Software-Defined

Programmable Packet Brokers for On-Demand Network Visibility

by Jude Vedam ‎01-18-2016 12:21 AM - edited ‎01-19-2016 09:12 AM (4,001 Views)

A typical mobile operator today serves several million connections and a sizable share of these connections originate and terminate from machines. This phenomenon is expected to grow substantially and will in the not too distant future represent a larger share of the overall traffic.  

 

Frequently, a small part of the overall traffic requires deeper analysis than the remaining traffic. With the exploding growth of mobile data, identifying and selecting relevant traffic flows becoming challenging – like searching for needles in the haystack.  Some examples include:

  • VIP customer support: Operators would like to closely monitor VIP customers and identify issues proactively, before they are raised by the customer.
  • Identifying bad and malicious traffic: Operators might want to capture and analyze the packets offline within a flow-level based on bad URL, User Agent, Content Type or any of the payload characteristics and behavior. 
  • Isolating traffic of blacklisted customers: At times traffic from a set of IMSI, Device, APN or eNodeBs might need to be captured for later analysis. 

These scenarios call for a smart packet broker that is flexible and quick to respond to dynamic changes.Programmable Packet Brokers for On-Demand Network Visibility

 

Brocade Packet Brokers comes with a high-speed API gateway. A Probe or analytics system that wants to isolate a flow or subscriber session traffic, or replicate a session traffic to send to special purpose probe can call the API to insert traffic forwarding rules in real-time.

 

In the first and third use cases above, Brocade Packet Brokers feed ‘regular’ network probes that inspect the entire traffic. Whenever a subscriber IMSI is identified, the probe invokes an API requesting a Brocade Packet Broker to replicate and forward the entire subscriber session to a special purpose probe.

 

In the second use case, the probe invokes the API when anomalous signatures are detected in the traffic. Through the API, the probe instructs a Brocade Packet Broker to replicate the traffic of the flow and send it to a purpose-built analytics server for deeper analysis and storage.  

 

 

Benefits

 

As traffic patterns and threats evolve, operators are investing in purpose-built probes and analytics tools to mitigate them. Brocade’s flexible and programmable network packet brokers help optimize tool utilization and lower the total cost of ownership of network probes.