Saisei FlowCommand FLOW COMMAND IN ACTION. No Flow Left Behind. No other networking vendor can make this claim

Similar documents
Saisei and Intel Maximizing WAN Bandwidth

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Silver Peak s Virtual Acceleration Open Architecture (VXOA)

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

Testing Challenges for Modern Networks Built Using SDN and OpenFlow

Per-Flow Queuing Allot's Approach to Bandwidth Management

Using SDN-OpenFlow for High-level Services

SDN CENTRALIZED NETWORK COMMAND AND CONTROL

Voice Over IP Performance Assurance

PRODUCTS & TECHNOLOGY

Achieving High Quality Voiceover-IP Across WANs With Talari Networks APN Technology

Introduction. The Inherent Unpredictability of IP Networks # $# #

INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS

Customer Benefits Through Automation with SDN and NFV

Voice, Video and Data Convergence > A best-practice approach for transitioning your network infrastructure. White Paper

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks.

Gaining Operational Efficiencies with the Enterasys S-Series

Flexible SDN Transport Networks With Optical Circuit Switching

Software-Defined Networking from Serro Solutions Enables Global Communication Services in Near Real-Time

DELIVERING APPLICATION ANALYTICS FOR AN APPLICATION FLUENT NETWORK

Leveraging SDN and NFV in the WAN

Whitepaper. A Guide to Ensuring Perfect VoIP Calls. blog.sevone.com info@sevone.com

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

Transforming Service Life Cycle Through Automation with SDN and NFV

Network Services in the SDN Data Center

whitepaper Network Traffic Analysis Using Cisco NetFlow Taking the Guesswork Out of Network Performance Management

Serro Solutions Enables Managed Security Service Providers to Optimize Networking Performance and Cost

Improving Network Efficiency for SMB Through Intelligent Load Balancing

How To Create A Qos

Next-Generation Firewalls: Critical to SMB Network Security

Next Generation Application Delivery

SDN and NFV in the WAN

A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.

A Look at the New Converged Data Center

Nominee: Barracuda Networks

Delivering Managed Services Using Next Generation Branch Architectures

Making the Case for Open Source Controllers

Management & Orchestration of Metaswitch s Perimeta Virtual SBC

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO

Virtualization Essentials

Clearing the Way for VoIP

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Whitepaper. Controlling the Network Edge to Accommodate Increasing Demand

MERAKI WHITE PAPER Cloud + Wireless LAN = Easier + Affordable

Elfiq Networks Vital for Hospitality

Verizon Managed SD WAN with Cisco IWAN. October 28, 2015

AlcAtel-lucent enterprise AnD sdnsquare sdn² network solution enabling highly efficient, volumetric, time-critical data transfer over ip networks

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase

Network Performance Monitoring at Minimal Capex

Business Cases for Brocade Software-Defined Networking Use Cases

Optimizing Performance for Voice over IP and UDP Traffic

The Benefits of SD-WAN with Integrated Branch Security

Application Visibility and Monitoring >

Cisco and Visual Network Systems: Implement an End-to-End Application Performance Management Solution for Managed Services

UNIFIED PERFORMANCE MANAGEMENT

Creating Business-Class VoIP: Ensuring End-to-End Service Quality and Performance in a Multi-Vendor Environment. A Stratecast Whitepaper

The Purview Solution Integration With Splunk

The next IP SLA generation Solution. Advisor SLA. Network Performance Monitoring Solution.

VoIP / SIP Planning and Disclosure

How To Set Up Foglight Nms For A Proof Of Concept

WAN Optimization in MPLS Networks- the Transparency Challenge!

White Paper. The Assurance Checklist for Branch Networks A pragmatic guide for building high performance branch office networks.

SDN Orchestration Explained. A Deep Dive into a Crucial Component of Software-Defined Cloud Exchange Networks

Use Cases for the NPS the Revolutionary C-Programmable 7-Layer Network Processor. Sandeep Shah Director, Systems Architecture EZchip

Blue Planet. Introduction. Blue Planet Components. Benefits

Dell SonicWALL report portfolio

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways

Cisco IOS Flexible NetFlow Technology

The Virtual Ascent of Software Network Intelligence

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment

Boosting Business Agility through Software-defined Networking

TECHNICAL NOTE. FortiGate Traffic Shaping Version

Carrier/WAN SDN Brocade Flow Optimizer Making SDN Consumable

Application Performance Management

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

White Paper. Optimizing Video Performance Across the Distributed Enterprise >

MSP. HOW MSPs Can Use Performance Monitoring to Create New Revenue Streams. [ WhitePaper ] Introduction

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

APPLICATION NOTE 209 QUALITY OF SERVICE: KEY CONCEPTS AND TESTING NEEDS. Quality of Service Drivers. Why Test Quality of Service?

Accelerate Private Clouds with an Optimized Network

ETM System SIP Trunk Support Technical Discussion

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

White Paper. BTI Intelligent Cloud Connect. Unblocking the Cloud Connectivity Bottleneck. btisystems.com

Conference. Smart Future Networks THE NEXT EVOLUTION OF THE INTERNET FROM INTERNET OF THINGS TO INTERNET OF EVERYTHING

Quality of Service (QoS) for Enterprise Networks. Learn How to Configure QoS on Cisco Routers. Share:

How OpenFlow -Based SDN Transforms Private Cloud. ONF Solution Brief November 27, 2012

Remote Network Monitoring Software for Managed Services Providers

Is Your Network Ready for VoIP? > White Paper

This topic lists the key mechanisms use to implement QoS in an IP network.

Spotlight On Backbone Technologies

Integration Guide. EMC Data Domain and Silver Peak VXOA Integration Guide

Cisco Integrated Services Routers Performance Overview

Cisco Application Networking for Citrix Presentation Server

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Network Instruments white paper

Transcription:

Saisei FlowCommand The Saisei FlowCommand family of network performance enforcement (NPE) solutions offers a new paradigm for real-time user- and application-policy enforcement and visibility made possible by its unique ability to change the way that chaotic routed IP networks behave. FlowCommand software handles all the anomalies associated with today s highly utilized and over-subscribed IP networks that are being overwhelmed by the influx of traffic from mobile, cloud and IoT deployments. FlowCommand instills order on the chaos of TCP/IP by creating predictable and equitable performance for all users while concurrently guaranteeing that no user session will ever crash or time out again. No other networking vendor can make this claim FlowCommand collects in-depth real-time, finegrained statistics about all traffic flowing on critical network links up to 5 million simultaneous flows on a 10G network. While monitoring these flows 20 times per second, it can control each and every flow according to powerful, flexible user-defined policies based on over 40 metrics included with the solution. FlowCommand software is distributed either as a virtual machine image to run on a hypervisor, or can be packaged on a bare-metal x86 hardware system suitable for real-time monitoring and policy enforcement across links up to 10G. FLOW COMMAND IN ACTION No Flow Left Behind When FlowCommand receives a data packet generally TCP or UDP the first thing it does is associate it to a flow, defined as the sequence of packets sharing the same IP addresses and TCP/UDP ports. FlowCommand then keeps extensive state for each flow including the transmission rate, duration, round-trip time, and a quality metric which is updated with every packet it receives. Every flow is associated with the: Application it is serving (for example, a specific website or business app, or a protocol such as VoIP) Geographic location it is serving (generally, a country or city) Hosts (internal and external) it is connecting Users it is serving (via an address-touser database such as Microsoft Active Directory or OpenLDAP) Custom Groups applications, geographic locations, hosts and users can be combined into groups (for example, a group could consist of all countries where a company has business partners, or all applications whose network usage is to be tightly controlled)

FlowCommand Functional Diagram GUI Historical Database Applications Users Hosts Locations Flow Plane Flow Stats Data Plane Packets Figure 1: FlowCommand Functional Diagram Eliminating Network Congestion FlowCommand constantly evaluates the traffic flow against the available bandwidth. Twenty times every second, each individual flow receives an immediate bandwidth allocation. The allocation is chosen so that the collective bandwidth usage in the system fulfills the specified policy and meets external constraints. Intelligent interaction with standardized congestion control schemes, such as the TCP Reno, Cubic and Compound mechanisms (RFC 6582), allows FlowCommand to achieve accurate control with no queueing. This avoids queuing delay issues that plague existing routed IP networks and results in smoother traffic flow, increasing the end user's quality of experience while making more efficient use of existing bandwidth. This is in stark contrast to other quality-of-service (QoS) systems that use a combination of queuing and random packet discard, generating delay and random disruption to the user experience. Open APIs for Multivendor Integration and a Clear Path to SDN and NFV All configuration and monitoring information about FlowCommand is exposed through a simple, intuitive RESTful API, which is used by the FlowCommand s own management tools, such as the GUI and CLI. (A

CLI interface is provided for IT users more comfortable with that practice.) FlowCommand is designed from the ground up for easy integration into a variety of third-party systems, such as orchestration tools for Software-defined Networking (SDN) and Network Functions Virtualization (NFV). How to Use FlowCommand Here we examine some general use cases for Network Performance Enforcement: Raise Network Utilization from 50% to Over 95% and Eliminate 99% of Service Complaints FlowCommand's patented traffic management algorithms allow a link to be operated at 95%+ capacity without creating delay or harming the traffic flow. Conventionally, links are not typically operated above 50-60% of their capacity because existing devices create large and random delays and network designers have to allow for peak traffic under random conditions. As network bandwidth is generally the highest single cost of operating a network, Increasing utilization from 50% to 95% can result in a substantial cost savings lower cost per bit -- and removes the operational overhead of chasing down rogue users or applications. With FlowCommand, traffic management is a smooth, gentle and predictable process. The effect is to reduce the apparent randomness of response time as seen by the user. Even with constant bandwidth, with Saisei in control the user's quality of experience improves as their sessions will never drop. True Real-time Monitoring Sub-Second Visibility and Analytics The FlowCommand dashboard provides continuous visibility on how the network is being used based on information collected and analyzed in less than a second. This new Best Practice eliminates the 10- minute response delay of traditional DPI and visibility appliances by removing the requirement for background analysis. For example, a chart showing the top 10 applications can be clicked to drill down to the users of each application, or to specific locations, allowing instant analysis of which users are responsible for traffic to each location. The real-time information is seamlessly integrated with historical data, allowing visualization and comparison of usage over any defined time period. This data processing is performed in-line with a powerful flow pre-processor engine that gives 100% visibility to the information flows on the network without requiring the use of external data or NetFlow collectors.

Figure 2: Saisei FlowCommand Dashboard Protect Key Business, VoIP and Video Applications While and Controlling Non-Critical Applications FlowCommand s granular real-time policy enforcement allows critical and vulnerable applications to be both protected and prioritized, and non-critical or undesirable applications to be limited, diverted, or blocked altogether. Voice (VoIP) traffic is especially vulnerable to network problems, since even low levels of packet loss make voice impossible to understand. FlowCommand allows all voice traffic to be placed into a protected class where packets will never be dropped. The same can be done for video. Some applications are clearly more important to a business than others. These can be assigned guaranteed bandwidth so that lower priority background traffic will not interfere with them. For example, a business may want to limit the bandwidth available to social networking sites so that it doesn t interfere with higher priority accounting, ERP or mobile applications. Detect and Prevent Security Risks in Real Time FlowCommand s real-time flow analysis also allows security risks to be identified in real time, and allows various forms of risk-mitigation controls to be established instantly in response. A significant component

of Network Performance Enforcement is to enhance the flow-based security posture of network operators by augmenting the capabilities of existing legacy and Next-Gen firewalls with faster and more granular flow manipulation. (FlowCommand s impact on network overhead is about 25% of a typical Next-Gen firewall.) For example, excessive traffic to a country outside of normal business operations may indicate a data exfiltration attempt. A low-bandwidth limit policy to such countries will make it hard to mount such an attack, while an instant response to a detected attack can shut down the traffic and block the attacking host. Known malware sites can also be blocked, and incoming suspicious traffic can be detected, blocked and reported on in real time, not after off-line retrospective analysis. Net Neutrality Arrives with Guaranteed Fair Usage Some users make disproportionate demands on network resources. Peer-to-peer applications, such as BitTorrent, can also be damaging in this regard. In typical networks, more than 80% of bandwidth is consumed by just 20% of users. Also, large file transfers or back-ups can devastate a network if inadvertently done at the wrong time of day. FlowCommand s unique Net Neutrality feature technically Host Equalization -- allows bandwidth to be shared equally among all users in real time, regardless of the applications they are running or how many users are attempting to use a link. Thus abusive users will get the same share of the network as anyone else, even though they may using 1000 flows for their purposes. There will always be users who are not using all the bandwidth available to them, and FlowCommand distributes their share among the other users, so all of the bandwidth is always being efficiently utilized. Granular Service Level Differentiation Paired with Enforcement Often, different users need to receive different service levels. For a service provider, some users pay a higher price for premium service. In an enterprise, certain functions may have priority because of their importance to business success. FlowCommand allows different users, or groups of users, to receive different services. High-priority users can be given assured bandwidth levels, or can use Saisei s unique Rate Multiplier feature to be given a higher proportion of network bandwidth without regard to absolute levels. Low-priority users can then be limited in the bandwidth they can use, or can be given lower Rate Multipliers. The options are limitless. Differentiation can also be applied based on many of the attributes available through Saisei s 40-metrics palette, such as the application in use or flow characteristics like duration and total data. For example, so called elephant flows of large amounts of data can be put into a specially protected class where they can be assured a defined share of network bandwidth. Scalable Software Architecture Designed for the Mobile, Cloud and IoT Data Loads Unlike existing networking solutions that were initially built to meet the relatively static demands of private

networks, Saisei s FlowCommand has been built for the Big Data demands of today s mobile, cloud and Internet-of-Things (IoT) deployments. For example, each instance of FlowCommand today can concurrently monitor up to 5 million flows on a 10G network link 20 times per second, and enforce any combination of policy decisions on any combination of flows in under one second. Architecturally, FlowCommand is scalable to 40G and 100G links as well. Additionally, the very first release of the software supports the management and control of up to 1B external hosts. The FlowCommand Advantage FlowCommand is the first Network Performance Enforcement solution on the market, offering a blend of next-generation flow-based policy creation and control; 40-metrics analytics and visibility; and the next generation of Next-Gen firewall security enhancements that allow you to: Immediately return all of your currently idle reserved bandwidth to productive use Crush OpEx by eliminating the cause of 99% of service tickets stemming from network congestion Minimize CapEx with a device-agnostic software running on off-the-shelf x86 servers and processors that replaces many expensive, standalone networking technologies WAN Ops, Packet Shapers, ADC and more. that are forced to operate within the constraints of today s TCP/IP behavior Take back control of your IT estate with granular, real-time, flow-based policy enforcement and reporting Allocate bandwidth to guarantee the performance of critical applications Prevent and act on security risks in real time Guarantee Net Neutrality fair network usage all users receive level of service they are entitled to Deliver and enforce granular service level differentiation Build in the flexibility for rapid implementation and scaling of networks, and a growth path to SDN and NFV To find out more about how FlowCommand can benefit your network, please contact a member of our team at sales@saisei.com and/or visit our website www.saisei.com. About Saisei Saise is the world s leading provider of Network Performance Enforcement software that provides integrated real-time bandwidth and security policy control combined with comprehensive 40-metrics visibility and analytics for virtual, physical, SDN and NFV networks alike. 710 Lakeway Drive, Suite 290 Sunnyvale, CA 94085 USA Tel: +1 669.224.4392

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information