VSS - Game Changing Technology

(1)

VSS - Game Changing Technology

Dean Beaver

(2)

(3)

Danaher..The Best Kept Secret

(4)

What is a Network Packet Broker?

4

Network packet brokers solve the visibility challenge by easily scaling with your network

and delivering only the traffic you need to see.

“The use of network packet brokers (NPBs) allows better visibility into and longevity of tool investments

spanning network application monitoring (NPM), application performance monitoring (APM), security,

network forensics and other monitoring technologies that require packet data.”

Gartner (4/2012)

NPB’s : Fault-tolerant Design, 100% Uptime, Unparalleled Scale

More

Tools

Need

Access

Visibility

Scalability

Cyber

Security

Tool

(5)

Network Packets

Today

Evolution of NPB – Growing Need

5

NPB Improving Network Intelligence, Lower TCO, Better ROI

NPB Analyzer Tools Business Intelligence Network Packets

Future

Network Packets

3

optimized, focus on core Analyzer performance analytic functions Analyzer + NPB = Total Solution Shifting packet optimization functions toward NPB

2

1

Business Intelligence Business Intelligence

(6)

Optimize Tools

Reduce tool clutter

Capture

Groom and Filter

Better Visibility

Scalability

Fault Tolerence

Media Conversion

Better NW Access

Value of a Network Packet Broker

Network Infrastructure Service Provider Apps Database DC Core Enterprise Data Center Network Performance & Security Monitoring Applications DLP IPS APM VoIP Analyzer Data

Recorder Interception Lawful

(7)

VSS is a Different NPB Solution

Network Infrastructure Service Provider Apps Database DC Core Enterprise Data Center Network Packet Brokers Network Performance & Security Monitoring Applications DLP IPS APM VoIP Analyzer Data

Recorder Interception Lawful

What We Do

 NPB +, Any Packet to Anywhere in your network

What We Enable

 E2E visibility for converged networks. Big Data problem.

 Active/in-line monitoring and threat protection

 High availability, Self-Healing

Why We Win

 Unparalleled scalability, Virtual 4000+ port chassis

 Game changing technologies

 System approach vs. Silo

(8)

The NPB Opportunity

Growth across enterprise segments

Mobile Service Assurance VOIP/IPTV Monitoring Bandwidth Optimization (55%)* Application / Network Performance Mgmt Latency Monitoring VOIP Monitoring WAN Optimization (19%)* Lawful Interception Policy Control DDOS Prevention Data Compliance (5%)* Network Forensics Intrusion Prevention Web Security Malware Protection Data Compliance (21%)*

Service Provider

Enterprise

Network

Performance

Driven

Network

Security

Driven

~$360M

2012

2017

~$800M 22%+ CAGR

Total NPB

Core NPB NPB+ (virtualization, SDN, Direct to Storage) 8 * Indicates distribution of VSS 2013 YTD Revenue

(9)

Robust Partner Ecosystem

Internal Use Only | 9

Security / DPI

Service Provider Enterprise Security Enterprise A/NPM

Network Infrastructure Network Monitoring/ Security Applications Network Packet Brokers (NPBs)

(10)

VSS Monitoring = Technology Leadership

10

Customer

V

alue

BASIC INTERMEDIATE ADVANCED

Network Taps

Bypass

1

st Gen T

AP

Active, Inline Aggregation

L2-L7 Grooming

Time/Port Stamping

Protocol Stripping

Microburst Protection

De-Duplication

Di str ib uted T AP

Broadest Feature Set

Unparalleled Scalability

VSS Monitoring is the only NPB maker to use Port-based Hardware Acceleration, which lets

customers achieve higher performance rates for a wider range of use cases.

Tool Chaining

vSlice

vCapacity

GTP Load Balance

Fragment Reassembly

Dynamic DPI

vMesh

(Self-healing Fabric)

IMSI Balancing

Port HW Acceleration

Ne twork P acket B roker

vNetConnect

(Virtual)

vSpool

(Direct to Storage)

(11)

Traditionally, the audit trail is …

11

Spooled directly to hard drives on tools

DLP IPS APM NPM Forensics

(12)

Write to Disk – vSpool

™

12

Traditional Probe Deployment

vSpool Implementation

Multiple Probe Types Vendor Neutral

Proprietary Hardware Standard Infrastructure

Applications

 Stock exchange

 Data compliance & audit

 Network forensics

 Subscriber intelligence & data monetization

Solution

1. Spool network data (PCAP) directly to common

storage infrastructure

2. Centralize storage - Store once, analyze many

3. “Virtualize” monitoring tools.

4. Scale beyond on-board storage

Existing Storage Servers

DLP IPS APM NPM Forensics

(13)

Use Case 1: VSS Node to NAS

13

(14)

Security & Monitoring Infrastructure Today

14

Distributed Denial of Service Secure Web Gateway Advanced Persistent Threat NextGen Fire Wall Intrusion Prevention System

Security Event &

Incidental Management Forensics

Application Performance Monitor Network Behavior Analysis Data Loss Prevention Intrusion Detection System Lawful Intercept DATACENTER Apps Databases DC Core Branch A Branch B Customer

Security & Forensics Tools

compete for network access

• Unable to keep up with

network speeds

• Add unnecessary

complexity and risk

(15)

Optimize Tool Performance

 Speed/Media conversion

 L2-L7 traffic grooming

 Load balancing / Asymmetric Routing support

Security Service Assurance

 High availability for tools

 Fault tolerance for tools & networks

 Custom health-checks

 Thresholds, alerts & auto triggers

Defense-in Depth-Architecture

 Security-in-Series – Security Service Chaining

 Add defense layers on-demand

 Minimize network re-instrumentation

 Decrypt Once; Feed Many tools

16

NGIPS Filter & Flow Balancing Filter & Flow Balancing (Passive) Filter

Segment A Segment A Segment B Segment B Security Analytics Anti APT / ATA

…

SSL Clear Txt

Transparent

SSL Proxy

Network Packet Brokering (NPB) vProtector

With VSS - Simplified Design and Deployment for

(16)

Value Proposition:

 Optimize traffic delivery to any & all security monitoring tools

 Centralize monitoring tools

 Support multiple 1/10G tools in multiple 1/10/40G segments

 Full network visibility

 Unlimited scalability

 Self-healing data delivery fabric

 Maximize ROI from tool investments

vMesh™ – A Unique Fabric Approach to NPB

17

Distributed Denial of Service Secure Web Gateway Advanced Persistent Threat NextGen Fire Wall Intrusion Prevention System

Security Event &

Incidental Management Forensics

Application Performance Monitor Network Behavior Analysis Data Loss Prevention Intrusion Detection System Lawful Intercept

ACTIVE TOOLS PASSIVE TOOLS

(17)

Silo vs. System View of the Network

18

(18)

Silo vs. System View of the Network

19

(19)

vStack over IP Cloud-Ready Monitoring

VSS Solution

 Centralized tool farm

 Secure data encryption (AES)  Scalable to any number VSS

devices

 Time sync over NTP, GPS, PTP

 “Probeless monitoring” across domains/WAN

Challenges  Tools silos  Tools congestion

 Management overhead (Opex)  Visibility across network

domains

 Need to ensure SLA of cloud services 20 Datacenter A Corporate Client HQ Branch Site Datacenter B Monitoring Tools NOC WAN Cloud Services

(20)



Manage all VSS NPBs



Bulk software updates



Drag & drop



Topology & rule mgmt from single pane



Any location



Virtualize Traffic access



Vmware and Cisco

Benefits:



Simplified device mgmt / lower TCO



All VSS brokers supported & incorporated

in topology



Any packet anywhere, anytime

vMC™: Manage from Network-wide Perspective

22

(21)

Total Visibility with vNetConnect

23

Virtual Workloads



Agentless visibility into East-West traffic



Uses virtual server to connect traffic to

monitoring tools outside vEnvironment



Programs vMesh traffic grooming and

mapping for seamless SDM

(22)

VSS vMC Integration with VMware vCenter

(23)

Value Proposition:

 Write traffic once, read by many tools

 Centralized data collection capability

 Tool visibility into remote locations/traffic without remote tools

 High availability enterprise wide, Self-healing

 Maximize ROI from tool investments (1GB tool in 10GB NW)

 Inline/Passive interchangeability and line rate grooming

 Virtual traffic visibility without an instance or agent

 Virtual chassis with over 4000 ports and growing