Key Benefits Ixia xstreamtm 40 Fail -safe Inline Security NPB Offers Aggregation, Filtering, and Load Balancing for 10GbE/40GbE Networks

Similar documents
Ixia xstream TM 10. Aggregation, Filtering, and Load Balancing for 1GbE/10GbE Networks. Aggregation and Filtering DATA SHEET

IXIA XSTREAM TM 40 DATA SHEET AGGREGATION, FILTERING, AND LOAD BALANCING FOR 10GBE/40GBE NETWORKS HIGHLIGHTS

Ixia xbalancer. A Purpose-Built Load Balancer for 10G Networks. The Load Balancing Solution DATA SHEET. Highlights

Ixia Net Optics ilink Agg xstream

VISION ONE: SECURITY WITHOUT SACRIFICE

IXIA IBYPASS HD DATA SHEET PROBLEM: INLINE TOOLS ARE A SINGLE POINT OF FAILURE IN THE NETWORK

Cubro Packetmaster EX12

VISION ONE: SECURITY WITHOUT SACRIFICE

ngenius 5100 Packet Flow Switch

ngenius 5010 Packet Flow Switch

Cubro Packetmaster EX48600

NETWORK VISIBILITY NETWORK PACKET BROKER COMPARISON TABLE KEY VISIBILITY ATTRIBUTES SYSTEM SPECIFICATIONS SYSTEM CAPACITY.

Cisco SCE 2020 Service Control Engine

SINGLEstream Link Aggregation Tap (SS-100)

Cisco Nexus Data Broker

NETWORK VISIBILITY NETWORK PACKET BROKER COMPARISON TABLE

FGS-2616X L2+ Managed GbE Fiber Switches

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

Cubro Packetmaster EX48600

Cubro Packetmaster EX32/32(+)

Datasheet. Managed Gigabit Fiber Switch. Model: ES-12F. Non-Blocking Throughput Switching. High Performance and Low Latency

DW- SW-PoE-24M. wwww.denwaip.com

Cisco SFS 7000D InfiniBand Server Switch

Anue Net Tool Optimizer 5273

Giga Lynx DATASHEET. DS-1029-F 1 of 5

Mobil Core Monitoring Session aware load balancing of GTPv1 and GTPv2 traffic to multiple probes

Ixia Net Optics ibypass 1Gb Fiber

FlowDirector x 1G/2.5G/10G SFP/SFP+ and 4x 40Gb QSFP+ Ports Network Fabric Visibility Appliance

Datasheet. 10G 16-Port Managed Aggregation Switch. Model: ES-16-XG. Non-Blocking Throughput Switching. Maximum Performance and Low Latency

Apex Orion DATASHEET. DS-1026-E 1 of 5

Apex Lynx DATASHEET. DS-1030-E 1 of 5

3299 Rack Mount. Product Highlights. Multifunctional BypassP 2 Segment. Switching Fabric

Smart Network Access System

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

JetNet 6528Gf. Features. Industrial 28G Full Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

JetNet 5428Gv2. Features. Industrial 24FE+4G Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

Datasheet. 10G 16-Port Managed Aggregation Switch. Model: US-16-XG. Non-Blocking Throughput Switching. Maximum Performance and Low Latency

PSGS-2610F L2+ Managed GbE PoE Switch

CUBRO. Cubro Packetmaster EX Functions. 20 x 40 Gbps 4 x 100 Gbps NPB

ASA5525-FPWR-K9 Datasheet. Overview. Check its price: Click Here. Quick Specs

New Product: Cisco Catalyst 2950 Series Fast Ethernet Desktop Switches

Cubro Sessionmaster EXA48600

Cubro Packetmaster EX2 Series

Datasheet. Managed Gigabit Switches with SFP. Models: ES-24-Lite, ES-48-Lite. Non-Blocking Throughput Switching Performance

Datasheet. 10G 16-Port Managed Aggregation Switch. Model: US-16-XG. Non-Blocking Throughput Switching. Maximum Performance and Low Latency

Cubro Packetmaster EX2 Series

Giga Orion DATASHEET. DS-1025-E 1 of 5

Industrial 48G+4x10G SFP+ Ports Gigabit Layer 3 Routing Server

GS-1626G Web Smart+ GbE Switch

Gigabit Managed Ethernet Switch

MediaKind G7 Series. High Performance Intel-based Video Processing

GS-2610G L2+ Managed GbE Switch

JetNet 6528Gf. Features. Industrial 28G Full Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

Cubro Sessionmaster EXA40 series

2804 Hybrid Packet Broker

Industrial Gigabit Managed Switches

IgniteNet FusionSwitch Fiber L2 Gigabit Ethernet Access / Aggregation Switch with 4 10G Uplinks

ngenius 2200 Series Packet Flow Switch

Arista 7170 series: Q&A

Cisco Series Gigabit Ethernet Half-Height Line Card

GigaVUE-2404 // Data Sheet

Datasheet. Managed PoE+ Gigabit Switches with SFP. Tel: (0) Fax: +44 (0)

TEX-100. Ethernet Extender User Manual

GPON Gigabit Passive Optical Network

ngenius 6002 Packet Flow Switch

Features. Industrial 28G L3 Full Gigabit Managed Ethernet Switch JetNet 6828Gf INDUSTRIAL ETHERNET RACKMOUNT SWITCH

Cisco Nexus 9500 R-Series

Cisco 2-, 5-, 8-, and 10-Port Gigabit Ethernet Shared Port Adapters, Version 2

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

Cisco SFE Port 10/100 Ethernet Switch Cisco Small Business Managed Switches

IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots

ES Port Managed Gigabit Switch with 4 SFP ports

ISCOM2948GF-4C Intelligent Ethernet Service Aggregation

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

FlowDirector x 1G//10G SFP/SFP+ Ports Network Fabric Visibility Appliance

Cisco Small Business Managed Switches

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

TAP Aggregation-Network Visibility and Security

ngenius 4200 Series Packet Flow Switch

Cisco DCM Series D9901 Digital Content Manager IP Video Gateway

4 PWR XL: Catalyst 3524 PWR XL Stackable 10/100 Ethernet

Cubro Packetmaster EX32100

Industrial Layer 2+ Gigabit Managed Switch

SUN BLADE 6000 VIRTUALIZED 40 GbE NETWORK EXPRESS MODULE

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

Ref: C8-1G. The 8-Link Gigabit Copper TAP is a high density solution, providing 8 TAP links in a 1U rack space

VX-1000MDx. Features. 24 Port ADSL2+ IP DSLAM. Multi- Level Protection Circuit. Multi-ADSL Speed Features. Sleek, Compact Solution.

Network Service Appliances

The Smart Route To Visibility. GigaVUE H Series. High-density, High-scale Traffic Visibility Fabric Nodes

VB120 Modular 1G/10G Packet Flow Switch

CONNECTRIX MDS-9132T, MDS-9396S AND MDS-9148S SWITCHES

H3C S5120-SI SERIES GIGABIT ETHERNET SWITCHES

24 Gigabit Fiber Copper PoE and Stacking Switch Series. Network Transmission Products 24 Gigabit Fiber Copper PoE and Stacking Switch Series.

Cisco SRW208 8-Port 10/100 Ethernet Switch: WebView Cisco Small Business Managed Switches

Cisco TelePresence Conductor

Ixia Net Optics Flex Tap TM

Save installation time and money with PoE.

Best Connectivity. 5-Port 10/100Mbps Desktop Switch with 4-Port PoE

ngenius 6002 Packet Flow Switch

Transcription:

Ixia xstream TM 40 Fail-safe Inline Security NPB Offers Aggregation, Filtering, and Load Balancing for 10GbE/40GbE Networks The Ixia xstream 40 is a network packet broker purpose-built for fail-safe inline security tools deployment and out-of-band network traffic monitoring for high-speed networks. The need to monitor and inspect all traffic on highvolume 10GbE and 40GbE networks puts pressure on organizations to invest heavily in new 10GbE and 40GbE tools, or risk oversubscribing their current tools. xstream 40 offers a comprehensive set of High Availability (HA) features that are critical for fail-safe inline security tools deployment. Smart load balancing enables deployment of multiple tools in parallel to increase the overall throughput thus removing bottlenecks typically seen on a single security device. It also supports tools such as SSL decryptor, IPSs, Firewalls, Web accelerators in serial for service-chaining; making it possible to support many different deployment scenarios seen in various enterprise networks such as banks, retailors, government and health organizations. The xstream 40 also features Ixia s unique Double Your Ports feature (simplex connections), which provides industry-leading port density in a compact form factor. Moreover, each of the four 40G ports can be configured as 4 independent 10G ports, allowing a maximum of 64 10G ports. Furthermore, you can even combine 4 independent 10G ports into a single 40G, using the same MTP to LC fan-out cable, effectively yielding a maximum of 16 40G ports in the chassis. Aggregation and Filtering Key Benefits xstream 40 provides one-to-one, many-to-one, one-to-many, and many-to-many mappings of network links to monitor ports. Traffic from any set of network links and Span ports can be aggregated into a single stream and copied to any monitor port. xstream 40 is also a smart filtering appliance that directs traffic of interest to monitoring tools. Using the TapFlow filtering technology, each tool gets only the traffic it needs for its particular purpose, resulting in higher scalability and better security. The TapFlow hardware filtering engine processes traffic at full 40/10Gbps line speeds while filtering the traffic by protocol, IP address, TCP/UDP port, VLAN, and more. Comprehensive High Availability (HA) features to support fail-safe inline security tools deployment Inline security tools can be deployed in serial (servicechaining) or in parallel (load balancing), or both to increase the throughput yet maintain maximum flexibility Tool-sharing reduces costs by allowing multiple departments in an organization to utilize the same monitoring tool to monitor multiple links throughout the organization Filtering increases efficiency and maximizes tool utilization by sending each tool only the traffic it needs Tool load balancing protects the investment in existing monitoring tools by splitting the load from 40GbE and 10GbE links to 1GbE and 10GbE tools Relieves oversubscribed tools through load balancing and packet slicing Double Your Ports feature doubles port density Document No.: 915-6800-01 Rev G November 2015 - Page 1

Load Balancing Solution The xstream 40 is a purpose-built appliance for distributing a traffic load to multiple tools. SFP+/QSFP+ ports and integrated multi-speed flow distribution engine make xstream 40 ideal for distributing and load-balancing traffic from 10GbE and 40GbE links to multiple 1GbE and 10GbE tools. It can also aggregate traffic from multiple 1GbE and 10GbE links and distribute it to 1GbE, 10GbE, or 40GbE tools. With the addition of a monitoring load balancer, these multiple 1GbE, 10GbE, or 40GbE tools can share the load to process increasing volumes of traffic more cost effectively than investing in new 40GbE or 10GbE tools. Not only is the CAPEX itself lower, but major savings also accrue through avoiding the disruption and learning curve of integrating complex new tools into the environment. High Availability Highly reliable and foolproof HA feature supports Active-Active and Active-Standby modes with both auto sync and manual sycn options to maintain configuration and state synchronization between the Primary and Secondary xstream 40 units. The HA link between the primary and secondary units can also be protected with a second link connected via a pair of spare ports. Load Balancing Group (LBG) supports spare ports with N:M tool redundancy where N active ports are protected by M warm standby tools. When tools are deployed in inline serial (service chaining), tools in the front can be safely bypassed when they fail so tools in rear can continue inspecting the traffic. Coupled with HA features in the ibypass series, complex use cases can be implemented with extreme high availability Timestamping xstream 40 supports timestamping of packets on the fly at line rate with nanosecond accuracy in support of highspeed, low-latency trading environments. Using the PTPv2 (IEEE 1588) protocol, xstream 40 guarantees that the timestamping will remain accurate. The timestamp can be appended to packets on the fly with or without recalculation of the CRC. Document No.: 915-6800-01 Rev G November 2015 - Page 2

Deployment Scenario: Inline Load Balancing with a Hot Standby Key Features HA Features: Fail-safe inline security tool deployment in serial (service chaining) or in parallel (load balancing) or both In-band or out-of-band HeartBeats (HB) packets for tool health checking. HB packets are also customizable Link Failure Detection (LFD) maintains synchronized link status on both sides of a tool or network Smart re-balancing to cause least disruption on exiting traffic and tools Session aware load balancing with symmetric and asymmetric hash algorithms HA supports active-active, or active-standby modes. Auto sync or manual sync of configuration and operation status. Highly reliable synchronization engine with spare ports for protection. Spare ports with loopback capability to support inline fail-safe security tools deployment General Aggregation of input traffic from multiple links Any-to-any, many-to-many port mapping Purpose-built tool for both inline and out-of-band load balancing Supports tool-sharing, in which multiple independent links share a pool of monitoring devices TapFlow multi-layer filtering engine for layer 2-4 filtering Timestamping with nanosecond accuracy Document No.: 915-6800-01 Rev G November 2015 - Page 3

VLAN tag management (ingress tagging and egress stripping) RMON statistics (packet count, utilization, etc.) All counters can be exported as CSV files Any port can be used for monitor or network Up to 64 10 Gigabit SFP+ to 4 QSFP+ 40GbE connections Advanced SNMPv3 integrates with all major NMS and Indigo Pro Graphical Drag and Draw Filters MPLS label filtering Port rate limiting Link-state awareness Packet slicing Dual redundant hot-swappable AC or DC power supplies Role-based access control management Double Your Ports feature doubles port density Support ftp, sftp and scp for file and configuration transfer Automatic recovery of applications and processes when they cease to operate properly Pay-as-you-go licensing: 8-port and 12-port license bundles (QSFP = 4 ports); functional license tiers for aggregation, filtering, and load balancing. Specifications Performance Hardware Throughput Architecture Speeds Latency Load Balancing High Availability 1.28Tbps; no packets dropped as long as monitor traffic does not exceed monitor port bandwidth Cut-Through 1G, 10G, 40G Ultra-low latency of 350 nanoseconds, any packet size, any-port to any-port, any amount of regeneration and filtering (excluding aggregation head-of-line blocking delays) Flow coherent, hash-based, 5-tuple (SIP, DIP, SPORT, DPORT, protocol), 2-tuple (SIP+DIP) for GTP and other protocols, or other combinations of L2-L4 header fields including SMAC, DMAC, ethertype, and VLAN; out-of-band, inline, tool sharing; 40G-to- 10G and 10G-to-1G distribution; link-state awareness; Heartbeat monitoring of inline tool health; 1 to 20 independent load balance groups with up to 20 load-balanced outputs per group. Mixed speed/throughput load balancing. Two xstream devices can be connected together via network ports to form a high availability solution. Configuration and state are constantly synchronized between them. HA link itself can be protected via a second link connected via a pair of spare ports. Timestamping Timestamping with nanosecond accuracy and support for PTPv2 (IEEE 1588) Port Mapping Aggregation, any number of ports; regeneration, any number of ports; any-to-any, any-tomany, many-to-any, and many-to-many; any port can be used as an input, an output, or both simultaneously Document No.: 915-6800-01 Rev G November 2015 - Page 4

TapFlow IP Options Network Intelligence Packet Slicing TACACS+/RADIUS Device Management Filter by IP source address, IP destination address, MAC source address, MAC destination address, source port, destination port, protocol, network port or port group, VLAN MPLS Label, User Defined Current utilization, total packets, total bytes, CRC errors. More than 100 detailed traffic statistics and counters including RMON, All counters can be exported as CSV files Truncate packet on the fly to increase scalability Server allows authentication of users from external AAA servers using either RADIUS or TACACS+ protocols Web UI, Serial console, SSH, (CLI), FTP/SFTP/SCP file transfers, SNMPv3, SNMPv2, SNMPv1, Remote software upgrades, back-up and restore configuration, Role-based access control management, NETCONF Chassis Environment Operating Temperature: 0 C to 40 C Storage Temperature: -10 C to 70 C Relative Humidity: 10% min, 95% max, non-condensing Mechanical Dimensions: 1.72 high x 16.5 deep x 17.7 wide Mounting: Surface or 19 rack mount (1U) Weight: 15.0 lbs Connectors Ports: (48) SFP+, (4) QSFP ports, (64) SFP+ with a splitter cable Management Port: (1) RJ45 10/100/1000 Copper Configuration (CLI) Port: (1) Cisco DB9 to RJ45 DC Receptacle: Terminal peak, 12-14 gauge wire Hot-Swappable Modules Power: (2) AC universal or (2) -48VDC, redundant Fans: (5) hot-swappable modules (4+1 configuration) Electrical Interface AC Input: 100-240VAC, 5.29-2.2A, 50/60Hz DC Input: -40VDC nominal -40 to -72VDC, 13.9A Indicators (All ports) Link LEDs (All ports) Activity LEDs (2) Power LEDs Document No.: 915-6800-01 Rev G November 2015 - Page 5

Certifications Safety EMC Environmental Protocol Security MET, CE FCC, VCCI, C-Tick, KC, ME06, CCC, AR RoHS, WEEE Fully IEEE 802.3 compliant STIG and PCI security profiles, management port firewall, audit logging, HTTPS, import SSL certificate, AAA services with TACACS+/RADIUS Ordering Information Hardware (must be ordered together with a software license below) Catalog Part Number Part Number Description XT-40-BASE-AC 957-0628 xstream 40, AC power supplies XT-40-BASE-DC 957-0625 xstream 40, DC power supplies Software Catalog Part Number Part Number Description XT-40-AGG 957-0602 xstream 40 Aggregation XT-40-DIR 957-0601 xstream 40 Filtering XT-40-LB 957-0600 xstream 40 Load Balancing Document No.: 915-6800-01 Rev G November 2015 - Page 6

Software Upgrades Catalog Part Number Part Number Description XT-40-UAD 957-0622 xstream 40, upgrade Aggregation to Filtering XT-40-UAL 957-0624 xstream 40, upgrade Aggregation to Load Balancing XT-40-UDL 957-0623 xstream 40, upgrade Filtering to Load Balancing Document No.: 915-6800-01 Rev G November 2015 - Page 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback