EBOOK. Top Five Ways To Enhance Your Cisco Environment
|
|
- Norman Stewart Barber
- 8 years ago
- Views:
Transcription
1 EBOOK Top Five Ways To Enhance Your Cisco Environment Rev. A, January 2014
2 2
3 Table of Contents The Secrets You Will Want To Know... 4 Five Ways to Say Eureka!... 4 The Top Five at a Glance... 4 The Cisco Data Center: A Rich Vein of Productivity Not all switches are created equal. Store-and-forward vs. cut-through Make sure you re SEC(ure) Don t lose sight of the gems SLA yourself Netflow is your friend
4 The Secrets You Will Want To Know When it comes to Cisco technology, most of us have wondered if we could do more to get the most out of our investments. Are we aware of all the hidden gems advantages tucked away within the architecture that could put us ahead of the game with relatively little effort? Five Ways to Say Eureka! Recently, I delivered a talk at Cisco Live in which I presented the Top Five efficiency gems that can be a real bonanza for your Cisco investment. I ll share those configuration and design tips here for using Cisco technology to the utmost in monitoring and security. In addition, I ll discuss ways to use access switching and built-in Cisco features more effectively. Finally, I ll cover key points to consider in relation to data center operation, interconnect and security. The multitiered Cisco data center is at the heart of today s computational power, volume storage and sophisticated applications. The Top Five at a Glance 1. Not all switches are created equal. Store-and-forward vs cut-through. Choose the right switch architecture and boost your efficiency. 2. Make sure you re SEC(ure). Using MACsec (IEEE 802.1AE) protocol to provide switch-port-level encryption. 3. Don t lose sight of the gems. Achieve virtual visibility without the overload penalty. 4. SLA yourself. Use built-in IP SLAs to benchmark and monitor the health and performance of your network. 5. Netflow is your friend. Learn it. Use it. Support it. The Cisco Data Center: A Rich Vein of Productivity The multitiered Cisco data center is at the heart of today s computational power, volume storage and sophisticated applications. It represents the leading edge of progress and potential in scalability, performance, flexibility and maintenance/management. Naturally, efficient planning is key for resilience, agility and investment value. 4
5 By investing in Cisco, you ve staked your claim to the future of virtual computing. Now let s mine those gems to strike it rich in optimizing your investment. 1. Not all switches are created equal. Store-andforward vs. cut-through. Choose the right switch architecture and boost your efficiency. Today, you have your choice of two switching categories: 1) store-and-forward; and 2) the newer cut-through switching, which is increasingly popular for high-speed, low-latency applications. But which one is ideal for you depends on several factors. Store-and-forward switching accepts the complete frame into the switch buffers for error checking before forwarding on to the network. Cut-through switching reads only the destination MAC address (the first six bytes of the frame following the preamble) to determine the switch port to forward traffic to. With store-and-forward switching, the LAN switch copies the entire frame into its onboard buffers and computes the cyclic redundancy check (CRC). The frame is discarded if it contains a CRC error or if it is a runt (less than 64 bytes including the CRC) or a giant (more than 1518 bytes including the CRC). If the frame contains no errors, the LAN switch looks up the destination address in its forwarding, or switching, table and determines the outgoing interface. It then forwards the frame toward its destination. Cut-Through Switches Reduce Latency in the LAN A cut-through switch reduces latency because it begins to forward the frame as soon as it reads the destination address and determines the outgoing interface even before the entire payload is received. The primary advantage of this approach lies in the amount of time the switch takes to start forwarding the packet (known as switch latency), which is on the order of a few microseconds, regardless of packet size. So, if latency issues are foremost for you, then cut-through switches will give you a better night s sleep. If latency issues are foremost for you, then cut-through switches will give you a better night s sleep. Let s take a theoretical application using 9000-byte frames. A cut-through switch can forward the frame a few microseconds to a few milliseconds earlier than its store-andforward counterpart (a few microseconds earlier in the case of 10-Gbps Ethernet). Cutthrough switches are naturally more suited to extremely demanding, high-performance computing (HPC) applications that require process-to-process latencies of 10 microseconds or less. When Cut-Through Switching Is Not the Ideal Approach Certainly, store-and-forward switching delays the time it takes for the frame to get from source to destination. That s because it waits to forward a frame until it has received the entire frame and checked it for errors, comparing the last field of the datagram against its own frame-check-sequence (FCS) calculations. So that additional time is spent ensuring that the packet is purged of physical and data-link errors. Invalid packets are dropped, whereas a a cut-through device would simply forward them on. Also, a store-and-forward switch can perform ingress buffering for the flexibility to support any mix of Ethernet speeds. 5
6 For Cisco, advances in ASIC design and other progress now enable cut-through functions that are much more ingenious than in the past. With better load balancing abilities and other functions, Cisco switches, such as the low-latency Cisco Nexus 5000 or Cisco Catalyst family, can perform low-latency switching while still preserving the inspection advantages of store-and-forward switching. So now you can make an informed decision as to whether store-and-forward switching is worth the delay. In financial services and other HPC applications, where speed is of the utmost importance, you probably want to reduce latency to the lowest possible level by using the cut-through approach: Enterprises that employ HPC include: When it comes to protecting data in motion, there aren t too many solutions. Oil and gas exploration Automotive and aerospace manufacturing Biosciences Financial data mining and market modeling Academic and government research Climate and weather simulation 2. Make sure you re SEC(ure). Using MACsec (IEEE 802.1AE) protocol to provide switch-portlevel encryption. When it comes to protecting data in motion, there aren t too many solutions. Using encryption is considered one of the better methods to protect data but often requires installations of client applications. MACsec to the Rescue The MACsec protocol provides a method to encrypt data between two layer 2 points between the different network switches without requiring an additional server application or changing the whole infrastructure to IPV6. MACsec lets you encrypt data communications between a switch and any attached device most importantly communication on wired LANs. The protocol is the brainchild of the Institute of Electrical and Electronics Engineers (IEEE). Known as Security Standard 802.1AE. MACsec is the only reliable way of ensuring data integrity when it comes to independent media access Cisco provides switch-port-level encryption based on IEEE 802.1AE (MACsec) that spans the network from endpoints to the access layer and all the way to the data center. Data encryption uses the 128-bit Advanced Encryption Standard (AES) cipher. Encryption lets you block man-in-the-middle attacks, snooping, and other forms of network intrusion and compromise. Layer 2 encryption can be implemented between an endpoint device and an access switch, or between switch ports. 6
7 MACsec, Cisco, and Net Optics: a Triple Compliance and Security Solution MACsec is probably the best prescription on the market for CSO and CIO peace of mind. In a landmark Cisco Live demo in Cisco s own booth, visitors could see in real time just how effectively Cisco s new MACsec software protects the confidentiality of network LAN traffic. In MACsec-enabled switches, packets are encrypted on exiting the transmitting device and decrypted on entering the receiving device. They are in the clear only when they are within the respective devices. To prove the point, Net Optics HD8 Fiber Taps passively gathered data on the connections, sending transmissions to Net Optics Director xstream Pro, which collected and displayed the data clearly in its user interface. The difference was dramatic: Unencrypted data from the non-macsec machine, a Cisco 3500 switch, clearly revealed its types and protocols, an irresistible vulnerability to malicious intrusion. But the MACsec-protected data flowing from Cisco 6500 switches was impenetrable and unreadable. Cisco Catalyst and Nexus Switches: Cisco Catalyst 2900, 3560, 3700, 4500, and 6500 Series Switches and Cisco Nexus 7000 Series Switches interact with network users for authentication and authorization. Access to the network is dictated by policy, user identity, and other attributes. Flexible authentication methods include 802.1X, web authentication, and MAC authentication bypass, all controlled in a single configuration for each switch port. Furthermore, Cisco switches can tag each data packet with user identity information so that additional controls can be deployed anywhere in the network. Cisco Nexus switches also support MACsec for data-in-motion confidentiality and integrity protection. 3. Don t lose sight of the gems. As adoption of virtualization gains momentum, data centers worldwide are building out their virtualized components. Achieve virtual visibility without the overload penalty. As adoption of virtualization gains momentum, data centers worldwide are building out their virtualized components. The growing adoption of hypervisor technologies creates monitoring, security, and compliance challenges as a result of virtual networks, switches and machines. Several solutions exist to improve manageability and visibility of virtual systems. Nexus 1010 Virtual Services Appliance: One of Cisco s hidden gems Cisco Nexus 1010 VSA is an optional appliance that can provide improved management and scalability in Cisco Nexus 1000V Switch and VMware vsphere deployments. The Cisco Nexus 1000V can be deployed exclusively as software running in a VMware vsphere cluster; Cisco Nexus 1010 VSA provides customers with an additional deployment option, allowing administrators to completely offload management functions handled by the Cisco Nexus 1000V Virtual Supervisor Module (VSM). This approach gives administrators improved scalability and availability for the VSM. 7
8 Cisco Nexus 1010 VSA offers impressive benefits: A dedicated appliance for VSMs simplifies the overall design and management of the VMware vsphere cluster by moving the VSMs off the VMware hosts. Eliminating the dependency on VMware means that networking services are no longer dependent on the VMware server s being up and running, which can be helpful during scenarios such as data center restarts. Because the Cisco Nexus 1010 VSA runs Cisco NX-OS and VSMs are now being installed on the VSA instead of on a VMware vsphere server, the network operations team is working in a familiar environment and gets a total Cisco installation experience. The automatic support of active-standby VSMs improves overall system availability. But Cisco s switch doesn t provide the same level of visibility as a true network Tap. So the question becomes, how do you achieve the 100 percent visibility that you need for compliance and security purposes? Cisco s switch doesn t provide the same level of visibility as a true network Tap. Phantom Virtual Tap to the Rescue for Total Inter-VM Visibility Penalty-Free Net Optics groundbreaking Phantom Virtual Tap was engineered to monitor traffic going through the Cisco virtual switch using Nexus 1000v. The key to this advantage is visibility: Phantom enhances network visibility, including inter-vm traffic monitoring, without suffering from the inherent limitations of hypervisor Span ports. This makes it an ideal security and compliance resource that: Delivers 100 percent visibility of traffic passing between VMs on hypervisor stacks Supports best-of-breed hypervisors and virtual switches Integrates seamlessly with the hypervisor at the kernel level Eliminates promiscuous probes or counterintuitive shaping and routing Bridges virtual traffic to physical monitoring tools Net Optics Phantom Virtual Tap protects records and transactions from malicious intrusion while documenting compliance with regulations such as Payment Card Industry (PCI) standards and SOX-404. Virtualization presents a new, unique set of challenges for auditors needing visibility of virtualized as well as physical data. This makes the Phantom Virtual Tap a welcome resource. Whether the concern is passing encrypted credit card numbers between infrastructures, monitoring derivatives, or conducting other complex transactions, the Phantom Virtual Tap keeps data isolated, secure and verifiable. 4. SLA yourself. Use built-in IP SLAs to benchmark and monitor the health and performance of your network Cisco IOS IP Service Level Agreements, known as IP SLA, is a hidden gem built into most Cisco devices that deserves more widespread knowledge and use than it has been getting. This important component is a network s best friend, letting you measure and benchmark 8
9 performance, identify issues and alert when you re going off standard benchmarks. The value is self-evident. A network engineer may need to evaluate a design or evaluate a QoS approach. It s a natural for helping troubleshoot the network. And with its focus solely on performance metrics, IP SLA helps confirm new business-critical IP applications and IP services that utilize data, voice, and video, in an IP network. Cisco has augmented traditional service level monitoring and advanced the IP infrastructure to become IP application-aware by measuring both end-to-end and at the IP layer. With Cisco IP SLA, you can verify service guarantees, increase network reliability, proactively identify network issues, and increase Return on Investment (ROI) by streamlining deployment of new IP services. Cisco IP SLA uses active monitoring to generate traffic in a continuous, reliable, and predictable manner an important resource for measuring network performance and health. 5. Netflow is your friend. Learn it. Use it. Support it. I ll bet all of you have Netflow and I ll also bet that most of you are not using it to its full extent or gaining full benefit. Surprisingly few people know how to get the most out of this unique technology, qualifying it as a bona fide hidden gem. This is surprising because it shines very brightly, particularly for security and compliance purposes. Netflow is a feature of Cisco IOS software that monitors packet flows across a router. It identifies protocol elements used and extracts packet content and metadata for analysis of data relationships and communications patterns. With Netflow, you can monitor a particular IP address so as to actually see where that address originated, where it ended, and how long it took to get there and back. For Service Providers this information is critical in billing customers for differentiated services or QoS. Another benefit is that Netflow ties into superb public domain tools you can use in any size deployment. I ll bet all of you have Netflow and I ll also bet that most of you are not using it to its full extent or gaining full benefit. So why should Netflow be a hidden gem? Maybe it s merely perceptions that prevent users from taking advantage of all it has to offer such as the it s difficult to deploy perception. Not so! Your Netflow vendor can help, as well as ensure that you have Netflow Version 9 with its free tools to enhance your Cisco investment. Cisco s suite of virtual data center offerings is growing. The launch of such products as the Nexus 1000V and the VN-Link means that thousands more organizations can now utilize Cisco solutions to support their data center virtualization plans. But even as virtualization soars, stringent regulations proliferate and threaten to clip the productivity and competitiveness wings of companies lacking intelligent access and monitoring solutions. Virtual Visibility Plus Netflow Eases Compliance and Security Tasks Now you can take Netflow-generated network statistics, and integrate them with Director xstream Pro for almost unlimited compliance visibility. Net Optics is the only company capable of providing the enterprise-level reliability in monitoring and access demanded by Cisco s Data Center 3.0 environments. 9
10 The Phantom solution enables faster and broader adoption of virtualization technologies concurrent with Cisco s advances across organizations worldwide. Net Optics Is a Close Fit, Now and in the Future, with Cisco s Vision Net Optics solutions work hand-in-glove with Cisco products to deliver monitoring and access capabilities to Cisco s Data Center 3.0 environments and beyond. Right now, by providing total visibility of data and traffic running through Cisco s Virtual Infrastructure solutions including VN-Link with Cisco Nexus 1000V the Net Optics Phantom Virtual Tap is a vital resource for compliance, security and management in your Cisco environment. This tight integration helps to fortify Cisco s multi-tier data center vision and spur faster, broader adoption of virtualization technologies in organizations worldwide. Find out more about how Net Optics helps you put the Top Five to work in your Cisco environment. visit or contact Net Optics at (408) About the Author Sharon Besser, VP of Technology, Net Optics Inc. Sharon Besser has successfully created, developed and launched new security products for some of the industry s leading technology vendors. Before joining Net Optics he served as Vice President of Product Strategy for application data security and compliance leader, Imperva. Previously, he served at Websense, a leading provider of the content filtering and web security solutions, where he was director of products. At Websense, Besser was primarily responsible for Content Protection Suite, which was recognized by independent research firm, Gartner as the market leader. Prior to Websense, Besser was director of products at PortAuthority Technologies, a provider of information leak prevention solutions which was acquired by Websense. Besser also served as director of Security Solutions for security vendor Check Point Software Technologies. Earlier in his career, Besser founded PubliCom, a provider of integrated data security and communications solutions, which was acquired by COMSEC. Besser holds a BSC in Mathematics, Computer Science and Geography from Bar Ilan University in Israel. 10
11 11
12 EBOOK Ixia Worldwide Headquarters Agoura Rd. Calabasas, CA (Toll Free North America) (Outside North America) (Fax) Ixia European Headquarters Ixia Technologies Europe Ltd Clarion House, Norreys Drive Maidenhead SL6 4FL United Kingdom Sales (Fax) Ixia Asia Pacific Headquarters 21 Serangoon North Avenue 5 #04-01 Singapore Sales Fax Rev. A, January 2014
WHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment
WHITE PAPER Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment www.ixiacom.com 915-6892-01 Rev. A, July 2014 2 Table of Contents The Challenge of the Virtual Environment...
More informationWHITE PAPER. Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs
WHITE PAPER Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs www.ixiacom.com 915-6909-01 Rev. A, July 2014 2 Table of Contents Event... 4 Context...
More informationWHITE PAPER. Gaining Total Visibility for Lawful Interception
WHITE PAPER Gaining Total Visibility for Lawful Interception www.ixiacom.com 915-6910-01 Rev. A, July 2014 2 Table of Contents The Purposes of Lawful Interception... 4 Wiretapping in the Digital Age...
More informationWHITE PAPER. Extending Network Monitoring Tool Performance
WHITE PAPER Extending Network Monitoring Tool Performance www.ixiacom.com 915-6915-01 Rev. A, July 2014 2 Table of Contents Benefits... 4 Abstract... 4 Introduction... 4 Understanding Monitoring Tools...
More informationWHITE PAPER. Static Load Balancers Implemented with Filters
WHITE PAPER Static Load Balancers Implemented with Filters www.ixiacom.com 915-6911-01 Rev. A, July 2014 2 Table of Contents Load Balancing of Monitoring Systems as a Key Strategy for Availability, Security
More informationIxChariot Virtualization Performance Test Plan
WHITE PAPER IxChariot Virtualization Performance Test Plan Test Methodologies The following test plan gives a brief overview of the trend toward virtualization, and how IxChariot can be used to validate
More informationWHITE PAPER. How To Compare Virtual Devices (NFV) vs Hardware Devices: Testing VNF Performance
WHITE PAPER How To Compare Virtual Devices (NFV) vs Hardware Devices: Testing VNF Performance www.ixiacom.com 915-3132-01 Rev. B, June 2014 2 Table of Contents Network Functions Virtualization (NFV): An
More informationEBOOK. The Network Comes of Age: Access and Monitoring at the Application Level
EBOOK The Network Comes of Age: Access and Monitoring at the Application Level www.ixiacom.com 915-6948-01 Rev. A, January 2014 2 Table of Contents How Flow Analysis Grows Into Total Application Intelligence...
More informationWHITE PAPER. Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency
WHITE PAPER Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency www.ixiacom.com 915-6893-01 Rev. A, July 2014 2 Table of Contents Summary... 4 Introduction... 4 Differing Goals
More informationCisco Nexus 1000V Switch for Microsoft Hyper-V
Data Sheet Cisco Nexus 1000V Switch for Microsoft Hyper-V Product Overview Cisco Nexus 1000V Switches provide a comprehensive and extensible architectural platform for virtual machine and cloud networking.
More informationChapter 1 Reading Organizer
Chapter 1 Reading Organizer After completion of this chapter, you should be able to: Describe convergence of data, voice and video in the context of switched networks Describe a switched network in a small
More informationWHITE PAPER. Enabling 100 Gigabit Ethernet Implementing PCS Lanes
WHITE PAPER Enabling 100 Gigabit Ethernet Implementing PCS Lanes www.ixiacom.com 915-0909-01 Rev. C, January 2014 2 Table of Contents Introduction... 4 The IEEE 802.3 Protocol Stack... 4 PCS Layer Functions...
More informationWHITE PAPER. Tap Technology Enables Healthcare s Digital Future
WHITE PAPER Tap Technology Enables Healthcare s Digital Future www.ixiacom.com 915-6912-01 Rev. A, July 2014 2 Table of Contents Executive Overview... 4 Introduction... 4 HIT s foundation... 5 Keeping
More informationData Center Automation - A Must For All Service Providers
WHITE PAPER Automation: The Future of Network Visibility www.ixiacom.com 915-6617-01 Rev. A, November 2013 2 Table of Contents Executive Summary... 4 The Need for Monitoring Switch Automation in the Data
More informationTaps vs. SPAN The Forest AND the Trees: Full Visibility into Today's Networks
WHITE PAPER Taps vs. SPAN The Forest AND the Trees: Full Visibility into Today's Networks www.ixiacom.com 915-3534-01 Rev. A, September 2015 2 Table of Contents The First Line of Defense: Access... 5 Problem
More informationWHITE PAPER. Monitoring Load Balancing in the 10G Arena: Strategies and Requirements for Solving Performance Challenges
WHITE PAPER Monitoring Load Balancing in the 10G Arena: Strategies and Requirements for Solving Performance Challenges www.ixiacom.com 915-6914-01 Rev. A, July 2014 2 Table of Contents Load Balancing A
More informationEvaluating Wireless Broadband Gateways for Deployment by Service Provider Customers
Evaluating Wireless Broadband Gateways for Deployment by Service Provider Customers Overview A leading provider of voice, video, and data services to the residential and businesses communities designed
More informationLeveraging Access Switching For HPC Monitoring & Security
Leveraging Access Switching For HPC Monitoring & Security Sharon Besser, VP of Technology Net Optics, Inc. Intelligent Access and Monitoring Architecture Goal Present a methodology and solution of leveraging
More informationGuidebook to MEF Certification
WHITE PAPER Guidebook to MEF Certification www.ixiacom.com Rev A September 2012, 915-6015-01 2 Table of Contents Introduction... 4 Benefits of Certification... 7 Overview... 7 Equipment Vendor... 7 Service
More informationEBOOK. Software Defined Networking (SDN)
EBOOK Software Defined Networking (SDN) www.ixiacom.com 915-6885-01 Rev. A, January 2014 2 Table of Contents Your Route to Agility, Accuracy and Availability... 4 SDN Advanced, Next-Generation Networking...
More informationEnsuring Success in a Virtual World: Demystifying SDN and NFV Migrations
Ensuring Success in a Virtual World: Demystifying SDN and NFV Migrations Get Migration Right the First Time The virtualization of traditional networks promises vast and enduring benefits if the challenges
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationCisco TrustSec Solution Overview
Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...
More informationCloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds
- The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds February 2011 1 Introduction Today's business environment requires organizations
More informationNet Optics and Cisco NAM
When Cisco decided to break its Network Analysis Module (NAM) out of the box and into a stand-alone appliance, they turned to Net Optics for monitoring access connectivity. Cisco NAM 2200 Series Cisco
More informationInnovate, Integrate, Lead
Innovate, Integrate, Lead Ixia s Global Solution Provider Partner Program Application Performance and Security Resilience 86 of the Fortune 100 Profitability. Brand reputation. Customer loyalty. 50 of
More informationHIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES
HIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES Net Optics solutions dramatically increase reliability,
More informationVMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
More informationFail-Safe IPS Integration with Bypass Technology
Summary Threats that require the installation, redeployment or upgrade of in-line IPS appliances often affect uptime on business critical links. Organizations are demanding solutions that prevent disruptive
More informationWHITE PAPER. Realizing ROI from Your Network Visibility Investment
WHITE PAPER Realizing ROI from Your Network Visibility Investment www.ixiacom.com 915-6630-01 Rev. A, March 2014 2 Table of Contents Executive Summary... 4 Introduction... 4 Network Visibility ROI... 5
More informationOvercoming The Blind Spots in Your Virtualized Data Center
Overcoming The Blind Spots in Your Virtualized Data Center Matt Percival Sales Manager Northern Europe Stand C4 2014 Ixia Inc. Outline Virtualization Overview Network Monitoring Basics Implementing a Monitoring
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More informationCisco NetFlow Generation Appliance (NGA) 3140
Q&A Cisco NetFlow Generation Appliance (NGA) 3140 General Overview Q. What is Cisco NetFlow Generation Appliance (NGA) 3140? A. Cisco NetFlow Generation Appliance 3140 is purpose-built, high-performance
More informationMonitoring Service Delivery in an MPLS Environment
Monitoring Service Delivery in an MPLS Environment A growing number of enterprises depend on (or are considering) MPLS-based routing to guarantee high-bandwidth capacity for the real-time applications
More informationWHITE PAPER. Best Practices for Deploying IPv6 over Broadband Access
WHITE PAPER Best Practices for Deploying IPv6 over Broadband Access www.ixiacom.com 915-0123-01 Rev. C, December 2013 2 Table of Contents Udi cusciamenis minctorpos... 4 Toreptur aut dolo cone verum aute
More informationIxia Phantom vtap. Overview. Virtual Taps Phantom Monitoring Solution DATA SHEET
Ixia Phantom vtap Overview The Ixia Phantom vtap is a software solution that supports all leading hypervisors (VMware vsphere, Microsoft Hyper-V, Citrix enserver, and more), to provide customers 100 percent
More informationCisco and Canonical: Cisco Network Virtualization Solution for Ubuntu OpenStack
Solution Overview Cisco and Canonical: Cisco Network Virtualization Solution for Ubuntu OpenStack What You Will Learn Cisco and Canonical extend the network virtualization offered by the Cisco Nexus 1000V
More informationCisco Dynamic Workload Scaling Solution
Cisco Dynamic Workload Scaling Solution What You Will Learn Cisco Application Control Engine (ACE), along with Cisco Nexus 7000 Series Switches and VMware vcenter, provides a complete solution for dynamic
More informationObserver Analysis Advantages
In-Depth Analysis for Gigabit and 10 Gb Networks For enterprise management, gigabit and 10 Gb Ethernet networks mean high-speed communication, on-demand systems, and improved business functions. For enterprise
More informationFULL SPEED AHEAD THE IXIA CHANNEL XCELERATE PROGRAM LATIN AMERICA
FULL SPEED AHEAD THE IIA CHANNEL CELERATE PROGRAM LATIN AMERICA 1998-2016 Ixia All Rights Reserved. Be Part of the Momentum... Nothing beats playing on a winning team. Joining Ixia s Channel celerate Partner
More informationLAN Switching and VLANs
26 CHAPTER Chapter Goals Understand the relationship of LAN switching to legacy internetworking devices such as bridges and routers. Understand the advantages of VLANs. Know the difference between access
More informationIntel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family
Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family White Paper June, 2008 Legal INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL
More informationWhite Paper. Optimizing Visibility, Control and Performance of Network Traffic
White Paper Optimizing Visibility, Control and Performance of Network Traffic 26601 Agoura Road, Calabasas, CA 91302 Tel: 818.871.1800 Fax: 818.871.1805 www.ixiacom.com 915-6598-01 Rev. B, June 2013 2
More informationRedefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance
White Paper Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance What You Will Learn Modern data centers power businesses through a new generation of applications,
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationGaining Operational Efficiencies with the Enterasys S-Series
Gaining Operational Efficiencies with the Enterasys S-Series Hi-Fidelity NetFlow There is nothing more important than our customers. Gaining Operational Efficiencies with the Enterasys S-Series Introduction
More informationCOMMAND YOUR DATA CENTER
Best Practices Guide I Data Center COMMAND YOUR DATA CENTER How to Thrive In the Changing Landscape The demands to virtualize, scale, and implement new applications while conducting security, forensics,
More informationEnhancing Cisco Networks with Gigamon // White Paper
Across the globe, many companies choose a Cisco switching architecture to service their physical and virtual networks for enterprise and data center operations. When implementing a large-scale Cisco network,
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More informationCisco Wide Area Application Services (WAAS) Software Version 4.0
Cisco Wide Area Application Services () Software Version 4.0 Product Overview Cisco Wide Area Application Services () is a powerful application acceleration and WAN optimization solution that optimizes
More informationActive Visibility for Multi-Tiered Security // Solutions Overview
Introduction Cyber threats are becoming ever more sophisticated and prevalent. Traditional security approaches such as firewalls and anti-virus protection are not equipped to mitigate and manage modern
More informationWAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO
WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO The number of branch-office work sites is increasing, so network administrators need tools to
More informationEthernet Wide Area Networking, Routers or Switches and Making the Right Choice
Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice The Road To Ethernet WAN Various industry sources show trends in globalization and distribution, of employees moving towards
More informationGigabit Ethernet. Abstract. 1. Introduction. 2. Benefits of Gigabit Ethernet
Table of Contents Abstract... 2 1. Introduction... 2 2. Benefits of Gigabit Ethernet... 2 2.1 Easy Migration to Higher Performance Levels... 3 2.2 Decreased Overall Costs Over Time... 3 2.3 Supports for
More informationLab Testing Summary Report
Lab Testing Summary Report November 2011 Report 111018 Product Category: Supervisor Engine Vendor Tested: Product Tested: Catalyst 4500E Supervisor Engine 7L-E Key findings and conclusions: Cisco Catalyst
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationWHITE PAPER. SDN Controller Testing: Part 1
WHITE PAPER SDN Controller Testing: Part 1 www.ixiacom.com 915-0946-01 Rev. A, April 2014 2 Table of Contents Introduction... 4 Testing SDN... 5 Methodologies... 6 Testing OpenFlow Network Topology Discovery...
More informationExhibit n.2: The layers of a hierarchical network
3. Advanced Secure Network Design 3.1 Introduction You already know that routers are probably the most critical equipment piece in today s networking. Without routers, internetwork communication would
More informationCCNA R&S: Introduction to Networks. Chapter 5: Ethernet
CCNA R&S: Introduction to Networks Chapter 5: Ethernet 5.0.1.1 Introduction The OSI physical layer provides the means to transport the bits that make up a data link layer frame across the network media.
More informationNetwork Instruments white paper
Network Instruments white paper MONITORING SERVICE DELIVERY IN AN MPLS ENVIRONMENT A growing number of enterprises depend on (or are considering) MPLS-based routing to guarantee highbandwidth capacity
More informationETHERNET WAN ENCRYPTION SOLUTIONS COMPARED
HERN WAN ENCRYPTION SOLUTIONS COMPARED KEY WORDS AND TERMS MACsec, WAN security, WAN data protection, MACsec encryption, network data protection, network data security, high-speed encryption, Senetas,
More informationThe Next Generation Network:
JULY, 2012 The Next Generation Network: Why the Distributed Enterprise Should Consider Multi-circuit WAN VPN Solutions versus Traditional MPLS Tolt Solutions Network Services 125 Technology Drive Suite
More informationAnalysis of Network Segmentation Techniques in Cloud Data Centers
64 Int'l Conf. Grid & Cloud Computing and Applications GCA'15 Analysis of Network Segmentation Techniques in Cloud Data Centers Ramaswamy Chandramouli Computer Security Division, Information Technology
More informationActive Visibility for Multi-Tiered Security. Juergen Kirchmann Director Enterprise Sales EMEA
Active Visibility for Multi-Tiered Security Juergen Kirchmann Director Enterprise Sales EMEA Billions are Spent on Security Annually $18.4B SPENT BY ENTERPRISES WORLD-WIDE ON SECURITY IN 2014 ENTERPRISE
More informationSafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and
SafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and Management SafeNet Network Encryption and Isolation Solution
More informationCentral Office Testing of Network Services
Central Office Testing of Network Services Rev 4 Application Note Ethernet is rapidly becoming the predominant method for deploying new commercial services and for expanding backhaul capacity. Carriers
More informationAdvancements in field measurement of Ethernet performance
Advancements in field measurement of Ethernet performance An Ethernet service provider needs to demonstrate to his customer that the service he is providing is compliant with the service level agreement.
More informationIncrease Simplicity and Improve Reliability with VPLS on the MX Series Routers
SOLUTION BRIEF Enterprise Data Center Interconnectivity Increase Simplicity and Improve Reliability with VPLS on the Routers Challenge As enterprises improve business continuity by enabling resource allocation
More informationExpert Reference Series of White Papers. VMware vsphere Distributed Switches
Expert Reference Series of White Papers VMware vsphere Distributed Switches info@globalknowledge.net www.globalknowledge.net VMware vsphere Distributed Switches Rebecca Fitzhugh, VCAP-DCA, VCAP-DCD, VCAP-CIA,
More informationPerformance of Cisco IPS 4500 and 4300 Series Sensors
White Paper Performance of Cisco IPS 4500 and 4300 Series Sensors White Paper September 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of
More informationPerformance Evaluation of Linux Bridge
Performance Evaluation of Linux Bridge James T. Yu School of Computer Science, Telecommunications, and Information System (CTI) DePaul University ABSTRACT This paper studies a unique network feature, Ethernet
More informationWHITE PAPER. Best Practices in Deploying Converged Data Centers
WHITE PAPER Best Practices in Deploying Converged Data Centers www.ixiacom.com 915-2505-01 Rev C October 2013 2 Contents Introduction... 4 Converged Data Center... 4 Deployment Best Practices... 6 Testing
More information- Hubs vs. Switches vs. Routers -
1 Layered Communication - Hubs vs. Switches vs. Routers - Network communication models are generally organized into layers. The OSI model specifically consists of seven layers, with each layer representing
More informationVirtual PortChannels: Building Networks without Spanning Tree Protocol
. White Paper Virtual PortChannels: Building Networks without Spanning Tree Protocol What You Will Learn This document provides an in-depth look at Cisco's virtual PortChannel (vpc) technology, as developed
More informationSecuring Virtual Applications and Servers
White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating
More informationJuly, 2006. Figure 1. Intuitive, user-friendly web-based (HTML) interface.
Smart Switches The Value-Oriented Alternative for Managed Switching White Paper September, 2005 Abstract This White Paper provides a short introduction to Web Smart switches and their importance in a local
More informationLayer 2 Encryption Fortifying data transport
autumn meeting 2014 Layer 2 Encryption Fortifying data transport Christian Zank n Cube Optics AG n October 2, 2014 Need for Encryption? n 50.000 network intrusions detected every day Cisco 2013 n Data
More informationWhat s New in VMware vsphere 5.5 Networking
VMware vsphere 5.5 TECHNICAL MARKETING DOCUMENTATION Table of Contents Introduction.................................................................. 3 VMware vsphere Distributed Switch Enhancements..............................
More informationData Center Network Evolution: Increase the Value of IT in Your Organization
White Paper Data Center Network Evolution: Increase the Value of IT in Your Organization What You Will Learn New operating demands and technology trends are changing the role of IT and introducing new
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationBUILDING A NEXT-GENERATION DATA CENTER
BUILDING A NEXT-GENERATION DATA CENTER Data center networking has changed significantly during the last few years with the introduction of 10 Gigabit Ethernet (10GE), unified fabrics, highspeed non-blocking
More informationSLA para aplicaciones en redes WAN. Alvaro Cayo Urrutia
SLA para aplicaciones en redes WAN Alvaro Cayo Urrutia Quién es FLUKE NETWORKS? Enterprise SuperVision (ESV) Soluciones portátiles de prueba y análisis LAN y WAN distribuidas Infrastructure SuperVision
More informationBest Practices for Network Monitoring How a Network Monitoring Switch Helps IT Teams Stay Proactive
White Paper Best Practices for Network Monitoring How a Network Monitoring Switch Helps IT Teams Stay Proactive 26601 Agoura Road, Calabasas, CA 91302 Tel: 818.871.1800 Fax: 818.871.1805 www.ixiacom.com
More informationReasons to Choose the Juniper ON Enterprise Network
Reasons to Choose the Juniper ON Enterprise Network Juniper s enterprise access products meet the always-on needs of today s enterprises by delivering solutions that are reliable, simple, and smart. The
More informationCisco Nexus 1000V Series Switches
Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches are virtual machine access switches that are an intelligent software switch implementation for VMware vsphere environments
More informationRohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests
Rohde & Schwarz R&S Encryption Device Functionality & Performance Tests Introduction Following to our test of the Rohde & Schwarz ETH encryption device in April 28 the European Advanced Networking Test
More informationVisibility into the Cloud and Virtualized Data Center // White Paper
Executive Summary IT organizations today face unprecedented challenges. Internal business customers continue to demand rapid delivery of innovative services to respond to outside threats and opportunities.
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
W H I T E P A P E R A p p l i c a t i o n D e l i v e r y f o r C l o u d S e r v i c e s : C u s t o m i z i n g S e r v i c e C r e a t i o n i n V i r t u a l E n v i r o n m e n t s Sponsored by: Brocade
More informationCloud Networking Services
Cloud computing is a compelling way to deliver web-based and non-web-based applications that better utilize the physical infrastructure, while lowering costs by moving from silos of expensive customized
More informationVirtual Networking Features of the VMware vnetwork Distributed Switch and Cisco Nexus 1000V Series Switches
Virtual Networking Features of the vnetwork Distributed Switch and Cisco Nexus 1000V Series Switches What You Will Learn With the introduction of ESX, many virtualization administrators are managing virtual
More informationVXLAN: Scaling Data Center Capacity. White Paper
VXLAN: Scaling Data Center Capacity White Paper Virtual Extensible LAN (VXLAN) Overview This document provides an overview of how VXLAN works. It also provides criteria to help determine when and where
More informationconvergence: preparing the enterprise network
hp procurve networking business january 2003 convergence: preparing the enterprise network business white paper protecting investments with the hp procurve adaptive EDGE architecture table of contents
More informationOptimizing Data Center Networks for Cloud Computing
PRAMAK 1 Optimizing Data Center Networks for Cloud Computing Data Center networks have evolved over time as the nature of computing changed. They evolved to handle the computing models based on main-frames,
More informationIP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview
This module describes IP Service Level Agreements (SLAs). IP SLAs allows Cisco customers to analyze IP service levels for IP applications and services, to increase productivity, to lower operational costs,
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R O r a c l e V i r t u a l N e t w o r k i n g D e l i v e r i n g F a b r i c
More informationVirtualization Essentials
Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically
More informationFour Ways High-Speed Data Transfer Can Transform Oil and Gas WHITE PAPER
Transform Oil and Gas WHITE PAPER TABLE OF CONTENTS Overview Four Ways to Accelerate the Acquisition of Remote Sensing Data Maximize HPC Utilization Simplify and Optimize Data Distribution Improve Business
More informationAnalyzing Full-Duplex Networks
Analyzing Full-Duplex Networks There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports), or full-duplex TAPs are the three
More informationCustomer White paper. SmartTester. Delivering SLA Activation and Performance Testing. November 2012 Author Luc-Yves Pagal-Vinette
SmartTester Delivering SLA Activation and Performance Testing November 2012 Author Luc-Yves Pagal-Vinette Customer White paper Table of Contents Executive Summary I- RFC-2544 is applicable for WAN and
More information