VSS Monitoring helps you maximize the insight and capabilities of your network intelligence infrastructure. Using the VB420 network packet broker you can make better use of your monitoring and security tools, simplify operational complexity, and realize a higher ROI from additional cost savings and service quality improvements.
VB420 appliances solve a variety of network-related IT challenges in your network and data centers, including improving the link-layer visibility and data access of monitoring and security tools, accelerating the time to diagnose performance problems, and improving your ability to detect and respond to security incidents. The VB420 eases the strain on CapEx and OpEx budgets as network size and speeds grow.
The VB420 supports the VSS vMesh™ architecture giving you the flexibility and modularity to deploy just the appliances you need and when used in combination with other VSS network packet brokers, vMesh enables the ability to scale link-layer visibility and data access to a system-level architecture comprised of many participating devices and hundreds of ports in a single logical system. The business benefits include more flexible capital requirements, higher tool utilization and ROI, and lower operating costs.
The VB420 is a 2RU model that bridges the gap between 10G and 40G networks. It also provides all of the intelligent features available on a large scale. The VB420 provides a number of available chassis modules that support different features, port densities, and port speeds up to a maximum line rate throughput of 640 Gbps. All ports are enabled by default. Any port can be designated as an input port or an output port, or as an intermediate or a stacking port. Chassis modules are available with either SFP+ or QSFP+ ports, or with fixed media ports for active inline tapping or bypass. Active inline chassis modules provide the active bypass or tapping capability using the VSS PowerSafe™ technology with configurable fail-safe operation to ensure continuous traffic availability or blocking.
This device can be locally managed via a serial console and remotely managed via HTTP, HTTPS, SSH, Telnet, and SNMP v1-v3.
Hardware-based, user-independent filtering allows traffic to be distinguished according to source and destination MAC/IP address as well as by specific protocols, such as HTTP, VoIP, and others. A customizable (user-defined) filter offers more granular specification of a filter, specifically within the payload of a packet. Filters can be ingress, egress, and overlapping depending on use of port classes.
Session-based, flow-aware load balancing increases user control of traffic distribution to monitoring tools, increasing output capacity while maintaining session integrity. For example, a 40G network can be captured and automatically balanced across multiple gigabit or 10G monitoring tools based on user-defined session criteria. Session-based, flow-aware load balancing can operate in tandem with hardware-based filtering or independently.
The Active Protection Suite and unified visibility from VSS Monitoring allow organizations to accelerate advances in cyber security posture, capabilities and responses. It employs and provides network visibility for multiple active inline and out-of-band security systems tool-chained together creating a pervasive defense architecture against a broad range of attacks. Part of the Active Protection Suite is the vProtector mode, which comprises an option for active inline bidirectional traffic access and PowerSafe chassis module(s) for fail-safe capability to ensure no interruption to the inline traffic availability. Should any inline security applications fail, they may be bypassed or traffic can be sent to another system.
Advanced chassis modules have additional hardware resources for a suite of features including time & port stamping, protocol stripping/de-encapsulation, deduplication, packet slicing and microburst measurement. Options also extend load-balancing to inner layer 3 and 4 packets headers, in MPLS or GTP encapsulation.
The VB420 supports vMesh stacking through the use of the vStack+™ protocol which enables traffic capture devices to be deployed in a redundant, low-latency mesh for total, dynamic, fault-tolerant visibility. A vMesh system can include a mix of appliances such as VB220s and optimizer 2400s
The VSS network packet brokers also provide automated event-driven monitor output traffic direction and responses (Syslog messages, SNMP traps, light front LED, deactivate ports) with five user-definable trigger event types.
Redundant power supplies allow seamless transitions between power systems and ensure uptime, designed for NEBS compliance. The VB420 is available with hot-swappable power supplies, fans, and air filters. All VSS managed devices support field software updates for additional features and performance enhancements.
The Unified Visibility Plane and series of vBrokers deliver maximum performance, scale and flexibility across both distributed environments and hyper-scale data centers. Carriers, private clouds, and large enterprises now have solutions that can match and grow with their network densities and performance.