Weitere ähnliche Inhalte Mehr von Savvius, Inc (20) Kürzlich hochgeladen (20) Total Virtual Network Visibility1. Jay Botelho
Director of Product Management
WildPackets Show us your tweets!
jbotelho@wildpackets.com Use today’s webinar hashtag:
Ran Nahmias
#wp_virtualnetwork
with any questions, comments, or feedback.
Director, Virtualization and Cloud Services
Follow us @wildpackets
Net Optics
ran@netoptics.com
© WildPackets, Inc. www.wildpackets.com
2. Agenda
• Current Trends in Virtualization
• What Causes Virtual Network Blind Spots?
• Eliminating the Blind Spot
• Network Analysis in Virtual Environments
• Net Optics Overview
• WildPackets Overview
© WildPackets, Inc.
3. Current State of Virtualization
• 75% of large companies have implemented some form of
virtualization1
• Percentage of servers actually virtualized remains small at
approximately 10 – 15% in these companies1
• Virtual systems are a tempting target for security breaches
‒ Compromising only one layer provides access to many2
• Storage virtualization – 45% adoption; 5th most effective
strategy3,7
‒ Deduplication
‒ Thin provisioning
‒ Tiering
© WildPackets, Inc.
4. Current Trends in Virtualization
• Bundling virtualization with servers1
• SMBs get into the action4, 5
• Automation on the rise5, 6
• Better backup, recovery and live migration tools5, 6
• I/O virtualization 6
• Desktop Virtualization5, 6, 8
‒ Benefits depend on vertical industry
‒ Mobile access devices (eg. iPads) driving adoption
WildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 4
8. Hypervisor Virtual Stack Monitoring
Challenge
ESX Virtual Stack
vm1 vm2 vm3
Physical Network
Security &
Virtualization Creates Monitoring
Security, Monitoring and
Compliance Risks Virtual Switch Analyzer
• No visibility into inter-VM traffic, IDS
vulnerabilities or threats
• Lacks auditing of data passing
between virtual servers
Physical Host Server
• Inability to pinpoint resource
utilization issues
© WildPackets, Inc.
9. Phantom Virtual Tap Solution
ESX Virtual Stack with
Phantom Installed
Phantom
Controlle vm1 vm2 vm3
r
(VM)
Enables Security,
Physical Network
Performance Monitoring and Security &
Compliance Phantom Virtual Tap Monitoring
• 100% visibility of inter-VM traffic Analyzer
• Kernel implementation— Virtual Switch
no need for SPAN Ports on Virtual
Switch / Promiscuous Mode IDS
• Bridges virtual traffic to physical
monitoring tools
Physical Host Server
© WildPackets, Inc.
10. Net Optics Converged Network Solution
ESX
Phantom
vm1 vm2 vm3 Controlle
r
(VM)
Physical Server
Physical and Virtual
Analyzer
Monitoring Access Phantom Physical Server
Monitor™
• Hypervisor-specific Tap IDS
Physical Server
Hypervisor
• Purpose-built for virtualization
Encapsulated
• Monitor through Live-Migration Tunnel
(VMotion)
• TAP for each VM instance
(by VM ID)
Phantom Manager™ Director™ Indigo Pro™
• Tight Integration with VMware vCenter
• Fault-Tolerant and Non disruptive
Architecture
LAN/W
AN
© WildPackets, Inc.
11. Support for vMotion Migration
ESX 1 ESX 2
vm1 vm2 vm3 vm5 vm6
Phantom Phantom
Monitor™ Monitor™
Hypervisor Hypervisor
LAN/WAN
Phantom
Manager™
© WildPackets, Inc.
12. Net Optics Standalone Network Solution
ESX
Phantom
vm1 vm2 vm3 Controlle
r
(VM)
Physical Server
Phantom Virtual Tap
Analyzer
Standalone Implementation Phantom Physical Server
Monitor™
• Phantom Tap can be deployed as total IDS
virtualization monitoring solution Physical Server
Hypervisor
• Can capture and bridge traffic of
interest directly to select inspection
tools Encapsulated Tunnel
• No hardware required, can be installed
and deployed off of data center floor
Phantom Manager™ Indigo Pro™
LAN/W
AN
© WildPackets, Inc.
13. Phantom Virtual Tap Key Advantages
• Gain end-to-end • Achieve security, • Realize the full
traffic visibility in compliance and potential of your
the virtual performance virtual data center
environment monitoring standards
WildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 14
15. Net Optics and WildPackets
WildPackets Overview PROPRIETARY AND CONFIDENTIAL © WildPackets, Inc. 16
16. What’s The Difference?
Traditional NA – Virtual NA = 0
• All the same goals apply
‒ Monitoring/reporting
‒ Background analysis with alarms/alerts
‒ Real-time vs. post-capture analysis
‒ Network performance/application performance/VoIP
• Only the implementation is different
© WildPackets, Inc.
17. Understand Your Virtual Environment
• Traffic levels per • Baselines
virtual interface ‒ Establish and re-establish
‒ Mbps? ‒ Use Expert events for further
‒ Packets per classification
second?
‒ Packet size
distribution?
• Traffic level per
application
‒ Average rates
‒ Peak rates
‒ Weekly patterns
© WildPackets, Inc.
18. Real-time vs. Post Capture Analysis
• Real-time analysis
‒ RAM is your friend
‒ Flexible, on-the-fly changes
‒ Network utilization under 3Gbps
‒ Validating theories
• Post-capture analysis
‒ Disk capacity is your friend - steady-state traffic at 1Gbps requires:
7.68 GB/min
460 GB/hr
11 TB/day
‒ Wide-open analysis
‒ Network utilization at full line rate (10Gbps)
‒ Need to retain ALL data for post-capture analysis
‒ Forensics searches are CPU and RAM intensive
© WildPackets, Inc.
21. Introduction to Net Optics
Customers
• Financial, Telco, Enterprise, Government, Markets
Healthcare
• 85% of the Fortune 100 BRIC
• 52% of the Fortune 500 6%
• 7,500 Global Deployments APAC
16%
Highlights
N.
America
• Founded in 1996, Private, Self-Funded EMEA 60%
• 60 Quarters of Growth & Profitability 18%
• Strong Management Team
• Headquarters in Silicon Valley, USA
• Sales Offices in New York, Atlanta, Seattle,
Germany, China
Go to Market Strategy
• 30% Direct Sales
• 25% OEM/Partner Relationship
• 45% Global Channel
Technology
• Four new inventions each year
• 20+ patents and patent pending applications © WildPackets, Inc.
23. Networking Industry Trends and Pain
Points
Network must be designed for No visibility into the virtualized
scalability & agility network
New Applications Explosive Growth
Network Stability CAPEX Improvements
Low Latency Network No Compliance Monitoring
Virtualization
Data Center Consolidation Complexity
Compliance Network Link Saturation
Security
Internal/External Intrusions Speeds Oversubscription
Lawful Interception 10G 40G 100G
Cybercrime
Security must be architected in,
not a point solution Tools & instruments can’t keep up
© WildPackets, Inc.
24. Net Optics Position in the Network
Applications Layer
Protocol
Analyzers
IPS
Forensics
Performance
Data Loss
Prevention
VoIP Analyzer
Access & Control Layer Net Optics Products Solve
Indigo Pro™ Director xStream
Pro™ Taps
• Oversubscribed Analysis & Security
Aggregation Tools
Director™ Bypass
Switches
• Requirement for Total Visibility
Director xBalancer™ • Need for Multiple Tool Deployment
Phantom™ Virtual • Network Scalability
Tap
Gig Zero Delay • Visibility into Virtualization
Tap™ Regeneration
Tap™ • High Availability & Tool Redundancy
Network Layer
ESX Stack
Core Network vm Vm Vm
1 2 3
Data Center
User Access
Virtual Data
Center Phantom
Monitor™
Cloud V Switch
Hypervisor
© WildPackets, Inc.
25. Net Optics Products
Access Control Management
Bypass Switches
Indigo Pro™
Intelligent Taps
Network Taps
Virtual Tap appTap™
© WildPackets, Inc.
28. Corporate Background
• Experts in network monitoring, analysis, and troubleshooting
‒ Founded: 1990 / Headquarters: Walnut Creek, CA
‒ Offices throughout the US, EMEA, and APAC
• Our customers are leading edge organizations
‒ Mid-market, and enterprise lines of business
‒ Financial, manufacturing, ISPs, major federal agencies,
state and local governments, and universities
‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000
• Award-winning solutions that improve network performance
‒ Internet Telephony, Network Magazine, Network Computing Awards
‒ United States Patent 5,787,253 issued July 28, 1998
• Different approach to maintaining availability of network services
© WildPackets, Inc.
29. What We Do
• Provide network visibility and intelligence …
‒ WatchPoint, OmniPeek, OmniEngines
• Expert systems – we find the problems for you
• Superior drill-down capability – trouble-shoot from anywhere
• Flexible, customizable, extensible – leverage your investment
‒ Professional services, training, best practices
• For all network segments …
‒ Data center to desktop to remote office
‒ LAN, WAN, Wireless …
‒ HTTP, Email, Database, VoIP, Video …
• To …
‒ Network engineers; IT Management; Developers
© WildPackets, Inc.
30. Real-World Deployments
Education Financial Government
Health Care / Retail Telecom Technology
© WildPackets, Inc.
31. Product Offerings
Software and Turnkey Appliances
• Enterprise Monitoring and Reporting
‒ WatchPoint Server
‒ OmniFlow, NetFlow, and sFlow Collectors
• Network Probes & Recorders
‒ Omnipliance Network Recorders – Edge, Core
‒ TimeLine Network Recorder
‒ OmniAdapter Analysis Cards
• Distributed Analysis Software
‒ OmniPeek – Enterprise, Professional, Basic, Connect
‒ OmniEngine – Enterprise, Desktop, OmniVirtual
• Portable Solutions
‒ OmniPeek software
‒ Omnipliance Portable
© WildPackets, Inc.
32. TimeLine Network Recorder
11.7Gbps Sustained Capture
• Fastest network recording and real-time statistical
display — simultaneously
‒ Network statistics display in TimeLine visualization format
• Rapid, intuitive forensics search and retrieval
‒ Historical network traffic analysis and quick data rewinding
‒ Several pre-defined forensics search templates making
searches easy and fast
• A natural extension to the WildPackets product line
• Turnkey bundled solution
© WildPackets, Inc.
33. Omnipliance Network Recorders
Price/performance solutions for every application
Portable Edge Core TimeLine
Ruggedized Small Networks / Regional Offices / Datacenter
Troubleshooting Remote Offices Small Datacenter Workhorse
Chassis 1U 3U 3U
Memory 2 GB / 8 GB 4 GB / 8 GB 6 GB / 24 GB 18 GB / 24 GB
Expansion 1 PCI-E / 2 PCI-X 1 PCI-E or 1 PCI-X 4 PCI-E 4 PCI-E
Storage 500 GB / 2.5 TB 1 TB 8 TB 8 TB / 16 TB / 32 TB
© WildPackets, Inc.
34. Key Differentiators
• High-level network monitoring to root-cause analysis
• Single solution for today’s converged networks
‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV
• Reduce and even eliminate network downtime
‒ Automated monitoring 24x7
‒ Speedy resolution of network bottlenecks
• Improve network and application performance
• Uniquely Extensible Platform – tailored to your needs
‒ Plug-ins and APIs for integration and customization
© WildPackets, Inc.
35. Q&A
Show us your tweets!
Use today’s webinar hashtag: Follow us on SlideShare!
Check out today’s slides on SlideShare
#wp_virtualnetwork www.slideshare.net/wildpackets
with any questions, comments, or feedback.
Follow us @wildpackets
© WildPackets, Inc. www.wildpackets.com
36. Thank You!
WildPackets, Inc. Net Optics, Inc.
1340 Treat Boulevard, Suite 500 5303 Betsy Ross Drive
Walnut Creek, CA 94597 Santa Clara, CA 95054
(925) 937-3200 (408) 737-7777
© WildPackets, Inc. www.wildpackets.com