1 Optimized Network Monitoring Four ways matrix switching streamlines data center operation, reduces costs and positions IT for growth WHITE PAPER MARCH 2008 APCON, Inc. T F
2 2 INTRODUCTION Companies rely on their networks more than ever to serve customers and stay competitive in the marketplace. From banking and investment to travel and entertainment, IT infrastructure has become the keystone upon which business is conducted. Thus the holy grail for today s savvy IT organization is not only resolving network issues quickly, it s in preventing them from occurring at all. A robust network monitoring program enables your IT group to stay a step ahead scrutinizing the network and addressing issues before they become meltdowns. But with the budget cutbacks and corporate downsizing affecting corporate America today, how does the intrepid IT manager keep up?
3 3 SIMPLIFY INFRASTRUCTURE & PROVIDE SECURE, REMOTE ACCESS Adding a highly engineered matrix switch, or an array of switches, to a data center infrastructure is a significant step in the right direction. Its four key enablers are outlined below. But from the perspective of overall value, the benefits of a matrix switch are that it will: - Simplify network structure - Fully utilize available monitoring devices and reduce the cost of expanding network monitoring capabilities - Provide remote access for multiple users - Increase physical security of the network There are numerous matrix switches available in the market today. But not all can or will address the pain points an IT manager has to deal with, especially in a complex environment. To this, we submit that if a particular switch speaks to the following four key factors, it is well worth considering. 1. Connectivity In this area, a top notch switch offers such functionality as: Embedded Firmware Specifically an embedded web GUI, so there is no software to install and maintain. This saves staff time and eliminates the need to upgrade each client with every new bug fix and product enhancement. By simply upgrading the embedded software, every user who accesses the switch will be working with the latest firmware build. Web Browser Access Staff can simply launch their favorite web browser and enter a customer-defined IP address to the switch to be granted secure, remote access. In a case where the IP network is down, the switch also offers a console port by which users can still securely and remotely access the switch with an SSH connection.
4 3 4 Signal Regeneration Networks can experience signal degradation due to the length of connections, dirty connectors, old cable infrastruc ture and other hardware issues. If the incoming signal (copper or fiber) has low signal strength, a well engineered switch will fully regenerate each connection to full signal strength, making sure that the two end devices can talk to each other. Digital Diagnostics Optimally, switches should enable users to see the digital diagnostics for each optical port via an embedded web GUI. Look for a switch that can pull optical characteristics. These would include Tx and Rx signal strength, current bias, temperature, voltage, data rates and protocols supported, fiber type, part numbers, and serial numbers on a per-optical-port basis. Cable Test It s best to have a cable test feature embedded in firmware that enables clients to apply degradation to the receive side of each optical transceiver by.05dbm, so they can see a color-coded change as the signal gets worse. Allowing quick checks for any bad optical cables more than pays for itself when there are hundreds of optical connections involved and staff is trying to pinpoint an issue that may be related to a $25 cable. 2. Scalability True scalability is defined in these terms: Platform for Expansion A switch should allow for partial population of its chassis, thereby leaving room for future expansion. By installing a larger density switch and partially populating it, customers can reduce the number of chassis to manage and pay for at one time and allow for future growth. Mix and Match Capability Users should be able to mix and match media in the same chassis, supporting interfaces from T1 to 10Gig both copper and fiber. On a per-port basis optically, clients can then mix and match different data rates and protocols. For example, A01 could be GigE SM fiber running 1310nm while port A02 is GigE MM fiber running 850nm. The switch can logically patch those two ports together because they are the same data rates and protocols, and can thereby talk to each other. Some switches offer even greater flexibility in that clients can have different protocols and data rates optically on the same blade. An example of this would be port A01 supporting GigE SM fiber, 850nm, while port A02 is SONET OC3, MM fiber running 1310nm. Port A03 could be Fibre channel 1,2, or 4 Gig and so on.
5 5 Flexible Monitoring Customers using Fibre channel packet capturing tools for network monitoring should also be able to electronically rove these devices for SAN monitoring in the same chassis as the Ethernet for SPAN port monitoring. Where a switch supports interfaces from T1 to 10Gig, using the same monitoring type port on a networking device or net work taps, clients can perform monitoring at any aspect of their network. Data-Rate Selection This allows both copper Ethernet and optical Ethernet ports to be set to different data rates (for example having the copper Ethernet blades set to data rates on a per-port basis of 10/100/1000 Mbps). If the appropriate optical transceivers are populated on the switch blades, the fiber Ethernet ports can also be independently configured for 100/1000 Mbps. Media Conversion The best switch products provide the ability to connect a copper port to a fiber port. They also provide the flexibility of connecting a single mode fiber port to a multi-mode fiber port. Neither of these connections requires a media conversion device, as this function can be performed internally with the appropriate blades resident on the switch. 3. Flexibility It will be realized in switches with capabilities such as: Any-to-Any Matrix Switches should provide a significant monitor-portsto-monitor-tools ratio in the matrix configuration. With switches offering up to 288-ports per chassis, packet capturing or network monitoring is simplified for all layers of the data center (core, distribution, access and DMZ). Port Naming A well engineered switch will allow users to customize the names of its ports, so they can identify connections by device name/ type and location, or another naming convention that is meaningful to them. For example, a port might be named datacenter-floor2 or snifferdevice-rack2. Having a field of up to 255 characters is the most helpful.
6 6 Common Chassis Management Regardless of the chassis deployed, it s best if the management interface is exactly the same for each switch. It s even better if the switch offers a centralized management interface that provides secure, remote control of multiple switches from a single screen. This continuity will reduce training efforts and simplify user operation. Real-Time Current Patches A switch interface equipped with a current patches screen takes the guesswork out of determining which ports are connected. This screen shows, in real-time, the port numbers of the switch that are connected and the port number to which the monitoring tools are connected. If the same SPAN port is connected to multiple tools, the current patching screen will show this in real-time. User simplicity of viewing will be enhanced if both the ports and the port names are fields that can be sorted. Zoning An administrator will appreciate the ability to create zones, which offers the ability to divide the chassis up per port, per user. Therefore, if the administrator does not want other users to have access to certain ports (i.e., IDS), he/she could create a zone and add these ports to that zone so no other users would have access. Import/Exporting Chassis Configurations Firmware that allows clients to export the configuration of the chassis to store for backup is a good choice. It also allows clients to make minor edits to that XML file and import the XML file into new chassis deployments to simplify new installations. SNMP Switches supporting SNMP will give clients the ability to get SNMP traps such as temperature and power failure for example. Syslogs If members of the IT staff are using a Syslog server, they will have the ability to see time stamps per user on changes that occur within the switch. 4. Security How best to achieve it? Secure, Remote Access Once logged in, customers can have the ability to secure remote access by forcing SSL or https, and forcing SSH for the CLI connections.
7 7 Reduced Access To The Data Center Companies with a manual patching process that requires employ ees to access a data center with each patching change are open to user patching errors. The goal is to reduce the likelihood where users can accidentally pull the wrong cable and cause network outage. The best switches increase security in customer data centers by eliminating the users need to access the facility each time they want to change a patch from the monitoring tool to a different SPAN or Tap port. This also will significantly reduce the MTTR (Mean-Time-To-Repair) by eliminating the manual process of accessing the data center to change patches. User Authentication Switches that offer the ability to use existing RADIUS or TACACS+ servers to provide secure user authentication are preferable because they streamline user logins. As a results, users with multiple network devices will be able to use a single login for multiswitch access. Security Blade With the unique function of a security blade, users no longer have the option of accidentally making a full duplex connection when connecting a SPAN port to a monitoring tool. The security blade will force all simplex connections, eliminating user error and preventing traffic from accidentally being sent back in the direction of a monitoring tool. SPAN Port Safety Logic SPAN port safety logic prevents users from accidentally connecting SPAN ports and creating an infinite network loop leading to a catastrophic failure. Port Locking Port locking allows users to lock ports down while doing packet capturing between SPAN ports and monitoring tools so another user does not accidentally take down a connection. This is helpful when multiple users are accessing the same SPAN ports at the same time. Users have the flexibility of locking down the SPAN port and the monitor ing tool, or simply the monitoring tool, which would allow other users to take that same SPAN port and multicast the same traffic to another tool to further analyze the traffic patterns.
8 8 SAVINGS With top notch Layer 1 matrix switches come cost and time savings. Key examples include the following: Fewer Switches To Manage Switches that scale to 288 ports in a single chassis can significantly reduce the number of matrix switches and monitoring tools to manage. With other low-density matrix switches, customers need to purchase additional tools each time they exceed the port capacity of an existing matrix switch. Reduction in Monitoring Devices Customers are able to limit the number of monitoring tools required at any given time, rather than basing the requirement on the number of matrix switches available. The best matrix switches provide the ability to remotely move and share expensive monitoring devices across an entire network. Reduced Power Consumption Data centers nationwide are getting greener with close attention paid to power consumption and heating/ cooling systems. Leading switch providers are helping companies utilize power more efficiently by optimizing use of network devices reducing the number of devices necessary to achieve monitoring and testing goals and using them efficiently. Fewer matrix switches also means fewer power outlets are required for each rack. SUMMARY Network monitoring systems in the data center industry are becoming increasingly complex, with multiple layers of technology needing to work hand-in-glove and increased security concerns making remote access a priority. With the deployment of a solution that offers both increased flexibility and connectivity, as well as scalability for future expansion, companies have the opportunity to experience an ROI in the hundreds of thou sands of dollars, hundreds of hours of staff time and increased security.
9 9 ABOUT APCON APCON, Inc., a pioneer in the field of physical layer technology, is globally recognized as the leading provider of matrix switching solutions. APCON s customer list includes Fortune 500 companies, networking and computer OEMs, government and military organizations, telecommunication and service providers, financial services firms, and medical companies. Being the total solution means that APCON provides both hardware and software for managing physical layer connections. In fact, APCON is the only company today that offers a single-sourced integrated solution. With thousands of systems installed in over 30 countries, APCON is the leader with unique solutions for both test labs and production network environments. APCON, Inc SW Pioneer Court Wilsonville, Oregon T: F:
Managing the Data Center One Rack at a Time No Limits Software White Paper #6 By David Cole 2013 No Limits Software. All rights reserved. No part of this publication may be used, reproduced, photocopied,
Choosing IT Service Management Software What to look for in an IT Service Management solution Monitor 24-7 Inc. www.monitor24-7.com email@example.com 1 416 410 2716 1 866 364 2757 Introduction Service
Industrial Ethernet: A Control Engineer s Guide Abstract As part of a continuing effort to make their organizations more efficient and flexible, manufacturers are rapidly migrating to Industrial Ethernet
Best Practices for Deploying and Managing Linux with Red Hat Network Abstract This technical whitepaper provides a best practices overview for companies deploying and managing their open source environment
Charter Business : White paper SIP Trunking: A new voice in communications service WHITE PAPER With the rise of next-generation technology, business customers have more options than ever from providers
VoIP Solutions Guide Everything You Need to Know Simplify, Save, Scale VoIP: The Next Generation Phone Service Ready to Adopt VoIP? 10 Things You Need to Know 1. What are my phone system options? Simplify,
SIP Trunking Deployment Models: Choose the One That Is Right for Your Company SIP Trunking Deployment Models: Executive Summary Transitioning to Session Initiation Protocol (SIP) trunking is a strategic
DATA CENTER DESIGN White Paper JAN KREMER CONSULTING SERVICES Data Center Design White Paper Page 1 TABLE OF CONTENTS 1. INTRODUCTION... 4 1.1. DOCUMENT OUTLINE... 4 2. GENERAL DESIGN PRINCIPLES... 5 2.1.
IP TELEPHONY POCKET GUIDE BY BARRY CASTLE 2nd Edition September 2004 ShoreTel, Inc. 960 Stewart Drive Sunnyvale, CA 94085 408.331.3300 1.800.425.9385 www.shoretel.com firstname.lastname@example.org TABLE OF CONTENTS
With hundreds of Help Desk software packages available, how do you choose the best one for your company? When conducting an Internet search, how do you wade through the overwhelming results? The answer
Firewall Strategies June 2003 (Updated May 2009) 1 Table of Content Executive Summary...4 Brief survey of firewall concepts...4 What is the problem?...4 What is a firewall?...4 What skills are necessary
How Unified Communications Improves Business Managed VoIP Services and Unified Communications Designed for Small and Medium Businesses Executive Summary Change Re-defines Communications Demand for increased
HP Performance Engineering Best Practices Series for Performance Engineers and Managers Performance Monitoring Best Practices Document Release Date: May 2009 Software Release Date: May 2009 Legal Notices
VoIP 101: An introduction to the basics of Voice over Internet Protocol How to guide Introduction You may have heard of VoIP that it s the future of telephone service, and that you can save a lot of money
HP Performance Engineering Best Practices Series for Performance Engineers and Managers Performance Monitoring Best Practices Document Release Date: 201 Software Release Date: 2014 Legal Notices Warranty
Outsourcing Network Support: The Surprising Strategy That Helps You Spend Less for Higher Uptime How small and medium-sized businesses (SMBs) are outsourcing network support to reduce spending, improve
The Definitive IP PBX Guide Understand what an IP PBX or Hosted VoIP solution can do for your organization and discover the issues that warrant consideration during your decision making process. This comprehensive
CHAPTER 1 LAN Design Objectives Upon completion of this chapter, you will be able to answer the following questions: How does a hierarchical network support the voice, video, and data needs of a small-
How to Successfully Select and Implement a Hosted VoIP System Written by Igal Rabinovich, CEO IT Help Central How to Successfully Select and Implement a Hosted VoIP System Page 1 TABLE OF CONTENTS EXECUTIVE
SAN Design and Best Practices Version 2.3 A high-level guide focusing on Fibre Channel Storage Area Network (SAN) design and best practices, covering planning, topologies, device sharing in routed topologies,
HP B6200 Backup System Recommended Configuration Guidelines Introduction... 3 Purpose of this guide... 4 Executive summary... 4 Challenges in Enterprise Data Protection... 4 A summary of HP B6200 Backup
White Paper Creating and Implementing an Enterprise Cloud Strategy David Linthicum Blue Mountain Labs Introduction Cloud computing is about the ability to share IT resources more efficiently. Thus, the
Guide to Selecting a New IP Business Phone System A guide to identifying, selecting, purchasing and installing a new IP business phone system. By Trevor Jones, Director of Marketing & Product Development,
JULY 2004 WHITE PAPER Scaling Enterprise Mobility Deployments with Integrated Mobile Device and Wireless Local Area Network (WLAN) Management Solutions Executive Summary This document is written for senior
Best Practices for Architecting Your Hosted Systems for 100% Application Availability Overview Business Continuity is not something that is implemented at the time of a disaster. Business Continuity refers