Cubro FlowVista Series

Similar documents
Cubro Packetmaster EX48600

Cubro Sessionmaster EXA48600

Cubro Packetmaster EX48600

Cubro Network Security Series

Cubro Sessionmaster EXA40 series

Cubro Packetmaster EX32/32(+)

CUBRO. Cubro Packetmaster EX Functions. 20 x 40 Gbps 4 x 100 Gbps NPB

Cubro Packetmaster EX12

Cubro Packetmaster EX32100

Cubro Sessionmaster EXA32100

Cubro Packetmaster EX2 Series

Cubro Packetmaster EX2 Series

GTP Load Balancing. How to do GTP Load Balancing with Cubro Products. 27 Sep

Mobil Core Monitoring Session aware load balancing of GTPv1 and GTPv2 traffic to multiple probes

User Plane Monitoring for a Mobile Network Operator (MNO)

Packetmaster EX2 - A desktop NPB

Cubro 10/100/1000 Copper TAP

SINGLEstream Link Aggregation Tap (SS-100)

GV-PoE Switch Comparison Table (Full Version)

Cubro 10/100/1000 Copper TAP

RGS-7168GCP / RGS-7168GCP-E

ProCurve Switch 1400 Series

Cisco SCE 2020 Service Control Engine

Ixia xbalancer. A Purpose-Built Load Balancer for 10G Networks. The Load Balancing Solution DATA SHEET. Highlights

4 PWR XL: Catalyst 3524 PWR XL Stackable 10/100 Ethernet

Best Connectivity. 5-Port 10/100Mbps Desktop Switch with 4-Port PoE

RGS-7244GP / RGS-7244GP-E

Support O-Ring (recovery time < 10ms over 250 units of connection) and MSTP(RSTP/STP compatible) for Ethernet

6GK6050-0MM Transmission rate. Interfaces

Acme Packet Net-Net 14000

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

Giga Lynx DATASHEET. DS-1029-F 1 of 5

Designed for Railway application and fully compliant with the requirement of EN50155/EN standard

28-Port L2 Managed Gigabit Switch, 4 x SFP

1Industrial Ethernet Switch

VISION ONE: SECURITY WITHOUT SACRIFICE

GigaVUE-2404 // Data Sheet

Apex Lynx DATASHEET. DS-1030-E 1 of 5

TAP Aggregation-Network Visibility and Security

16-port 10/100/1000M PoE + 2 Gigabit SFP/RJ45 Copper Combo Ports

2804 Hybrid Packet Broker

Cisco SFE Port 10/100 Ethernet Switch Cisco Small Business Managed Switches

Ixia Net Optics ilink Agg xstream

1Industrial Ethernet Switch

McAfee Network Security Platform

McAfee Network Security Platform

8-port 10/100/1000M PoE + 2 Gigabit SFP/RJ45 Copper Combo Ports

ProCurve Switch 2600 Series

JSH2402GBM. Introduction. Main Features Combo Port Mixed Giga Ethernet SNMP Switch. Picture for reference

PE2G4B19L Quad Port Copper Gigabit Ethernet PCI Express Server Adapter Broadcom BCM5719 Based

JetNet 5428Gv2. Features. Industrial 24FE+4G Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

JetNet 5228G / 5228G-DC

Anue Net Tool Optimizer 5273

OE2G2I35 Dual Port Copper Gigabit Ethernet OCP Mezzanine Adapter Intel I350BT2 Based

DCS C. Application Digital China .1 / 6

Next generation IP media routers

RGS-7244GP / RGS-7244GP-E

PE2G6I35 Six Port Copper Gigabit Ethernet PCI Express Server Adapter Intel i350am2 Based

Highlights. VoIP and UC Friendly Advanced L2 QoS, Economical and Flexible POE supporting 802.3af and 802.3at

GigaVUE-420 Specifications

AXILSPOT 16-Port Gigabit Managed PoE Switch with 2 SFP Slots ASP-MG16

Product features. Applications

HP V1410 Switch Series. Product overview. Key features. Data sheet

PHYSICAL INTERFACES 5406R

ISCOM2948GF-4C Intelligent Ethernet Service Aggregation

8-Port IP40 IEEE802.3af PoE Unmanaged Industrial Switch User s Manual

VISION ONE: SECURITY WITHOUT SACRIFICE

HP V1905 Switch Series. Product overview. Key features. Data sheet

HP ProCurve Switch 1800 Series

ISCOM RAX 711 (B) Ethernet Demarcation Device

DW- SW-PoE-24M. wwww.denwaip.com

Industrial 6-port unmanaged Gigabit PoE Ethernet switch with 4x10/100/1000Base-T(X) P.S.E. and

DKG-210 UNIVERSAL INTERNET GATEWAY UNIT

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: US-8-150W, US W, US W, US W, US W, US W

ngenius 5100 Packet Flow Switch

S2250/S3250 NETWORK INTERFACE DEVICE

DCS CT-POE fully loaded AT PoE Switch Datasheet

IEC /IEEE1613 Managed 24-port 10/100BASE and 4-port Gigabit Ethernet Switch with SFP options

Extended Managed Ethernet Switch - 8 Ports

28-Port Stackable L3 Lite Managed Gigabit Fiber Switch, 2 x Gigabit SFP/RJ45 Combo, 2 x 10-Gigabit SFP+, 1 x 10-Gigabit Module Slot

GigaVUE-420 // Data Sheet

Data Center & Cloud Computing DATASHEET. N S6Q(10G SDN Switch) N S6Q (48*10GbE+6*40GbE) 10G SDN Switch

QuickSpecs. Models. Features and Benefits Connectivity. HP ProCurve Switch 1800 Series. Overview. Retired. HP ProCurve Switch G

Apex Orion DATASHEET. DS-1026-E 1 of 5

Datasheet. Managed Gigabit Switches with SFP. Models: US-24, US-48. Non-Blocking Throughput Switching Performance. Gigabit Ethernet RJ45 Ports

ProCurve Switch 1400 Series

PoE+ Series Switches COST EFFECITIVE & EFFICIENT POE SOLUTION FOR BUSINESS. Build a better network with PoE+ series. Benefits.

FMUX1001 Modularized 16E1/T1 + 4x GbE Managed Fiber Multiplexer FMUX101 Modularized 16E1/T1 + 4x FE Managed Fiber Multiplexer

Industrial 8-port managed Gigabit PoE Ethernet switch with 8x10/100/1000Base-T(X) P.S.E.

Datasheet. Fengine S4800 Series Gigabit Switches P RODUCT O VERVIEW P RODUCT A PPEARANCE. Wuhan FiberHome Networks Co., Ltd.

CES2000 Series Industrial Carrier Ethernet Switches

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.

PON Product Datasheet U9016B

Cisco SRW208 8-Port 10/100 Ethernet Switch: WebView Cisco Small Business Managed Switches

Datasheet. Managed PoE+ Gigabit Switches with SFP. Tel: (0) Fax: +44 (0)

Complete ATCA IPMI Test Suite and Validation or VT027/VT028 Development. FIGURE 1: ATC001 option load for IPMI Test Suite and Validation

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: ES W, ES W, ES W, ES W

NSG50/100/200 Nebula Cloud Managed Security Gateway

Industrial 48G+4x10G SFP+ Ports Gigabit Layer 3 Routing Server

SAE-PE QSFP-NMS

Transcription:

Cubro FlowVista Series PRODUCT REVIEW Network Probe At a glance Definition A Probe is a passive device which receives network traffic from TAPs and Packet Brokers and extracts meta data. Advantages of FlowVista Cubro delivers the traffic application analysis series products FlowVista. Focusing on high performance and real time DPI processing, FlowVista provides flexible signature syntax and identification. The engine to support ACL and load balancing rules are based on IP 5-tuple application protocols. In addition, FlowVista can identify and tag the raw data and output the flow log based on IP 5-tuple in NetFlow V9 standard. Functions / Benefits: Small foot print & Low power design L7 Application detection Embedded Network Processor design Can be customized to customer s requirement NetFlow V9 Support of any kind of SFP and SFP+ (also 10 Gbit BASE_T), and QSFP 24 x 10 Gbit and 4 x 40 Gbit Built-in logical signature processing engine, supporting rule priority and output identification results of the highest priority. Flexible rule syntax description: users can define the protocol rules based on PDL* syntax Supporting cross-packet search Supporting rule hot swapping, achieving rule upgrading without interrupting traffic processing. Correlate-identification: correlating multi-session protocol and unifying the identification result. Packet filtering load balancing: FlowVista can process the packets based on IP 5-tuple and application protocol rules and support combined ACL rules and multi-dimensional load balancing (preserving session/subscriber integrity). * (The PDL syntax is the language of the Cubro Regex Compiler, to generate new Fingerprints)

PRODUCT CAPABILITIES / FEATURES Identification based on port, signature, and traffic type Identification Feature Cross-packet matching Correlate-identification (FTP/DNS/bbc-iPlayer/afreecavideo) HTTP identification for non-standard ports Protocol identification engine: finding the app id of the highest Protocol Identification Rule priority Rule compiler: generating graph with PDL*, 8K rules (maximum) User-defined rules with PCRE Other DPI Features Hot-swappable rule upgrading Tagging signature information on packet Ethernet header Jumbo frame, IP - reassembly Packet Preprocessing TCP-reassembly such as out-of-order packets, TCP state tracking Tunnel identification such as GTP/GRE, supporting protocol processing inside the tunnel 6-tuple ACL rule (IP 5-tuple + app id, maximum: 4K) Classification Redefining app id with actions to classify applications Load balancing (preserving session/subscriber integrity) Flow Detail Record Generating flow log in Netflow V9 standard Ports EXA24160 Configuration / Communication Performance EXA24160 CPU MTBF 24 X 10 Gbps / 1 Gbps and 4 X QSFP 40 Gbps Serial/SSH/Telnet/FTP Throughput 160 Gbps DPI Performance 60 Gbps Session 20 million online (max) Mips 64 96 Core 178,125 hours * (The PDL syntax is the language of the Cubro Regex Compiler, to generate new Fingerprints) 2

TECHNICAL DATA / SPECIFICATIONS Probe EXA 24160 Ports CPU 1 CPU 2 2 x 40 Gbit 12 x 10 Gbit Ports 2 x 40 Gbit 12 x 10 Gbit INPUTS * Several 1, 10, 40 Gbit interfaces can be used as inputs from TAPs or NPB. On EXA40 and EXA40D a NPB is build in the Probe. On EXA24160 an external NPB can be used for load balancing the traffic. Probe EXA 40D CPU 1 & CPU 2 connected via a internal Packetmaster Ports Probe EXA 40 Ports CPU 1 connected via a internal Packetmaster 40 x 10 Gbit 40 x 10 Gbit OUTPUTS * Any port can be used as meta data streaming output. The Netflow CDR can also send load balanced traffic over several ports to reduce the load on the servers. Operating specifications: Operating Temperature: 0ºC to 45ºC Storage Temperature: -10ºC to 70ºC Relative Humidity: 10% min, 95% max Non-condensing Mechanical specifications: Dimension (HxWxD): W=440.00 mm, L=660 mm, H=44,4 mm Weight: 9.4 kg Electrical specifications: Input Power: 100-240V, 2A, 47-63 Hz Maximum Power Consumption: 400W Certifications: Fully RoHS compliant CE compliant Safety - UL 60950-1 / CSA C22.2 60950-1-07 / IEC 60950-1 (2005) EN 60950-1 (2006) PERFORMANCE Nearly more than 1000 pre-configured fingerprint applications id available. Advanced Multi core CPU design Lowest power usage per Gbit traffic processing in the industry. MANAGEMENT Management Port: (1) RJ45 10/100/1000 Mbit Configuration (CLI) Port: (1) RS-232 DB9 USB 3.0 for software update INDICATORS Per RJ45 port: Speed, Link/ Activity Per SFP+ port: Status, Rx, Tx, Link Per Device: Power, Status 3

ADVANCED FUNCTION DESCRIPTION 4b f7 c8 33 08 00 45 00 c0 a8 04 1e 9d 37 4e 3d 4b f7 02 93 c4 77 05 bc 89 aa 97 dc ba d8 Flow A Payload X Regex Fingerprint: 3d 4b f7 02 93 08 00 45 00 c0 a8 4b f7 c8 33 08 00 45 00 c0 a8 04 1e 9d 37 4e 3d 4b f7 02 93 c4 77 05 bc 89 aa 97 dc ba d8 Flow A Payload Y 5c e6 c8 34 08 00 45 00 c0 a8 04 1e 9d 38 5f 37 4b f7 01 93 c4 88 07 cc 89 aa 97 aa ca 78 5c e6 c8 34 08 00 45 00 c0 a8 04 1e 9d 38 5f 37 4b f7 01 93 c4 88 07 cc 89 aa 97 aa ca 78 Supporting cross-packet search: For example, signature S is separated into S1 and S2 and are in two adjacent packets and FlowVista can still identify signature S. Correlate-identification: Correlating multi-session protocol and unifying the identification result. FTP Control Session A Correlation FTP Data Session B Identify as FTP session Regex Fingerprint P1 P2 P3 P4 P5 P6 Session oriented forward packet correlation P1 P2 P3 P4 P5 P6 Raw packet tagging: Tagging the identification information in the MAC field of raw packet header. FlowVista supports tagging buffering feature. For example: packet A is in front of packet B in the same session and packet B carries the signature. When FlowVista identifies the signature carried by packet B, it can still tag packet A with the signature information. FDR: FlowVista can make statistics of the session up link/down link traffic, session status, starting/ending time, and protocol identification information. FlowVista outputs the statistics information in NetFlow V9 standard. 4

TYPICAL APPLICATION: BIG DATA OPEN SOURCE The Cubro FlowVista probe can be also used to generate meta data from the network and feed a big data application. As one example of such an installation the picture shows 3 open source applications (ELK ore kibana stack) which can be used to build a powerful and flexible collector. Logstash offers centralized log aggregation of many types, such as server logs, and also Netflow. It is a very simple message based architecture. Logstash has a single agent that is configured to perform different functions in combination with the other ELK components. Elasticsearch is a distributed search and analytics engine, it is a schema-free, full text search engine with multi language support. It provides support for geo location, suggestive search, auto complementation and search snippets. Kibana is analytics and visualization platform architectured for Elasticsearch. It provides real-time summary and charting of streaming data, with the ability to share and embed dashboards. Two more components should be mentioned Marvel to monitor the full system itself and Shield which takes care of security features to ELK such as role-based access control and much more. 5

DATA SHEET TYPICAL APPLICATION STANDARD COLLECTOR Load balanced original traffic DPI decoding Netflow generation Netflow V9 Metadata This drawing shows a typical solution to monitor a huge amount of traffic, in this case more than 250 Gpbs. The traffic is received via TAPs to the EX32100 from various interfaces. The EX32100 is aggregating, filtering and load balancing the traffic to 4 FlowVista Probes, each handling 60-70 Gbps traffic. The Probes are sending the Flow CDR to a flow collector. The collector is a 3rd party product. The Netflow V9 is a generic format, which can be handled by many 3rd parties and open source products. ORDERING INFORMATION Product Components: Cubro FlowVista Probe AC/DC power supply European power cord (no SFPs included) Part Number Description CUB.FVP-S FlowVista Probe, single CPU, AC power CUB.FVP-D FlowVista Probe, dual CPU, AC power CUB.FVP-Q FlowVista Probe, quad CPU, AC power CUB.FVP-S-DC FlowVista Probe, single CPU, DC power CUB.FVP-D-DC FlowVista Probe, dual CPU, DC power CUB.FVP-Q-DC FlowVista Probe, quad CPU, DC power For more information please check our website www.cubro.com 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback