Absolutely, but I’m not going to say what you think. I’m going to shift from talking about the traditional network or network virtualization solutions that have been getting all of the attention lately. There are still companies out there building new products that leverage black box vertically integrated hardware and software. The two markets that could lose out to commodity hardware are network visibility fabrics and intelligent network load balancing. In this post, I’ll focus on visibility fabrics and save the latter for my next post.
Network Visibility Fabrics
I was first made aware of this technology about 2-3 years ago from companies like Gigamon and VSS Monitoring. They provide black boxes with cool software that operate as matrix switches. It is slick technology and fixes real problems when it comes to efficiently deploying monitoring tools and dealing with the limited number of SPAN sessions supported on switch platforms, and of course aggregating large amounts of data when TAPs are used. The solutions from these vendors come in all shapes and sizes varying from 1G devices to 40G devices that would aggregate SPANs and TAPs. If you dig deeper, these black boxes are receiving traffic (source = SPAN/TAP) and taking an action (forward to monitoring tools). You can get granular with what and when you want to forward to a tool (think about the criteria used to develop an ACL or in this case, flows you want to capture). For example, you can forward SPAN traffic to the matrix switch, then forward ALL traffic to your APM, and then only traffic from a particular source to your IPS, and then if you want, send other types of traffic as you define them, to yet other tools. And that is all by using just one SPAN session – a great way for SPAN re-use. Think about designs that can do one SPAN source to many tools or have many sources to one or many tools.
While I may be oversimplifying this to get my point across, these black boxes could be taken out and any OpenFlow enabled switch could do the trick and managed with an OpenFlow controller. Solutions like this are already out such as Big Switch’s BigTap solution. At Cisco LIVE, Cisco talked about their upcoming SDN application called Monitor Manager that will effectively be doing the same thing leveraging Cisco Nexus switches and a Cisco SDN controller. Companies could even get away with writing their own application that sits on top of an open source controller.
I was first made aware of this technology about 2-3 years ago from companies like Gigamon and VSS Monitoring. They provide black boxes with cool software that operate as matrix switches. It is slick technology and fixes real problems when it comes to efficiently deploying monitoring tools and dealing with the limited number of SPAN sessions supported on switch platforms, and of course aggregating large amounts of data when TAPs are used. The solutions from these vendors come in all shapes and sizes varying from 1G devices to 40G devices that would aggregate SPANs and TAPs. If you dig deeper, these black boxes are receiving traffic (source = SPAN/TAP) and taking an action (forward to monitoring tools). You can get granular with what and when you want to forward to a tool (think about the criteria used to develop an ACL or in this case, flows you want to capture). For example, you can forward SPAN traffic to the matrix switch, then forward ALL traffic to your APM, and then only traffic from a particular source to your IPS, and then if you want, send other types of traffic as you define them, to yet other tools. And that is all by using just one SPAN session – a great way for SPAN re-use. Think about designs that can do one SPAN source to many tools or have many sources to one or many tools.
While I may be oversimplifying this to get my point across, these black boxes could be taken out and any OpenFlow enabled switch could do the trick and managed with an OpenFlow controller. Solutions like this are already out such as Big Switch’s BigTap solution. At Cisco LIVE, Cisco talked about their upcoming SDN application called Monitor Manager that will effectively be doing the same thing leveraging Cisco Nexus switches and a Cisco SDN controller. Companies could even get away with writing their own application that sits on top of an open source controller.
What will be interesting to see is how companies like Gigamon and VSS Monitoring shift strategy, embrace OpenFlow/SDN, and/or modify their pricing strategy. While there has been a few exits from the Big Switch team to Cisco and Insieme, they recently lost another, but not to a traditional network company.
VSS Monitoring hired former senior director Andrew Harding rom Big Switch just a few weeks ago. Of course, there were some nice tweets of saying good bye to each other as you can see --- this seems like it was an amicable departure, but can this also mean VSS is prepping for a next gen solution leveraging OpenFlow technology aiming to compete with Big Switch?
VSS Monitoring hired former senior director Andrew Harding rom Big Switch just a few weeks ago. Of course, there were some nice tweets of saying good bye to each other as you can see --- this seems like it was an amicable departure, but can this also mean VSS is prepping for a next gen solution leveraging OpenFlow technology aiming to compete with Big Switch?
Thanks for reading.
-Jason
Twitter: @jedelman8
-Jason
Twitter: @jedelman8
RSS Feed
