Sessionmaster EXA Series Version 1.1 Okt. 2015 Technical Features & Models : Sessionmaster EXA 28 Ports 28 x 10 Gbit SFP+ Throughput 280 Gbps Application Presentation Session Transport Network Application Physical The Sessionmaster EXA Series, is the next evolution step in the row of the successful Cubro Packet Broker product line. Layer 7 packet handling is a standard in this product range. Intelligent Layer 7 load balancing is a challenge but supported. Keyword and regular expression search is also a standard feature in this product line but the big differentiator to any other product on the markets is: The EXA understands network protocols, not only by the port number. The EXA can decode protocols similar to a probe. This feature is vital to do keyword and regular expression search, and to produce useful results. It makes no sense to search for a regular expression in the full packet, you only want to search in the relevant fields to get a correct search output. The Sessionmaster EXA Series products focus on the mobile core network, metropolitan area network (MAN), and Internet data center (IDC) big data monitoring. The Sessionmaster EXA Series helps our customers deploy their network application flexibly and quickly by aggregating, filtering, load-balancing and replicating the target traffic, de-duplication,time-stamping, load-balancing the PSC/EPC signaling-plane and user-plane traffic, and distributing specified traffic to multiple monitoring tools effectively. Typical application! Sessionmaster EXA 40 Ports 40 x 10 Gbit SFP+ Throughput 400 Gbps Sessionmaster EXA 32 Ports 32 x 10 Gbit SFP+ 2 x 40 Gbit QSFP Throughput 400 Gbps Sessionmaster EXA 56 Ports 56 x 10 Gbit SFP+ Throughput 560 Gbps Management 1x RS232 RJ45 1 x USB 2.0 1x FE RJ45 Dimensions 440 x 532 x 44.4mm W x D x H Power Typical: 145W Max: 212W Dual 1+1 redundant hot-swappable power supplies, AC or DC AC:100-240V, DC: 36-72V the S5 or GN interface is typically not one link Mobil Core Monitoring Session aware load balancing of GTPv1 and GTPv2 traffic to multiple probes Environment Specifications Operating temperature 0-40 Operating relative humidity 5%-95% session aware load balanced to monitoring system
General Functions & Features Ultra-high port density and ultra-low power. Powerful packet pre-processing capability The Sessionmaster EXA series products can provide up to 56 10GbE SFP+ ports in 1 U and support device cascading by 2 40GbE ports. However, the typical power is 145W. In conclusion, the Sessionmaster EXA can increase the access capacity and decrease the operation cost, providing the perfect solution for the next-generation network monitoring and traffic analysis. Multi-dimensional traffic classification capability With the high-performance N-tuple classification algorithm, the Sessionmaster EXA series products support many traffic matching rules including the input port and vlan id match, v4/ v6 5-tuple (supporting mask and range) match, bit-pattern filtering using user-defined attributes match, etc. Additionally, the Sessionmaster EXA supports millions of extensible ACL rules. In this way, the flexible and robust traffic classification capability helps distribute the target traffic to the monitoring tools more efficiently. The Sessionmaster EXA can pre-process the packet in many ways including Re-assembling the fragment Correcting the retransmitted or disordered TCP flow, Slicing the packet, Deduplicating, Stripping the encapsulation or tunnel and Time stamping, etc. Therefore, the Sessionmaster EXA both offloads for the monitoring tools and improves their operating efficiency greatly. With the powerful ability of data burst buffering and multi-dimensional data statistics, the Sessionmaster EXA helps the monitoring tools troubleshoot typical problems including packet loss and disorder. Application list: Load balancing GTPv1 and GTPv2 traffic Intelligent load balancing capability in the mobile core network The Sessionmaster EXA can decode, track and identify the signaling protocols of various interfaces in the mobile core network. In this way, the Sessionmaster EXA can not only extract and restore the specified signaling but also guarantee the traffic integrity of the same session or user during the load balance process. Keyword filtering (IMSI filtering) Keyword filtering (called party filtering on S) General keyword filtering (The EXA can classify the traffic with 7-tuple rule and string matching rule, both of them match simultaneously. Users can set 63 string matching rules and each rule support up to 128 string patterns (hexadecimal number supported). Session aware load balancing GB & IUPS filtering 6 load balancing
General Functions & Features Powerful Network Protocol Identifying Ultra-detailed Traffic Classification Traffic Classification Rule Packet Processing Accurate Statistics Traffic Action Port Feature Management v4/v6, /SCTP, HTTP, L7, etc MPLS, PPTP, L2TP, GTP, GRE, over, VLAN, PPPoE Gn/IuPS, S11, S1-MME/S1-U/S6a, etc v4/v6 5-tuple, LTE/3GPP 5-tuple in the tunnel,supporting mask and range 7-tuple (dip, sip, dp, sp, pro, input port, vlan id) Key words; key words + 7-tuple rules to make detailed classification Gn, S1-MME, S11, S6a, S1-U, etc protocols in PSC/EPC 8 groups of 7-tuple ACL rules, each group containing 2048 v4 rules and 2048 v6 rules 64 groups of key word rules, each group containing up to 128 key words 2048 extensible rules Millions of accurate 5-tuple rules (non-range and non-mask) Real-time rule configuration and updating Time stamping, ns-level Slicing Replication fragment reassembling VLAN tag adding or deleting Identifying GTP upstream and downstream traffic GRE/GTP/MPLS header stripping Packet order preserving 4 GB data burst buffering Input and output ports Traffic classification rules Historical peak traffic of each port Forwarding based on the traffic classification rule Forwarding based on the specified output port Load balance, methods including WRR, RR, N-tuple hash, etc Link check, forwarding the traffic to the link-up ports from the link-down ports dynamically QoS, adjusting output rate according to the threshold of each port Guaranteeing the data (from one or many devices) integrity of the same user or the same session Guaranteeing the data integrity in load balancing: signaling plane, user plane, signaling plane and user plane, PDP session User-defined input and output ports Supporting single fiber receiving or transmitting Auto link checking and protecting Device cascading Input and output traffic replication Supporting 1/10/40 GbE network and tool connections Console, ssh and telnet, etc RPC api, REST api, CLI, SNMP System log, warning report Online updating Watchdog and self-healing
A B A B A B A B CUBRO Applications IMSI (international Mobile Subscriber Identity) filtering application. HTTP filtering in the GTPv1 or GTPv2 tunnel in a Core UMTS LTE Network. If you have the need to monitor a customer or a bunch of customers in a mobile core network you have two ways. Capture all traffic with a large and expensive monitoring system, and search later in the database of the monitoring system for the customer s traffic, to analyze it. The other option is smart filtering. The Cubro Sessionmaster EXA can do this filter correlate and aggregate the traffic of one or a bunch of customers, based on the IMSI. This is done on line in Sessionmaster so that you can connect simple monitoring devices (Laptop & Wireshark) to analyze the traffic. The reason why you can do this with a small capture device because we forward only the traffic of one customer and this is a small portion of the traffic. This applications show the capability of the Sessionmaster EXA to filter inside the GTP tunnel without removing the GTP header. The application is filtering the http traffic inside the tunnel and load balance the traffic. As an additional feature the GTP header could be also removed from the filtered traffic. to monitoring session aware gtp load balancing In line GTP tunnel decapsulate & tunnel encapsulate. gtp correlation & imsi filtering We use a two stage concept, typically the GN ports carry a lot traffic up to multiple 10 Gbps. Therefore we must split the traffic to smaller portions. The first stage is to load balance the traffic session aware to 20 Gbps portions. In the second stage the Sessionmaster EXA correlates the GTP traffic (4 tunnels) and search for the IMSI in the signaling tunnel. The Information in the signaling tunnel provides the transport information to find the customer traffic in the data tunnels. This application is a very challenging approach, the idea is to remove the GTP tunnel only on HTTP traffic, process the traffic and add the GTP tunnel in the life link.! 1) The traffic is sent over a Cubro optical bypass switch to the Sessionmaster EXA, to protect the live link in case of a failure 2) From the Bypass the traffic goes to the EXA. The EXA removes the GTP tunnel but stores the tunnel information 6 4 3) The EXA sent the pure (without gtp header) traffic to the application server (firewall, IDS, proxy...) Power 1 Power 2 1 6 Network Bypass Bypass on / off Duallink optical Bypass CUBRO Network Bypass Bypass on / off 4) After processing the traffic is sent back to the Sessionmaster EXA 2 5 5) The EXA now sends the packets with the original GTP header re-encapsulated, over the optical bypass switch back to live link 3 DVD 4 6) The traffic is now reinserted in the live link
UK DISTRIBUTOR TEST & MANAGEMENT DIAGNOSTIC SOLUTIONS FRAME COMMUNICATIONS LTD 7 Midshires Business Park Smeaton Close Aylesbury Bucks HP19 8HL UNITED KINGDOM Tel: +44 (0) 1296 678510 Fax: +44 (0) 1296 436247 WEB: http://www.frame.co.uk Email: testinfo@frame.co.uk