Programmable Packet Brokers for On-Demand Network Visibility
byJude Vedam01-18-201612:21 AM - edited 01-19-201609:12 AM
A typical mobile operator today serves several million connections and a sizable share of these connections originate and terminate from machines. This phenomenon is expected to grow substantially and will in the not too distant future represent a larger share of the overall traffic.
Frequently, a small part of the overall traffic requires deeper analysis than the remaining traffic. With the exploding growth of mobile data, identifying and selecting relevant traffic flows becoming challenging – like searching for needles in the haystack. Some examples include:
VIP customer support: Operators would like to closely monitor VIP customers and identify issues proactively, before they are raised by the customer.
Identifying bad and malicious traffic: Operators might want to capture and analyze the packets offline within a flow-level based on bad URL, User Agent, Content Type or any of the payload characteristics and behavior.
Isolating traffic of blacklisted customers: At times traffic from a set of IMSI, Device, APN or eNodeBs might need to be captured for later analysis.
These scenarios call for a smart packet broker that is flexible and quick to respond to dynamic changes.
Brocade Packet Brokers comes with a high-speed API gateway. A Probe or analytics system that wants to isolate a flow or subscriber session traffic, or replicate a session traffic to send to special purpose probe can call the API to insert traffic forwarding rules in real-time.
In the first and third use cases above, Brocade Packet Brokers feed ‘regular’ network probes that inspect the entire traffic. Whenever a subscriber IMSI is identified, the probe invokes an API requesting a Brocade Packet Broker to replicate and forward the entire subscriber session to a special purpose probe.
In the second use case, the probe invokes the API when anomalous signatures are detected in the traffic. Through the API, the probe instructs a Brocade Packet Broker to replicate the traffic of the flow and send it to a purpose-built analytics server for deeper analysis and storage.
As traffic patterns and threats evolve, operators are investing in purpose-built probes and analytics tools to mitigate them. Brocade’s flexible and programmable network packet brokers help optimize tool utilization and lower the total cost of ownership of network probes.