Scribd Logo
Upload

Welcome to Scribd!

  • SDN and Advanced Network Analytics

    Uploaded by

    pluribusnetworks
    137 views15 pages
    Learn how SDN powered analytics can help with network security.

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Learn how SDN powered analytics can help with network security.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    137 views15 pages

    SDN and Advanced Network Analytics

    Uploaded by

    pluribusnetworks
    Learn how SDN powered analytics can help with network security.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    SDN and Advanced Network

    Analytics
    Dave Ginsburg, CMO

    The Network Hypervisor

    CIO Top of Mind / Priorities:


    Security
    and
    Visibility
    Protect your companys reputation - eliminate
    data loss
    More capability for NetOps without retraining
    Security identified as area of greatest new
    funding in 2015

    Bare
    Metal

    Push security all the way into the data center


    Active / self-defending and distributed
    Multi-layer - secure the exterior and the
    interior
    Monitoring and visibility into overlay and
    underlay
    Common tools
    Eliminate duplicate architecture for taps
    Apply services to 100%, not 20%

    Pluribus Core Technology:


    Netvisor
    Apps
    Fabric Analytics/Security

    Fabric
    Applications
    Fabric
    Applications

    Easy Fabric Orchestration

    L2 / IP Fabric

    L2 or IP/BGP Fabric

    Runs on white box, brite box


    and wedge style platforms
    Network OS for merchant
    silicon platforms

    Bringing Hyper-Convergence To The


    Network
    Comput Networ
    Storage
    e
    k

    Comput
    Storage
    e

    Network Fabric

    Simplify Infrastructure
    Reduce time to deploy
    Run network virtual services w/
    HW
    off-load (reduce appliance
    sprawl)

    Simplify Infrastructure
    Reduce time to deploy
    Compute & Storage
    Run any application @ scale

    Network As A True Extension of


    Compute
    SDN HyperCompute
    Compute

    SDN Server-Switch
    ODM/OCP white
    box

    Virtual.

    Traditional Switch

    Server
    Netvisor
    OS

    Network

    Compute

    Converged Switch

    Virtual.
    Storage

    Network

    Network

    Netvisor
    Server
    OS

    Direct
    Memory
    Access

    Direct
    Memory
    Access

    TB
    Switch
    Chip

    PCIe
    OS

    RAM
    4-8GB

    Embedded CPU

    PCIe

    Server Class Xeon CPU


    Low-speed
    bus

    Switch
    Chip

    10/20G

    Merchant
    SDK

    RAM
    16-32GB

    NIC
    Switch
    Chip

    RAM

    Up to 1TB

    4x10GE

    Netvisor Leaf-Spine POD Architectures


    IP + Fabric Cluster

    L2 + Fabric Cluster
    L3
    L2
    L2 VLAG

    L2 #$#V LA G #

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    L2

    IP

    L3

    Up to 28 racks w/
    E28Q-L

    L2

    Up to 28 racks w/ E28Q-

    L3
    IP/ECMP Fabric

    L2 VLAG

    L2 #$#V LA G #

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    VM

    VM

    VM

    L 2 #$#V L A G #

    L 2 #$#V L A G #
    VM

    VM

    VM

    L2 #$#V L A G #
    VM

    VM

    VM

    IP/ECMP Fabric

    VM

    VM

    VM

    ++ Single pt of
    mgmt
    ++ Fabric-wide
    visibility (ports,
    VMs)

    L3

    VM

    VM

    VM

    ++ Single pt of
    mgmt
    ++ Broadcast-free
    fabric
    ++ Fabric-wide
    visibility (ports,
    VMs)

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    L 2 #$#V L A G #

    L 2 #$#V LA G #

    L 2 #$#V L A G #

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    Security As A Layered Architecture:


    Current
    North-South Traditional Security
    Perimeter
    As low as ~20% of the traffic
    Network Fabric:
    Limited/No security for East-West
    traffic
    As high as ~80% of traffic
    Fabric value in monitoring and
    visibility
    but a separate monitoring fabric
    is required
    Secure VMs
    Limited/no security for mare metal
    compute

    Bare
    Metal

    Security As A Layered Architecture:


    Integrated
    E-W/N-S visibility of services/apps
    Forensic analysis, auditing, security (flow
    filtering w/ packet capture)
    Capacity planning (network utilization,
    traffic patterns, hot-spots)
    Optional addition of virtual firewalls
    within fabric for east-west and in-rack
    security
    Eliminate taps and separate
    visibility fabric!

    Bare
    Metal

    Netvisor Tap-Free inFabric Analytics


    Client-Server Connection Flow
    Analytics
    Client-server conversations, Top talkers, Top
    listeners,
    SYN-flood attack monitoring

    Application-aware Flow Analytics


    Fabric BW by applications, application latency
    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    VM

    Server VM/Overlay visibility


    VM traffic connection analysis/mobility

    Forensic Data Recorder


    Forensic analysis, compliance, capacity planning,
    troubleshooting

    Fabric Sniffer

    Analytics Deployment For Brownfield


    Networks
    Intelligent Packet Broker:
    Tap Aggregation + Full Flow Analytics & Forensic
    Data Recording
    Netvisor Visibility Fabric

    Production Network

    3rd party Tools


    Network Monitoring

    Span/
    Taps

    Application Monitoring
    Security Tools
    UC/VoIP Monitoring

    demo

    DDoS Demo

    Preserving Your Companys Reputation (Priceless)


    Source: Pluribus Networks, 2015

    Thank You!
    www.pluribusnetwork
    s.com

    You might also like