by a change in link status, and to have these alerts sent to
virtualizing traffic capture. As a result more than one view of IT personnel, as well as, if desired, to third-party monitoring
the network can exist simultaneously. This allows administrators companies via multiple methods: pager, text message, and
to define a centralized monitoring view of all network traffic email.
as well as additional segmented views of network physical
topology and/or traffic types. Multiple instances of these Monitoring Optimization
views may be established for one or more monitoring groups, By providing real time granular control of the traffic capture
such as security and performance operations, call center process a Distributed Traffic Capture System can significantly
managers, specific central or branch office administrators, enhance the ROI of monitoring infrastructure and the people
etc. As conditions require, these parameters may be rapidly who administer it.
reconfigured.
The traffic capture architect should use the system’s data
Before implementing a traffic capture system, a network grooming capabilities–especially selective aggregation,
traffic capture architect should think about which views are filtering, and load balancing–to maximize the traffic reaching
the most important given the speeds, nature of traffic and its each analytical device, ensuring that each device is fully
location in the network’s core, distribution, access and/or subscribed to only its traffic of interest. Examples of these
gateway layers, the analytical equipment on hand and to be decisions include splitting voice and data signaling traffic to
implemented, the level of traffic-capture redundancy required, respective analyzers, sending the same traffic to analyzers in
and how the traffic capture and monitoring systems will be different regions, and using multiple 1-Gigabit analyzers to
managed–e.g., permission levels for management views of monitor a 10 Gbps stream.
device configurations and port assignments–and the personnel
available for monitoring.
Designing a Distributed
Redundancy
A Distributed Traffic Capture System’s mesh topology is fault-
Traffic Capture System
tolerant. VSS Monitoring’s vStack+™ technology auto discovers The design of a Distributed Traffic Capture System is oriented
link failures and re-routes the copied traffic automatically, to the requirements of the monitoring devices. Four types of
using the highest speed links and lowest number of hops. commonly used passive monitoring equipment are intrusion
This capability eliminates the pitfalls associated with similar detection systems, performance monitors, service assurance
topologies in network IP routing, such as convergence time tools and data recording devices. Each of these devices may
and route flap as well as the need to manage routing tables. need to see only certain slices of traffic, such as HTTP, voice,
video, signaling, or VLAN tagged packets, and from only
The redundant mesh topology also offers a number of selected network segments or the entire network.
advantages over traditional connectivity approaches for traffic
capture devices such as daisy chaining or stacking. Each of Design also varies by need. Key design criteria for traffic
these introduces a single point of failure (if one traffic capture capture are similar to those of an IP network. They include:
device fails the entire traffic capture system fails). In addition, availability, efficiency, lower latency, optimization, security,
their serial connectivity increases latency, requires that each stability and throughput. Each organization should decide its
traffic capture device be configured separately, as if it were own prioritization of these criteria depending on the services
standalone, and limits their management to a single campus. delivered and to whom they are delivered.
3