MONITOR TRAFFIC EVERYWHERE,
DELIVER TRAFFIC ANYWHERE
Big Tap is an advanced network monitoring application that leverages a high-performance OpenFlow-enabled Ethernet switch fabric to provide the most scalable and flexible monitoring network to tap traffic everywhere in your network and deliver it by policy to any of your performance monitoring or security tools. Big Tap delivers ubiquitous network monitoring functions, optimizing the utility of security tools, monitoring tools, and network packet brokers (NPBs). Big Tap provides unprecedented visibility into application traffic, getting the right traffic to the right tool at the right time.
Traditional Network Monitoring Challenges
Network monitoring is a critical function for debugging, monitoring performance, and enforcing security compliance in all networked environments. While network monitoring is a powerful tool, it is underutilized in the average network due to the excessive cost to deploy and the inflexibility of managing at scale using conventional monitoring architectures.
In a traditional networking monitoring deployment, monitoring appliances must be directly connected to each network tap or SPAN port. If you want to create network-wide visibility, you must either manually connect target network segments to the monitoring appliances; or, you must purchase and deploy expensive security and monitoring appliances at each network segment. As a result, only a small segment of your network traffic is typically available to network security and performance monitoring tools. And, typically silos of monitoring networks must be deployed and supported for each IT function – server admins, network admins and security operations.
New network monitoring aggregation tools have been brought to market to address these challenges, but they still present significant flexibility and scalability challenges. The relatively inflexible and expensive nature of networking monitoring and network taps imposes undesirable limitations on how, when, and where network traffic can be inspected. To complicate things further, the migration of networks from 1Gbps to 10Gbps to 40Gbps creates further scalability challenges and introduces unnecessarily high implementation costs for the monitoring and security appliances trying to ingest data at these rates.
NETWORK MONITORING WITH BIG TAP: Big Tap orchestrates an OpenFlow fabric to filter and deliver traffic from any TAP/SPAN port to any tool.
The Solution: Big Tap
Big Tap is a proactive SDN application that leverages the flexibility and programmability of the Open SDN architecture to create an elastic network monitoring fabric on top of high-performance, OpenFlow-enabled Ethernet switches that can dynamically deliver targeted network flows to your security and monitoring tools.
Enterprise-Wide Network Visibility
Utilizing OpenFlow-enabled Ethernet switches, Big Tap creates a centrally controlled monitoring network fabric to filter all monitored traffic by policy, to selectively modify packets using NPBs, and to deliver traffic to any number of targeted performance monitoring or security tools. Big Tap can program OpenFlow switches to filter terabits of incoming traffic through multiple match conditions to reduce traffic rates to monitoring appliances, and replicate traffic to multiple appliances or numerous other traffic filters. Big Tap optimizes tool and NPB utilization and increases the scope, usability, and performance of your entire network monitoring system while dramatically reducing the cost of building monitoring networks.
Programmable Fabric Supports Multi-Tenant Network Monitoring and Eliminates Silos of Tools
Big Tap creates a unified network monitoring domain that enables network operators to create dynamic filtering and delivery policies between any identified network flow and any downstream tool, while at the same time providing multi-tenancy features to securely support the monitoring needs of various group within the IT organization.
Big Tap supports role-based access control (RBAC) and associated user views, so roles can be assigned by administrators and enforced during authentication that limit the switches, ports, and filter rules available to users. With Big Tap RBAC support and the user interface, IT organizations can enable monitoring support for multiple end user groups across different business units in a segmented way without having to build and maintain separate monitoring networks for each user organization or function.
Using RBAC, network administrators can, for example, delegate select protocol or network flows to application admins without exposing other extraneous network traffic and without creating a security compliance risk associated with broader network access. User views and RBAC enable self-service monitoring, including simultaneous monitoring of the same flows by disparate parties (within their respective user view permissions).