Distributed traffic capture is the foundation of network monitoring. It gives analytical equipment the ability to see into the farthest reaches of even the largest networks.
Up to now, total visibility of Ethernet networks has been infeasible due to the cost of deploying analytical devices throughout the network. Distributed traffic capture represents a new approach to network monitoring that delivers complete, selectable, and centralized visibility.
A Distributed Traffic Capture System™ is architected as a layer between network infrastructure and the analytical equipment. Comprising a few to hundreds of traffic capture devices, the system collects a copy of traffic either via inline TAPs or from switch SPAN ports at capture points anywhere on the network. It then grooms the traffic and distributes it to centralized analytical and monitoring devices. The grooming operations include selective aggregation, highly Hardware-Based Filtering on Layers 2 to 7 depending on the types of analytical devices to which the traffic is going, and Session-aware Load Balancing to ensure that the monitoring equipment is not oversubscribed. These operations occur in real time and solely in hardware.
The key to the traffic capture system's scalability is secure, distributed management of all the traffic capture devices, from one location, via a graphical user interface which allows the user to create filter settings and manage device parameters intuitively.
Effective monitoring is being able to scale a growing number of analytics systems across a growing number of capture points. The emergence of today's traffic capture devices, with onboard intelligence for complex traffic grooming, allows their deployment as a system for total monitoring and security coverage, while at the same time reducing deployment costs and achieving a higher ROI for the analytics and monitoring tools of choice.
Total, Central Visibility
Greater Monitoring Tool ROI
Lower Repair Time and Management Costs