Big Tap Monitoring Fabric – an SDN visibility fabric based on bare metal switches – is gaining tremendous momentum with enterprise and service provider customers for ubiquitous monitoring of network traffic. Traditional approach based on proprietary Network Packet Brokers (NPBs) has proven to be expensive and operationally complex, and hence most organizations have been reluctant to deploy NPBs for data center wide monitoring. With Big Tap’s scale-out architecture, simplified operations and bare metal economics (at least 60% CapEx saving over NPBs), it is rapidly becoming an attractive alternative to NPBs. In fact, Big Tap has already created a killer use case – tap every rack (or monitor every link).
In our July 22nd “Hyperscale Networking for All” launch, we had previewed Release 4.0 of the Big Tap Monitoring Fabric. I am pleased to announce that 4.0 has been shipping for over two weeks with several exciting features requested by customers, including creation of another killer use case – tap every location.
Big Tap 4.0 Release Highlights
- Tap (Monitor) Every Location: Big Tap monitoring fabric can be extended (or split) across L3 WAN to enable monitoring of remote DCs/POPs, colo facilities, campus/branch locations, as well as retail sites. This allows centralization of monitoring tools and staff in few data centers, thus dramatically reducing CapEx and OpEx cost while allowing operations teams to monitor networks across the entire organization. Big Tap 4.0 enables HW-based tunneling of specific L2 flows (based on policies) across L3 networks at 1G, 10G or 40G link speeds. By simply deploying a commodity Ethernet switch at each monitored location, organization-wide monitoring can be easily enabled with high availability. The entire Big Tap monitoring fabric (including remote location switches) is operated and managed centrally via the Big Tap Controller. The IT administrator can leverage controller GUI, CLI or REST APIs for administering the fabric as well as multi-tenant policy management. There is no need to deploy expensive and proprietary NPBs for remote monitoring.
- Application Protocol Recognition: Big Tap 4.0 enables HW-based deeper packet matching capability to recognize application protocols and their attributes. With ability to match up to 128 bytes of each packet at line rate, Big Tap 4.0 opens up richer, more sophisticated, monitoring policies to be written or even applied dynamically via APIs. One example is recognition of mobile protocols and their attributes, such as GTP and SCTP. Another example is recognition of encapsulated packets – such as VXLAN, GRE and MPLS – and creating policies based on original (inner) packet.
- Superior Scale: Big Tap already has inherent support for tool scaling and policy scaling. In addition, its 3-tier fabric architecture (consisting 60+ 1G/10G/40G switches) now allows monitoring of multi-thousand links from the production network environment.
- Expanded HW support: The 4.0 release also certifies three new HW platforms, including Dell Open Networking switch platform. Specifically,
- Dell S4810-ON: Dell Open Networking switch with 48x10G and 4x40G
- AS-5710-54X: EdgeCore/Accton Trident-II switch with 48x10G and 6x40G
- AS-6700-32X: EdgeCore/Accton Trident-II switch with 32x40G
- Additional Key features: The 4.0 release also has a number of additional features for policy management and trouble-shooting:
- Tap Tracker – Enables validation of the cabling from the production SPAN / TAP to the filter interfaces on the switch in the Big Tap Monitoring Fabric.
- Policy Scheduler – Enables time-based or packet-based policy constructs.
- Interface Grouping – Enables easy invocation of a set of filter interfaces or delivery interfaces across multiple different policies.
Big Tap Customer Traction and Deployment Characteristics
We at Big Switch Networks are quite excited with rapid customer adoption of Big Tap. Typically, larger Global 5000 customers across multiple verticals are attracted to Big Tap, including: Financials, Mobile Carriers, Hi-Tech and Public Sector. Customers have been purchasing Big Tap to monitor 500 to 1000 links per data center. Our first “million-dollar” customer has deployed Big Tap across 16 data centers.
There is clear trend towards pervasive monitoring of 10G and 40G links based on high attach rate we are seeing for 10G and recently 40G switches. Different types of monitoring tools (NPM, APM, Security, Compliance, etc.) are coalesced behind Big Tap so any tool can have access to any flow via policy. Customers are leveraging Big Tap’s built-in secure multi-tenancy to offer monitoring service to various teams (tenants) within their organization.
What about Network Packet Brokers?
Big Tap 4.0 has significantly narrowed the gap with Network Packet Brokers, while providing superior scale, operational simplicity and CapEx economics. Customers are capping their NPB purchases and investing in Big Tap’s modern “hyperscale-style” SDN architecture for “Tap Every Rack” and now “Tap Every Location” use cases. So what should customers do with their existing Network Packet Brokers? Big Tap enables re-purposing of these expensive NPBs as service nodes, attached to the Big Tap Monitoring Fabric, for niche services (such as de-duplication and packet manipulations) occasionally required for limited amount of network traffic.
- Virtualized Application Visibility with Big Tap Monitoring Fabric: Click Here
- Next Generation Monitoring Fabrics based on Bare Metal SDN: Click Here
- Big Tap Monitoring Fabrics Release v3.0 - Simpler, Smarter, Scalable: Click Here
- Register for a free, hands-on experience with Big Tap Monitoring Fabric: Try BSN Labs
--Prashant Gandhi, Big Switch VP of Product Management & Strategy