TAP Phantom HD - Site de François Janssens

traffic filtering and pre-processing of packets captured in virtual environments. Phantom HD can act as a ... The Phantom HD can tunnel traffic of interest to central NOCs, including ... map Virtual. Interface IDs of VN-Tag headers into VLAN IDs.
Télécharger le PDF
2MB taille 5 téléchargements 44 vues
commentaire
Report
Data Sheet I Phantom HD

Limitless Network Access Solution Data centers are virtualizing at breakneck speed, but the monitoring infrastructure often struggles to match that pace. Now, Net Optics’ Phantom Solution™ uses the Phantom HD™ appliance to ease the virtualization transition by converging the physical and virtual monitoring infrastructures. Net Optics Phantom Solution for monitoring in a virtualized computing environment consists of four key components:

Phantom HD can also be deployed in ‘reverse’ to encapsulate raw traffic from virtual or physical devices and to send it to remote locations for processing.

The Phantom™ Virtualization Tap installs in the hypervisor kernel of each server. It provides visibility to all server traffic including inter-VM traffic. Based on policy, traffic of interest is captured and forwarded.

The Director™ / Director xStream™ / xBalancer™ Data Monitoring Switch family is an optional component that easily integrates with the Phantom HD, aggregates raw traffic from the Phantom HD with traffic from physically monitored sources, and filter and switch it to monitoring tools.

The Phantom HD™ is a purpose built, high-throughput appliance for network traffic filtering and pre-processing of packets captured in virtual environments. Phantom HD can act as a termination point for the traffic captured by Net Optics Phantom Taps. Captured traffic is decapuslated and processed. It is then sent to the Net Optics Director family for distribution to instrumentation layer tools for inspection and monitoring.

Physical monitoring tools are the final component of the Phantom Solution for performance, security, and compliance monitoring in the virtualized environment.

Phantom HD Capabilities High-Throughput Encapsulation/Decapsulation

Packet Manipulation

The Phantom HD terminates tunnelled captured traffic from Phantom Virtualization Taps or other sources. It decapsulates the traffic and reassembles fragmented packets.

VN-Tag Stripping with Packet Forwarding — the Phantom HD can be configured to remove VN-Tag headers from the captured packets.

The Phantom HD can tunnel traffic of interest to central NOCs, including off-site instrumentation layer tools for auditing, inspection and archiving.

Packet Filtering The Phantom HD can perform initial filtering of captured packets based on the set of rules specified by an administrator. Filtering rules can contain any combination of L2 and L3/L4 packet header fields, including VN-Tag ingress and egress virtual interface ID.

Phantom HD At a Glance • Supports high-throughput monitoring of all virtualized data center traffic with Net Optics Phantom Virtualization Tap • Delivers overall capacity of 40 Gbps in 1U rack-mount appliance • Encapsulates or decapsulates tunneled traffic at 10 Gbps per port • Initiates and terminates encapsulation tunnels

VN-Tag Mapping — the Phantom HD can be configured to map Virtual Interface IDs of VN-Tag headers into VLAN IDs. This allows monitoring tools to gain further visibility into captured traffic. MPLS Stripping - Phantom HD™ is capable of striping and removing MPLS headers. Cisco FabricPath Header Stripping — Phantom HD is capable of decapsulating and stripping Cisco FabricPath headers.

Packet Forwarding After decapsulation, filtering and VN-Tag processing step, the Phantom HD forwards packets to an egress port and optionally a VLAN as determined by the filtering rules.

• Enables routing of data from data centers to central monitoring facilities • Handles fragmentation and defragmentation of packets

• Enables monitoring of virtual network traffic in a virtualized computing infrastructure that is unable to process VN-Tags

• Net Optics Phantom HD™ easily integrates with Director™ / Director xStream™ / xBalancer™

• Improves network visibility and security threat-management in virtualized computing environments

• Optimized for use with Net Optics Phantom Virtualization Taps

• Reduces packet payload overhead before it reaches instrumentation layer tools

Data Sheet I Phantom HD

High-Throughput Tunneling and Advanced Routing Appliance

Phantom™ Virtualization Tap (Data Center) vm 1

vm 2

Physical Server

Phantom HD™

vm 3

Physical Server

Remote Site

Encapsulate data and send it securely to another location for decapsulation

Phantom Monitor™

Encapsulated Traffic

V Switch

LAN/WAN

Hypervisor

VN-Tag / FabricPath Traffic

Phantom HD™ VN Tag Stripping with Packet Forwarding

Phantom HD™ Stripped Traffic

Decapsulated Traffic

Decapsulates data from virtual and physical sources and sends it to Director

Net Optics Director xStream™ *

Physical Server

Aggregates raw traffic from the Phantom HD with traffic from physically monitored sources, and filters and switches it to monitoring tools, or to an additional Phantom HD for VN Tag Stripping.

Physical Server

* Phantom HD™ easily integrates with Net Optics Director™ / Director xStream™ / xBalancer™

Physical Server Analyzer 01

Forensics

IDS

Analyzer 02

The Phantom HD modifies data streams from virtual servers and works with Net Optics Network Access and Management Solutions. It also aggregates traffic from remote facilities to your destination of choice. Specifications, chassis Functional Purpose: Encapsulates/decapsulates tunneled traffic for extraction and transport of packets to monitoring switch or tool. Advanced header manipulations for visibility of raw packets. Tunneling protocol: GRE, RSPAN, ERSPAN Fragmentation: Automatic defragmentation Throughput: Up to 20 Gbps full-duplex Device management: Direct (SSH), or through Net Optics Director (requires software version 5.x and above). Director management is separate Operating Operating temperature: 0˚C to 35˚C Storage temperature: -10˚C to 70˚C Relative humidity: 10% min, 95% max, non-condensing Mechanical Dimensions: 1.75” high x 23.5” deep x 19” wide Mounting: 19” rack mount (1U) Weight: 26 lbs (11.8kg)

Ports Tunnel in: Up to (2) 10 Gbps SFP+ Data out: Up to (2) 10 Gbps SFP+ Management: 100 Mbps RJ-45 Console: RS-232 serial DB9 Electrical Specifications Power: 100-240VAC, 47-63Hz 650W PFC Redundancy: Dual modules Maintenance: Power supplies are hot-swappable Indicators Power, disk activity, network 1 activity, network 2 activity, over-temperature warning Certifications FCC, CE, VCCI, and C-Tick certified Fully RoHS and WEEE compliant System Requirements Net Optics Phantom Virtualization Tap or other source of tunneled traffic Warranty All products require an advanced replacement service plan. Service plans with 1 to 5 years coverage are available.

Part Numbers PT-HD-10-E Phantom HD Appliance, 10G Throughput, Encapsulation PT-HD-10-D Phantom HD Appliance 10G Throughput, Decapsulation PT-HD-20-EE Phantom HD Appliance 20G Throughput, Encapsulation PT-HD-20-DE Phantom HD Appliance, 10G Throughput, Encapsulation 10G Throughput, Decapsulation PT-HD-20-DD Phantom HD Appliance, 20G Throughput, Decapsulation SFP Transceiver Module Kits*: SFP+KT-50SR Module Kit, 10G, Multimode, Fiber, 50µm, w/Cable SFP+KT-SR Module Kit, 10G, Multimode, Fiber, w/Cable SFP+KT-LR Module Kit, 10G, Singlemode, Fiber, w/Cable * One SFP+ transceiver module is required in Director / Director xStream / xBalancer to connect to Phantom HD

Net Optics® is a registered trademark of Net Optics, Inc. Copyright 1996-2012 Net Optics, Inc. All rights reserved. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged. 815-0031-001 PUBPHDD Rev A 6/12

ELEXO - Téléphone : 01 41 22 10 00 - Fax : 01 41 22 10 01 - [email protected]