VB420 – 640G Modular 40G/10G Network Packet Broker

Hardware-accelerated packet optimization for performance monitoring and security systems on 40G networks

The Solution

VSS Monitoring helps you maximize the insight and capabilities of your network intelligence infrastructure. Using the VB420 network packet broker you can make better use of your monitoring and security tools, simplify operational complexity, and realize a higher ROI from additional cost savings and service quality improvements.

VB420 appliances solve a variety of network-related IT challenges in your network and data centers, including improving the link-layer visibility and data access of monitoring and security tools, accelerating the time to diagnose performance problems, and improving your ability to detect and respond to security incidents. The VB420 eases the strain on CapEx and OpEx budgets as network size and speeds grow.

The VB420 supports the VSS vMesh™ architecture giving you the flexibility and modularity to deploy just the appliances you need and when used in combination with other VSS network packet brokers, vMesh enables the ability to scale link-layer visibility and data access to a system-level architecture comprised of many participating devices and hundreds of ports in a single logical system. The business benefits include more flexible capital requirements, higher tool utilization and ROI, and lower operating costs.

The VB420 is a 2RU model that bridges the gap between 10G and 40G networks. It also provides all of the intelligent features available on a large scale. The VB420 provides a number of available chassis modules that support different features, port densities, and port speeds up to a maximum line rate throughput of 640 Gbps. All ports are enabled by default. Any port can be designated as an input port or an output port, or as an intermediate or a stacking port. Chassis modules are available with either SFP+ or QSFP+ ports, or with fixed media ports for active inline tapping or bypass. Active inline chassis modules provide the active bypass or tapping capability using the VSS PowerSafe™ technology with configurable fail-safe operation to ensure continuous traffic availability or blocking.

This device can be locally managed via a serial console and remotely managed via HTTP, HTTPS, SSH, Telnet, and SNMP v1-v3.

Hardware-based, user-independent filtering allows traffic to be distinguished according to source and destination MAC/IP address as well as by specific protocols, such as HTTP, VoIP, and others. A customizable (user-defined) filter offers more granular specification of a filter, specifically within the payload of a packet. Filters can be ingress, egress, and overlapping depending on use of port classes.

vbroker 400 diagram

Session-based, flow-aware load balancing increases user control of traffic distribution to monitoring tools, increasing output capacity while maintaining session integrity. For example, a 40G network can be captured and automatically balanced across multiple gigabit or 10G monitoring tools based on user-defined session criteria. Session-based, flow-aware load balancing can operate in tandem with hardware-based filtering or independently.

The Active Protection Suite and unified visibility from VSS Monitoring allow organizations to accelerate advances in cyber security posture, capabilities and responses. It employs and provides network visibility for multiple active inline and out-of-band security systems tool-chained together creating a pervasive defense architecture against a broad range of attacks. Part of the Active Protection Suite is the vProtector mode, which comprises an option for active inline bidirectional traffic access and PowerSafe chassis module(s) for fail-safe capability to ensure no interruption to the inline traffic availability. Should any inline security applications fail, they may be bypassed or traffic can be sent to another system.

Advanced chassis modules have additional hardware resources for a suite of features including time & port stamping, protocol stripping/de-encapsulation, deduplication, packet slicing and microburst measurement. Options also extend load-balancing to inner layer 3 and 4 packets headers, in MPLS or GTP encapsulation.

The VB420 supports vMesh stacking through the use of the vStack+™ protocol which enables traffic capture devices to be deployed in a redundant, low-latency mesh for total, dynamic, fault-tolerant visibility. A vMesh system can include a mix of appliances such as VB220s and optimizer 2400s

The VSS network packet brokers also provide automated event-driven monitor output traffic direction and responses (Syslog messages, SNMP traps, light front LED, deactivate ports) with five user-definable trigger event types.

Redundant power supplies allow seamless transitions between power systems and ensure uptime, designed for NEBS compliance. The VB420 is available with hot-swappable power supplies, fans, and air filters. All VSS managed devices support field software updates for additional features and performance enhancements.

The Unified Visibility Plane and series of vBrokers deliver maximum performance, scale and flexibility across both distributed environments and hyper-scale data centers. Carriers, private clouds, and large enterprises now have solutions that can match and grow with their network densities and performance.

To learn more about the VB420 and vBroker Series:

Specification Overview

  • Supports 40G, 10G, and 1G access at full line rates
  • Filtering: hardware-based, user-independent on OSI layers 2-7 (includes custom offset, ingress and egress, and overlapping filters)
  • Session-based/flow-aware load balancing (includes Inner Layer 3 and Layer 4 MPLS and GTP Load Balancing)
  • vStack+™ Network Intelligence Optimization System building (stacking) over LANs and WANs
  • vProtector™ mode for active inline bidirectional traffic access and PowerSafe modules with bypass capability for fail-safe operation
  • Selective Aggregation (any-to-any port mapping)
  • Ports configurable (I/O) for network access or monitor output
  • Local, remote management: API, CLI, and GUI (HTTP/HTTPS, Telnet/SSH, SNMPv1-3)
  • AAA security (RADIUS, TACACS+)
  • Multi-user access with defined privileges, unique screen views, and management accessibility restrictions
  • Policy-based event triggering and actions
  • VLAN tagging
  • Port and Time Stamping (NTP, GPS, 1PPS, PTP sync)
  • Conditional packet slicing / trimming by packet type (vSlice™)
  • Protocol (GTP header, MPLS label, VN tag, and VLAN tag) stripping / de-encapsulation
  • Duplicate Packet Removal (Deduplication)
  • High Data Burst Buffering
  • IP Fragment Reassembly (Defrag)
  • Dual, redundant, universal power supplies (AC and DC hot-swappable options)
  • NEBS Level 3 certified


  • Gain link-layer visibility and data access across entire network
  • Centralize tools while increasing their reach
  • Flexibly forward traffic to passive and active inline tools
  • Boost monitoring and security tool efficiency
  • Reduce both CapEx/OpEx through longer tool lifecycles
  • Support network upgrades by load balancing existing tools
  • Quickly provision new tools by eliminating SPAN port contention
  • Centrally, remotely, and/or locally manage network visibility and access
  • Higher port density with flexibility in speed and media.

Specification Table

Model Product Brief Datasheet Per Chassis Ports Per Chassis Module
Chassis/Blades Ports Network Bypass
Maximum Throughput Speeds Media Custom Tool Health Checks 1G 10G 40G 100G HW Optimized Features
VB420 4 64 32 640 Gbps 1-40 Gbps SFP+, QSFP+, MPO/LC N 16 16 4 n/a Y