Organizations of various types and sizes require network visibility from across their infrastructure as they serve internal and external users. In order to provide visibility, they must collect, process, and aggregate traffic from a number of network segments, while addressing space and power constraints and managing the migration from 1G to 10G or to 40G or 100G network infrastructure.
Network professionals today face increasing network speeds, dynamic environments and a proliferation of traffic and applications types, all while experiencing pressure to optimize the effectiveness of security and operational tools. Organizations need flexible, modular and powerful visibility systems that are capable of supporting traffic optimization at the high-speed edge. Such systems enable cost effective and scalable network packet monitoring for performance and security.
VSS Monitoring helps you maximize the insight and capabilities of your network intelligence infrastructure. Using the vBrokerâ˘ Series of network packet brokers, you can make better use of your enterprise performance monitoring and security tools, simplify operational complexity and realize a higher ROI from additional cost savings and service quality improvements.
VSS vBroker appliances solve a variety of network-related IT challenges in your network and data centers, including improving network visibility for monitoring and security tools, accelerating the time to diagnose performance problems, and improving your ability to detect and respond to security incidents. The vBroker appliance also eases the strain on CapEx and OpEx budgets as network size and speeds grow by both maximizing tool utilization and usable lifetime.
vBroker systems support the VSS vMesh™ architecture, giving you the flexibility and modularity to deploy just the appliances you need, with the ability to scale link-layer visibility and data access to a system-level architecture comprised of many participating devices and hundreds of ports in a single logical system. The business benefits include more flexible capital requirements, higher tool utilization and ROI and lower operating costs.
The VB220 is a 2U appliance that bridges the gap between Gigabit and 10G networks with eight built-in SFP+ ports. Each model also has four 4-port pluggable modules for up to an additional 16 ports. All twenty-four ports are active. Any port can be designated as an input port, an output port, or as an intermediate or a stacking port. The pluggable 4-port modules are available for either Inline or SPAN access. The modules with SFP+ ports are fully I/O configurable, while the fiber TAP-only module ports are fixed inputs only and are completely passive. A 4-port PowerSafeâ˘ fiber chassis module is available to provide the active bypass or tapping capability using the VSS PowerSafe technology with configurable fail-safe operation to ensure continuous traffic availability or blocking.
This device can be locally managed via a serial console and remotely managed via HTTP, HTTPS, SSH, Telnet, and SNMPv1-v3. A filter option enables users to select, at the packet level, what traffic is forwarded to the designated monitor ports.
Hardware-based, user-independent filtering allows traffic to be distinguished according to source and destination MAC/IP address as well as by specific protocols, such as HTTP, VoIP, and others. A customizable (user-defined) filter provides more granularity, specifically within the payload of a packet. Filters can be ingress, egress, and overlapping depending on use of port classes.
Session-based, flow-aware load balancing improves user control of traffic distribution to monitoring tools, increasing output capacity while maintaining session integrity. For example, a 10G network can be captured and automatically balanced across multiple Gigabit monitoring tools based on user-defined session criteria. Session-based, flow-aware load balancing can operate in tandem with hardware-based filtering or independently.
The Active Protection Suiteâ˘ and unified visibility from VSS Monitoring allow organizations to accelerate advances in cyber security posture, capabilities and responses. This approach employs network visibility for multiple active inline and out-of-band security systems tool-chained together creating a pervasive defense architecture against a broad range of attacks. Part of the Active Protection Suite is the vProtectorâ˘ mode, which provides an option for active inline bidirectional traffic access and PowerSafe chassis module(s) for fail-safe capability to ensure no interruption to the inline traffic availability. Should any inline security appliances fail, traffic can bypass them or be directed to another system.
Advanced chassis modules have additional hardware resources for a suite of features including time and port stamping, protocol stripping/de-encapsulation, vSlice conditional packet slicing, and real-time microburst measurement. Load balancing can be extended to inner layer 3 and 4 packets headers, in MPLS or GTP encapsulation.
The VB220 supports intelligent stacking technology, vStack+™, which enables traffic capture devices to be deployed in a redundant, low-latency mesh for total, dynamic, fault-tolerant visibility called vMeshâ˘. A vMesh system can include a mix of appliances such as VB220s and Optimizer 2400s.
The vBroker 220 provides automated event driven monitor output traffic direction and responses (Syslog messages, SNMP traps, light front LED, deactivate ports) with five user- definable trigger event types.
Redundant power supplies allow seamless transitions between power systems and ensure uptime. The vBroker 220 is also NEBS compliant with hot-swappable power supplies, fans, and air filters.
All VSS managed devices support field software updates for additional features and performance enhancements. The vBroker 220 also supports updating of the FPGA firmware in the field.
A Unified Visibility Plane and series of vBrokers deliver maximum performance, scale and flexibility across both distributed environments and hyper-scale data centers. Carriers, private clouds, and large enterprises now have solutions that can match and grow with their network needs.