Data Center

I Can See (My Network) Clearly Now!

by skhanna on ‎09-22-2016 01:59 PM (3,112 Views)

Let’s look inside traffic intersections in a city. How do you determine what types of cars are passing through an intersection, whether there are any accidents or if cars are ignoring traffic lights? Even more ambitious, can you tell if a stolen car is passing through an intersection or if other lurking events could be unfolding?

 

Until very recently, there was no easy way to identify most of these situations. But as cameras and sensors are increasingly placed in traffic intersections, police and city operators are often able to get much more detailed information on traffic passing through the intersection —and even on the characteristics of the cars.

 

For example, the US city of Medina identifies stolen cars passing through traffic intersections by using license plate reading cameras. The US state of Utah uses traffic sensors and cameras to determine congestion on state roads and distributes this information to the public to ease their daily commutes. And the city of Groningen in Netherlands uses sensors at intersections to detect rain, using this information to increase safety for cyclists ensuring they get more green lights in bad weather. Figure 1 shows traffic intersections in major cities and a depiction of the kinds of sensors that make them visible

 

Picture Network and Sensors 3.jpg                                                         Figure 1: Traffic Intersections in Major Citiies and Sensors at an Intersection

 

These technologies provide more visibility to the respective agencies in various cities, enabling them to take actions to reduce crime and accidents and serve their residents better.

 

Now, let’s take a look at a network: a router or a switch is placed at the interconnection of many links and serves as a traffic intersection. Packets passing through the router are analogous to cars passing through an intersection. This is an ideal place to collect information and provide visibility to operators.

 

To date, however, the information provided at this point in the network is typically limited to aggregate statistics or switch state. There’s almost no information on packet flows passing through the device. This limits an operator’s ability to troubleshoot the network or determine if the network is experiencing a Distributed Denial of Service Attack (DDoS) attack. In response to this limitation, vendors typically suggest replicating the traffic to an external analytics device to gain the needed visibility into the traffic flows. These solutions tend to be very expensive and complex, and the resultant information is often too old to be properly actionable.

 

As part of our SLX 9850 routing solution, Brocade is directly addressing this new insatiable need for network traffic visibility with the Brocade SLX Insight ArchitectureTM. Just like cameras and sensors at traffic intersections, every Brocade SLX has a built in visibility engine that provides instant information on traffic going through the router.

 

The result: no more messing with span ports or expensive investments in off box analytics solutions. With the SLX Insight Architecture running on the Brocade SLX 9850 router, operators can access real time information on packet flows (Figure 2). Customers can better monitor and troubleshoot the network by having the information readily available right on the device itself. This improves service and application assurance while simplifying operations and dramatically reducing costs.

 

Picture Insight Arch network diagram.png

                                                                   Figure 2: Brocade SLX Insight Architecture in a Data Center Network

 

 

The Brocade SLX Insight ArchitectureTM supports running of popular analytics and visibility applications such as Wireshark and tcpdump on the SLX platform itself, as shown in this video. Network operators can use this information to debug network problems, monitor SLAs, identify DDoS attacks, determine hot spots, and perform other tasks depending on their needs. All of this is accomplished without affecting the original network traffic and with no performance hit on the device, as illustrated in the animation shown here. Operators can even take corrective action by identifying and dropping DDoS flows, sending malicious flows to a DDoS scrubber, moving traffic away from hot spots, or changing routing metrics.

 

The possibilities with the Brocade SLX Insight ArchitectureTM are endless, which is why we’re confident that we all will be singing 

 

For more information, check out the following:

Video on Brocade SLX 9850: Visibility with the Insight Architecture

Brocade SLX Insight Architecture Overview

Brocade SLX 9850