WHITE PAPER Monitoring Converged Networks: Link Aggregation www.ixiacom.com 915-6896-01 Rev. A, July 2014
2
Table of Contents Benefits... 4 Introduction... 4 The Net Optics Solution... 4 Easy-to-Use... 5 Key Capablities... 5 About Net Optics... 6 3
Benefits Provides the ability to monitor four network links and copy all data to four monitor ports Reduces operational costs by improving monitoring tool efficiency Enables enhancement of security and network operations Increases responsiveness by providing easy access from a consolidated, single 1U-high device Affords greater access to multiple points within a mesh environment Copper and Fiber (SFP) monitoring port flexibility Use either copper or fiber monitoring tools 100% full-duplex visibility without data interference Passive, stealth operation The Challenge: A properly architected environment must include the ability to consolidate necessary monitoring and security tools and forensic analysis tools for today s network concerns with the assurance of future flexibility. Introduction Monitoring a Converged Network to fully deliver on the promise of a secure and reliable network, many organizations are turning to monitoring tool aggregation devices. It proves to be a powerful solution that offers tremendous return on investment for consolidating the usability of monitoring tools within networks. Link Aggregation or Link Aggregators combine multiple in-line full duplex data streams into one single stream that is copied to multiple monitoring ports. The connected monitoring tools receive the entire full duplex conversation enabling 100% visibility across important links in the architecture. In addition to reducing costs, improving productivity levels and increasing IT responsiveness, Link Aggregators provide an even greater opportunity to decrease overall network complexity and the demands that IT professionals now face with understanding what is on their networks. The challenge lies in centrally combining the ability to collect data from multiple access points as well as maintaining a diverse mix of monitoring, security, and forensic tools. A properly architected environment must include the ability to consolidate necessary monitoring and security tools and forensic analysis tools for today s network concerns with the assurance of future flexibility. The accessibility and visibility of diverse monitoring tools can no longer be separate or independent silos. Link Aggregators will also need to provide an ample mix of link network ports and monitoring ports to handle a variety of network protocols and associated monitoring tools. A new Link Aggregator is required one that combines access, security, and visibility of the network infrastructure while reducing network costs, increasing overall productivity levels, and eliminating emerging security issues. The Net Optics Solution Net Optics offers a new family of Link Aggregators to address the challenges of converged network monitoring. These passive in-line Aggregators provide the ability to monitor four network links and copy all of the data to four monitor ports. The option to use small-form factor pluggables (SFPs) creates the opportunity to leverage Gigabit fiber and copper monitoring tools in any location throughout the network. This produces a new level of 4
visibility for monitoring network performance and security threats, while providing the ability to see and capture 100% of network data from one to four network links or up to eight Span ports depending on the model purchased. IT professionals can now pro-actively ensure all parts of a data conversation are captured and maintained for future use and analysis by concurrently monitoring multiple links. The four monitoring ports also allow different functional groups to attach the monitoring tools they need to the network at the same time. For example, a network administrator, a security manager, and a voice team representative can all access the same data in tandem. This unprecedented consolidation of security, access and visibility gives network managers ready-access to the vital tools they need to efficiently deliver on the promises of a converged network. Easy-to-Use The Link Aggregators are easy to configure and do not require special certification for installation. Once in place, it is not necessary to shut down the network to install essential monitoring tools. Each monitoring tool will see the data as if they were installed in-line on the links, and because the Link Aggregator is passive, data will continue to flow even if there is a problem with an attached monitoring tool. Key Capablities Net Optics provides Link Aggregators that are designed to address unique requirements including: Fail-open or Fail-over If power to the Link Aggregator is interrupted, the fail-open or fail-over feature stops sending data to the monitor ports while data continues to flow through the network. This is a reliable passive in-line device that consolidates monitoring requirements into a single 1U-high device and does not introduce a point of failure on a link. The Solution: A Link Aggregator that provides copper and fiber network connectivity and the flexibility needed by multiple IT groups to access traffic of interest. IDS RMON Analyzer Forensics 5
Zero Delay If power is lost to other 10/100 Taps, the connected devices may introduce delays as they detect the power loss and try to re-establish their link. Net Optics engineering breakthrough, Zero Delay, ensures that any loss of power to the Tap is transparent to the network, and does not affect the flow of traffic through the Tap eliminating packet delay and loss of productivity SFP Monitor Ports The SFP Monitor Ports allow the Link Aggregator to be field reconfigured for increased flexibility. The mix of network ports to monitoring ports provides connectivity to network links for monitoring devices with dissimilar interface cards. The SFP monitor port interfaces give the option of utilizing existing equipment, regardless of its NIC type. This increased flexibility provides the option for using Gigabit copper, fiber transceivers (SX and LX), or a combination of both to be deployed in any of the four monitoring ports. Flexibility and Reliability Four network ports deliver flexibility when monitoring redundant topologies. There are enough ports to attach to each of the major connections between switches or routers in mesh environments or between redundant links. Gaining access to multiple points provides a better opportunity to capture everything during a full-duplex conversation, especially in mesh topologies. Layer 1 and 2 errors are forwarded to monitoring tools for comprehensive performance and security analysis. For additional reliability, the Link Aggregator features dual power supplies. Power LEDs on the front of the panel also indicate current power supply connections. In the event of a failure, network traffic is not affected as passive fail-over technology ensures network device-to-device connectivity. About Net Optics Net Optics is the leader in innovative passive in-line devices for network security, traffic analysis, and IT monitoring solutions. Our products are used to access and monitor networks by enterprises, service providers, and government organizations globally. Leading vendors of protocol analyzers, RMON probes and IPS appliances have chosen Net Optics products to sit in the networks of their customers from T1 Wan to 10 Gigabit links 6
7
WHITE PAPER Ixia Worldwide Headquarters 26601 Agoura Rd. Calabasas, CA 91302 (Toll Free North America) 1.877.367.4942 (Outside North America) +1.818.871.1800 (Fax) 818.871.1805 www.ixiacom.com Ixia European Headquarters Ixia Technologies Europe Ltd Clarion House, Norreys Drive Maidenhead SL6 4FL United Kingdom Sales +44 1628 408750 (Fax) +44 1628 639916 Ixia Asia Pacific Headquarters 21 Serangoon North Avenue 5 #04-01 Singapore 554864 Sales +65.6332.0125 Fax +65.6332.0127 915-6896-01 Rev. A, July 2014