Introduction to VSS Monitoring - Ethernet Technology Summit
Introduction to VSS Monitoring - Ethernet Technology Summit
Introduction to VSS Monitoring - Ethernet Technology Summit
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Affording the Upgrade <strong>to</strong> Higher Speed & Density<br />
<strong>Ethernet</strong> <strong>Summit</strong><br />
February 22, 2012
Agenda<br />
• <strong>VSS</strong> Overview<br />
• <strong>Technology</strong><br />
• Q&A<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
2
Corporate Overview<br />
World Leader in Network Intelligence Optimization<br />
• Deployed in 80% of Tier 1 telecom opera<strong>to</strong>rs worldwide<br />
• Deployed in over 1,200 service providers, enterprises, and<br />
governments worldwide<br />
Best in Class Innovation<br />
• Leader in product breadth – addresses entire universe of<br />
network intelligence <strong>to</strong>ols<br />
• Leader in product depth – from basic test access solutions <strong>to</strong><br />
the most advanced system-based packet manipulation and <strong>to</strong>ol<br />
optimization technologies<br />
• The only vendor with a platform approach – true high-scale,<br />
flexible, and redundant system architecture<br />
Exceptional Market Share Growth<br />
• Profitable and 2X annual growth for past 6 years<br />
• Named 2011 Top 50 Fastest Growing Companies in Silicon Valley<br />
• Founded in 2003<br />
• HQ in San Mateo, CA<br />
• 160+ employees<br />
(~60 in R&D & QA)<br />
• Venture backed by Battery<br />
Ventures<br />
• All products developed and<br />
manufactured in Silicon<br />
Valley<br />
• Global technology &<br />
channel partner network<br />
• Global sales/Support<br />
presence in China, Japan,<br />
Singapore, UK, Italy,<br />
France, Scandinavia<br />
V111213A © 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
3
<strong>VSS</strong> Selected Cus<strong>to</strong>mers<br />
Telecom* Enterprise* Government*<br />
*Partial List Only<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved. 4
IT’s Strategic Response <strong>to</strong> Increasing Complexity<br />
Data Explosion<br />
• 100G core, FTTH, LTE<br />
• Video, SAN, IPTV, IMS<br />
• P2P, M2M<br />
• Data Ctr Virtualization<br />
• Control / user plane<br />
complexity<br />
Economics<br />
• Budget constraint<br />
(CAPEX+ OPEX)<br />
• ROI<br />
• Revenue / traffic gap<br />
• Management overhead<br />
Network<br />
Intelligence<br />
• Performance moni<strong>to</strong>ring<br />
• Network acceleration<br />
• Security moni<strong>to</strong>ring<br />
• Security enforcement<br />
Network<br />
Convergence<br />
• Multi vendors<br />
• Multi service layers<br />
• Hybrid cloud networks<br />
• Unified communications<br />
Tool<br />
Performance<br />
Tool<br />
Scalability<br />
Tool<br />
Congestion<br />
Tool<br />
Convergence<br />
Network Performance & Security Tool Optimization<br />
V111213A © 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
5
Network Intelligence Optimization System<br />
Inline Acceleration Tools<br />
Performance Analytics Tools<br />
Inline Security Tools<br />
Security Analytics Tools<br />
Network<br />
Tool<br />
Layer<br />
QoS/Packet<br />
Shaping Appliance<br />
Traffic Compression<br />
Appliance<br />
Traffic Caching<br />
Appliance<br />
Network<br />
Analysis Probe<br />
Application<br />
Analysis Probe<br />
VoIP/UC<br />
Analysis Probe<br />
Data Loss Prevention<br />
Appliance<br />
Next-Generation<br />
Firewall<br />
Intrusion Prevention<br />
(IPS) Appliance<br />
Data Recording<br />
Probe<br />
Forensics<br />
Analysis Probe<br />
Lawful Interception<br />
Probe<br />
Web Acceleration<br />
Appliance<br />
SSL Acceleration<br />
Appliance<br />
WAN Acceleration<br />
Appliance<br />
Network Discovery<br />
Scanning Probe<br />
Flow Data<br />
Analysis Probe<br />
Meta-Data<br />
Analysis Probe<br />
DDOS Prevention<br />
Appliance<br />
Secure Web Gateway<br />
Appliance<br />
Compliance Audit<br />
Scanning Probe<br />
Intrusion Detection<br />
(IDS) Probe<br />
Network<br />
Intelligence<br />
Optimization Layer<br />
App<br />
Servers<br />
10G<br />
Switching/<br />
Communications<br />
Layer<br />
App<br />
Servers<br />
10G<br />
10G<br />
Cloud<br />
App<br />
Servers<br />
10G<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
6
Product Building Blocks For Modular Simplicity<br />
Easy/Economical <strong>to</strong> Start Small, Future Proof <strong>to</strong> Grow Big<br />
• Start as small as one <strong>to</strong>ol and<br />
one network link<br />
Cloud<br />
• Distributed modular architecture<br />
means you pay only as you grow<br />
Plug-N-Play<br />
Expansion<br />
Scales<br />
Easily To<br />
• Multiple Tools / Tool Types<br />
• Thousands of Network Links<br />
• LANs, WANs, Clouds<br />
• 1G/10G/40G/... over Copper/Fiber<br />
• Multiple Geographies / Domains<br />
V111213A © 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
7
Selective Aggregation<br />
Moni<strong>to</strong>ring Tools Work Best With The Correct Traffic<br />
• Input traffic <strong>to</strong> moni<strong>to</strong>r output<br />
control<br />
• One-<strong>to</strong>-multiple network ports <strong>to</strong><br />
one-<strong>to</strong>-multiple moni<strong>to</strong>r ports<br />
– 1-<strong>to</strong>-1<br />
– 1-<strong>to</strong>-Many<br />
– Many-<strong>to</strong>-1<br />
– Many-<strong>to</strong>-Many<br />
Reduce costs<br />
Improve efficiency of <strong>to</strong>ols<br />
Reduce number of moni<strong>to</strong>r<br />
interfaces required
Flow/Session-Aware Load Balancing<br />
Distribute Traffic Across Multiple Tools Per IP Session<br />
• Even distribution of traffic<br />
across multiple links<br />
• Highly granular balancing<br />
(multiple criteria)<br />
• Maintain session<br />
consistency<br />
• Fault-<strong>to</strong>lerant<br />
Moni<strong>to</strong>r 10G networks with existing <strong>to</strong>ols<br />
Fully leverage Gigabit <strong>to</strong>ols<br />
Prevent oversubscription on moni<strong>to</strong>r ports
Link-Level Visibility<br />
Speed & Media Conversion<br />
• Step up or step down in speeds, fiber <strong>to</strong> copper media<br />
High Data Burst Buffering<br />
• Dedicated extended buffering <strong>to</strong> ensure<br />
capturing of microburst traffic<br />
Granular Capacity Measurement<br />
• Microburst detection with sub-ms level<br />
network utilization statistics reporting<br />
Time & Port Stamping<br />
• Packet level ingress Information, enabling<br />
granular latency moni<strong>to</strong>ring & measurement<br />
• Synchronized <strong>to</strong> NTP, PTP, GPS, etc.<br />
VLAN Tagging<br />
• Tag packets with VLANs prior <strong>to</strong><br />
forwarding <strong>to</strong> <strong>to</strong>ols<br />
Time & Port<br />
Stamps<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
10
Intelligent Stacking System<br />
Benefits<br />
• Fault <strong>to</strong>lerance “visibility layer”<br />
• Scalable architecture<br />
• Increased <strong>to</strong>ol efficiencies and ROI by<br />
delivering more traffic <strong>to</strong> <strong>to</strong>ols from<br />
multiple devices<br />
• Increase port density in an organic<br />
manner in sync with needs<br />
Capabilities<br />
• Au<strong>to</strong>-discovery<br />
• Any input <strong>to</strong> any output<br />
• Redundant mesh architecture<br />
• High availability (n+n) <strong>to</strong>ols support<br />
• Multi-link throughput per route<br />
• Au<strong>to</strong> health check<br />
• Central management via API<br />
Moni<strong>to</strong>ring &<br />
Security Tools<br />
Visibility Layer<br />
Powered by vStack<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
11
What Makes <strong>VSS</strong> Unique?<br />
A single solution based on a modular, systems-based architecture <strong>to</strong><br />
optimize the entire universe of Network Intelligence (NI) <strong>to</strong>ols<br />
Reduced Risk<br />
Exposure<br />
• 100% access = <strong>to</strong>tal performance<br />
visibility & protection coverage<br />
Higher Network<br />
Quality<br />
• Improved availability & performance for<br />
network & <strong>to</strong>ols<br />
Faster / Higher ROI<br />
• 50% more efficient use of <strong>to</strong>ol resources<br />
• Up <strong>to</strong> 80% reduction in <strong>to</strong>ols CAPEX<br />
Regained Agility<br />
• Simplified complexity accelerates IT<br />
flexibility & operational efficiencies<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
12
Back-up Slides<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
13
Traffic Delivery & Grooming<br />
Hardware Filtering<br />
• Layers 2 <strong>to</strong> 4 header-based filtering and user cus<strong>to</strong>m filtering<br />
Flow Load Balancing<br />
• Layers 2 <strong>to</strong> 4 load balancing across multiple<br />
ports and balancing groups<br />
Conditional Packet Slicing<br />
• Selectively remove packet payload from<br />
specific places in the packets<br />
Pro<strong>to</strong>col Stripping & De-encapsulation<br />
• Remove specific pro<strong>to</strong>cols from packets<br />
Packet Deduplication<br />
• Remove duplicates of packets <strong>to</strong> reduce<br />
false positives in <strong>to</strong>ols<br />
IP Slicing<br />
RTP Slicing<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
14
Advanced Traffic Grooming<br />
GTP & MPLS Inner L3/L4 Balancing<br />
• Load balance GTP-U and MPLS<br />
traffic based on inner user L3/L4<br />
information with GTP or MPLS<br />
encapsulation.<br />
GTP IMSI Balancing<br />
• Load balance GTP-C & GTP-U<br />
traffic based on mobile subscriber<br />
ID (IMSI)<br />
IP Packet Fragment Reassembly<br />
• Re-assemble IP fragments in<strong>to</strong> original packet<br />
<strong>to</strong> reduce processing cycles by <strong>to</strong>ols<br />
DPI-based Filtering<br />
• Dynamic search for user-identifying objects,<br />
applications or natural patterns<br />
IMSI<br />
MAC IP UDP GTP-C Payload<br />
TEID<br />
MAC IP UDP GTP-U IP TCP Payload<br />
10<br />
Fragmented Packets<br />
Re-assembled Packets<br />
10<br />
© 2003-2011 <strong>VSS</strong> Moni<strong>to</strong>ring. All rights reserved.<br />
15