Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and Troubleshooting
-
Upload
wildpackets -
Category
Software
-
view
99 -
download
3
description
Transcript of Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and Troubleshooting
www.wildpackets.com © WildPackets, Inc.
Show us your tweets! Use today’s webinar hashtag:
#wp_highspeed with any questions, comments, or feedback.
Follow us @wildpackets
Jay Botelho Director of Product Management WildPackets [email protected] Follow me @jaybotelho
40G/100G Networks for Real-time and Post Capture Analysis
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Administration
• All callers are on mute ‒ If you have problems, please let us know via the Chat window
• There will be Q&A ‒ Feel free to type a question at any time
• Slides and recording will be available ‒ Notification within 48 hours via a follow-up email
2
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Agenda
• The State of High Speed Networks • Faster Networks Requires New Management
Approach • Network Analysis and Forensics for Any Network
3
www.wildpackets.com © WildPackets, Inc.
The State of High Speed Networks
4
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
10/40/100G Adoption
5
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-696667.html
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
40/100G Growth
6
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Higher Speed Deployments
7
Enterprise Management Associates, Oct 2013
177 Participants Company size: 33% - Large organizations 33% - Medium 33% - Small
Functional Breakdown 54% - Executive 46% - IT Staff
www.wildpackets.com © WildPackets, Inc.
Faster Networks Require New Approaches
8
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Challenges at High Speed
9
The State of Faster Networks, WildPackets, Oct 2013
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Short Comings of Current Solutions
TRAC Research, Inc
34%
40%
41%
51%
59%
Inability to collect packets at all networklocations
Lack of capabilities for analyzing / searchingrecorded network traffic
Inability to support 10Gb networks
Reliability of captured data
Number of dropped packets
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Choices and Comprises D
ata
Gra
nula
rity
Data Accuracy
SNMP
Flow-based
Packet-based
Log Files
www.wildpackets.com © WildPackets, Inc.
SNMP
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
SNMP
• Best used to identify and describe system configuration
• Monitor network-attached devices for high-level conditions ‒ Up/Down ‒ Total traffic (bytes, packets) ‒ Number of users
• Typically polling-based – heavy bandwidth impact • Typically 5 minute granularity • Trouble-shooting/root cause analysis not possible
www.wildpackets.com © WildPackets, Inc.
Log Files
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Log Files – Performance Monitoring and Network Troubleshooting
• The most popular choice per recent EMA survey: http://research.enterprisemanagement.com/network-management-megatrends2014-webinar.html
• Provide a very wide range of data and information ‒ Server health ‒ Network, application performance ‒ Security events
• Collection, management, analysis quickly improving • Strong indication of problems and their source, but
not the root cause or the extent
15
www.wildpackets.com © WildPackets, Inc.
Flow-based
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
"Go With the Flow"
• Flows, or flow records, are the default element used in centralized network monitoring
• A “flow” is a sequence of packets that has the following seven identical characteristics: ‒ Source IP address ‒ Destination IP address ‒ Source port ‒ Destination port ‒ Layer 3 protocol type ‒ TOS byte ‒ Input logical interface
• By implication, a flow is unidirectional
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Basic Flow Analysis • Packets enter the switch or
router • Packets sampled and flows
determined • Flow records compiled and
exported to flow collector • Flow records stored and
subsequently analyzed by flow analysis software
• The most common standards for flow records include:
- NetFlow - sFlow - IPFIX - JFlow
Source: Wikipedia
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Common Flow-based Technologies Netflow IPFIX sFlow Jflow
•Developed by Cisco
•Proprietary •Transit traffic & terminated traffic
•Detailed info for each flow
•NO payloads •Sampling option not 100% accurate
• Internet Protocol Flow Information eXchange
• IETF standard •Based on NetFlow
•Detailed info for each flow
•NO payloads
•RFC 3176 •Statistical time-based sampling
•Higher speed networks
•Less common than NetFlow
•NO payloads •Sampled – not always 100% accurate
•Developed by Juniper
•Proprietary •Similar to NetFlow
•Detailed info for each flow
•NO payloads •Sampled per global rate – not 100% accurate
Limited Troubleshooting/Root-cause Analysis
www.wildpackets.com © WildPackets, Inc.
Packet-based
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Packet-based
• Data generated by DPI systems • Analysis of every packet AND payload • Unrivaled info for each flow • Layer 2 - 7 • 100% accurate • Minimal network impact – 10’s of Kbps • Monitor AND troubleshoot
www.wildpackets.com © WildPackets, Inc.
Network Analysis and Forensics for Any Network
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
A Solution for Every Network
23
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
10G Network Data Capture
24
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
10/40/100G Network Data Capture
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Omni Distributed Analysis Platform Software and Turnkey Solutions
• Enterprise monitoring and reporting ‒ WatchPoint Server ‒ OmniFlow, NetFlow, and sFlow Collectors
• Network Analysis and Recorder Appliances ‒ Omnipliance CX, MX, TL ‒ Optional OmniStorage ‒ OmniAdapter analysis cards
• Distributed analysis software ‒ OmniPeek – Enterprise, Professional, Basic, Connect ‒ OmniPeek Remote Assistant ‒ OmniEngine Enterprise
• Portable solutions ‒ OmniPeek network analyzer ‒ Omnipliance Portable
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
WildPackets Network Analysis Recorder Appliances Price/Performance Solutions for Every Application
Portable Omnipliance CX Omnipliance MX Omnipliance TL
Ruggedized Troubleshooting
Less Demanding Networks Remote Offices
Datacenter Workhorse Easily Expandable
Enterprise, Highly-Utilized Networks
Aluminum chassis / 17” LCD 1U rack mountable chassis 3U rack mountable chassis 3U rack mountable chassis
24GB RAM 16GB RAM 32GB RAM 64GB RAM
2 PCI-E Slots 2 PCI-E Slots 4 PCI-E Slots 4 PCI-E Slots
2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports
6TB Storage 4/8/16TB Storage 16/32TB Storage 32/48/64TB Storage Optional OmniStorage: 32/48/64TB Up to 128TB total Storage
OmniAdapter 1G and 10G OmniAdapter 1G/10G MX OmniAdapter 1G/10G MX OmniAdapter 1G/10G/40G
6.5Gbps CTD 3.8Gbps CTD 8.8Gbps CTD 20Gbps CTD with OmniStorage
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Omnipliance TL Industry Leading Network Analysis and Recorder Appliance
• Sets a new standard in capture-to-disk speeds ‒ 25Gbps sustained capture to disk rate with zero packet drop
• Best price/performance Network Analysis Appliance in the market ‒ 25Gbps with only one Omnipliance TL + OmniStorage ‒ Consuming less rack space, less cooling, less electrical power
• Most flexible network interface offering ‒ 1G/10G/40G interfaces supported in a single unit eliminates
additional unit requirement
• Most accurate real-time analytics ‒ Packet-based processing and analysis vs. inaccurate sample-
based calculation
© WildPackets, Inc. #wp_highspeed WildPackets Omnipliance – Powerful, Precise, Affordable
Powerful
‒ Fastest network recorder in its class! Captures traffic up to 25Gbps of real-world traffic (all size packet distribution)
‒ Scales up to 128 TB of storage ‒ Provides simultaneous real-time analysis and a comprehensive Forensic
Search that rapidly searches through terabytes of captured traffic for the details relevant to an investigation
Precise ‒ Captures complete network traffic, so you can analyze everything, not just
samples or high-level statistics ‒ Doesn’t drop packets or sacrifice accuracy for speed ‒ Supports rich, detailed analysis, including VoIP and video-over-IP traffic
Affordable ‒ Delivers outstanding price/performance (lower price; half the rack space) ‒ Allows mix of 1G/10G/40G interfaces without buying extra appliances ‒ Solutions start at $16,995
Your network is bigger and faster. Now your analysis solution is, too.
www.wildpackets.com © WildPackets, Inc.
Thank You!
WildPackets, Inc. 1340 Treat Boulevard, Suite 500 Walnut Creek, CA 94597 (925) 937-3200