1 / 29

xBalancer

xBalancer. Intelligent Access and Monitoring Architecture Solutions. 10 Gigabit Monitoring Challenge. As network speeds increase to 10G and beyond, performance and security monitoring is more important than ever — but existing tools cannot keep up:

kineks
Download Presentation

xBalancer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. xBalancer Intelligent Access and MonitoringArchitecture Solutions

  2. 10 Gigabit Monitoring Challenge • As network speeds increase to 10G and beyond, performance and security monitoring is more important than ever — but existing tools cannot keep up: • Overall traffic (throughput) exceeds the performance of a single device • Devices can not meet the “connections per second” and “new connections per seconds” requirements • Addressing advanced security challenges such as APT, SQL injection, Session Hijacking etc requires more complicated content-aware policies that degrade the appliance performance

  3. Affected Solutions • Inline tools: • Intrusion Prevention Systems (IPS) • Web Application Firewalls (WAF) • Database firewall • Next Generation Firewalls • Content filtering • Out-of-band tools: • Traffic recorders • Intrusion Detection Systems (IDS) • VoIP and protocol analyzers • Application Performance Management (APM) • Database Activity Monitors (DAM) • Data Loss Prevention Systems (DLP) Appliance

  4. Solution Requirements • A monitoring infrastructure upgrade should: • Provide sufficient performance to meet current needs • Provide a path to support increasing traffic volumes • Increase network availability • Minimize capital expenditures (CAPEX) • Minimize operating expenditures (OPEX) • Training • New processes and procedures • Disruptions of operations

  5. Two Solutions To keep up with skyrocketing network speeds, Upgrade to faster tools –– OR -– Replicate existing tools and load balance traffic to them

  6. Two Solutions Compared

  7. The xBalancer Solution

  8. 240 Gbps Throughput • Director xStream Pro sustains up to 240 Gbps throughput Example: An 8-way (8 output) Load Balancer 80Gbps traffic sent into 8 10G ports, aggregated Load Balanced to 8 10G ports

  9. xBalancer Features and Benefits

  10. Load Balancing Capabilities • Flow-based, with flows identified by • 5-tuple: src/dst IP address & port, protocol • Or any combination of • Source, Destination IPv4 and IPv6 addresses • Source, Destination TCP/UDP ports • IP protocol • Source, Destination MAC addresses • VLAN • Ethertype • Single-direction or conversation • Up to 8 independent load balance groups • Up to 16 outputs per group

  11. High Availability (HA) Features

  12. Inline Application Example • Optional: Link is tapped with a bypass switch to protect against xBalancer power failure Firewall Switch Router IPS 1 IPS 2 IPS 3 IPS 4 IPS 5 IPS 6 Bypass Switch • Bi-directional inline traffic is balanced through six IPSs in this example; up to 11 IPSs possible as traffic volume grows • xBalancer monitors health of IPSs with Heartbeat packets • N+M redundancy and rebalancing on tool failure

  13. Out-of-Band Application Example • Balance the aggregated traffic to 5 forensic traffic recorders in this example; up to 16 recorders possible as traffic volume grows • Any ports can be used as the inputs, outputs, or both Switch Switch Switch Switch • Aggregate the traffic from 2 Tap outputs and 2 Span ports Recorder 5 Recorder 4 Recorder 3 Recorder 2 Recorder 1 Tap

  14. Tool Sharing Application Example Firewall Firewall Switch Switch • 2 links are tapped with bypass switches Router Router IPS 1 IPS 2 IPS 3 Bypass Switch Bypass Switch • The traffic from both links is balanced to three IPSs in this example; up to 10 IPSs possible as traffic volume grows • Suitable for sharing a single tool among multiple links • The traffic from each link stays separate

  15. Cut-Through Architecture Cut-Through for Low, Predictable Latency 1. Traditional store-and-forward architecture – packet completely received before transmit begins Packet 64 to 9600 bytes Packet Packet Traditional switch Latency: 2us (64B packet) to 12us (9600B packet) 2. Cut-through architecture – packet starts transmitting after 128 bytes are received Packet 64 to 128 bytes Packet Packet xBalancer Latency: 0.6us (64B packet) to 0.65us (9600B packet)

  16. Ultra-Low Latency Cut-Through Architecture Latency (microseconds 2 4 6 8 10 12 Conventional Store-and-Forward Cut-Through 64 1518 9600 Packet Size (bytes)

  17. Network Intelligence Built-in bandwidth utilization and traffic statistics reports provide visibility and immediate notifications about performance-related issues

  18. Competitive Analysis

  19. Part Numbers xBalancer XB-2400X xBalancer 24 SFP+ Ports XB-2400X-DC xBalancer 24 SFP+ Ports, -48VDC SFP+ Kits SFP+KT-SR 10G Fiber SR SFP+ Transceiver with cable SFP+KT-50SR 10G Fiber SR 50um SFP+Transceiver with cable SFP+KT-LR 10G Fiber LR SFP+Transceiver with cable SFP+KT-ER 10G Fiber ER SFP+Transceiver with cable SFP Kits SFPKT-SX GigaBit Fiber SX SFP with cable SFPKT-50SX GigaBit Fiber SX SFP with cable 50um SFPKT-LX GigaBit Fiber LX SFP withcable SFPKT-CU3 10/100/1000 Copper SFP with cable (operates at 1000 Mbps only in xBalancer )

  20. Summary What Makes Us Unique and Different

  21. Net Optics, Inc.www.netoptics.com408.737.7777 Thank You

  22. Backup Slides

  23. Pre-loaded Configurations, Two Examples • 1 group • Inline, load sharing • 8 independent links • 4 IPSs • 4 groups, each: • Out-of-band, aggregating • 2 inputs • 4 out-of-band tools

  24. Low Latency & Jitter – Alternative to Time Stamping 1. Timestamping – must be integrated with timing analysis tool Traditional Switch Timing Analysis Tool Packet Packet Packet TS TS TS 2. Low latency and jitter – no special integration needed because the timing analysis tool see true timing xBalancer Timing Analysis Tool Packet Packet Packet TS

  25. Hash Functions A hash function maps a large set of data values into a smaller set. For example, the infinitely large set of whole numbers can be mappedinto a single digit with this hash function: Value: 5289130 Hash: 5 + 2 + 8 + 9 + 1 + 3 + 0 = 28 (This is NOT xBalancer’s 2 + 8 = 10 hash function!) 1 + 0 = 1 Hashed value: 1 xBalancer hashes the 5-tuple (or selected header fields) into a set of 128 values or “buckets,” then assigns the buckets to output ports.

  26. Why 128 Buckets? Suppose I want to load balance to 3 outputs. Why not just hash to 3 buckets, assigning 1 bucket per port? 1 2 3 Buckets 1 2 3 Ports

  27. Why Not 3 Buckets Look what happens when a port fails: 1 2 3 Buckets X 1 2 3 Ports Bucket 1 moves to a port that hasn’t failed – But now port 2 is getting twice as much traffic as port 3, Very imbalanced!

  28. Why More Buckets Are Better Now suppose we had 6 buckets, allocated to per port: 1 3 5 1 2 4 6 Buckets 1 2 3 Ports

  29. Why More Buckets Are Better When a port fails, we can maintain an even distribution: 1 2 3 5 4 6 Buckets X 1 2 3 Ports So more buckets allow a finer granularity to control the distribution.

More Related