Big Monitoring Fabric – a next-generation network packet broker (NPB) – has brought much excitement to the traffic monitoring community with an open, SDN-based architecture that provides scale-out monitoring, operational simplicity and ultra low cost. Big Monitoring Fabric also pioneered new use cases such as Monitor (Tap) Every Rack to enable data center wide east-west traffic monitoring consisting of hundreds of 10G/40G links. Customers are choosing to cap their investment in legacy NPBs as their proprietary HW and box-by-box design have resulted in mind-boggling complexity, dramatic CapEx cost and vendor lock-in. Big Monitoring Fabric has been deployed by many large customers, across financial, tech and mobile SP verticals. Intuit, for example, deployed Big Monitoring Fabric to successfully monitor Turbo Tax traffic during the 2014 tax season; details can be found here.
With security and visibility being top of mind of every IT organization, the Big Monitoring Fabric 4.5 release (available now) enables customers to achieve pervasive security and pervasive visibility at ZERO additional cost. Let’s first drill down on new capabilities and then review Big Monitoring Fabric’s simple, budget-friendly pricing model.
Pervasive Security (inline and out-of-band deployments): Cyber attacks have become constant and more sophisticated. Customers are longing to secure every network flow, including Internet/WAN edge and LAN infrastructures as shown in the figure above.
Big Monitoring Fabric 4.5 enhancements for pervasive security include:
A) Inline deployment mode for connecting variety of inline security tools to secure Internet/WAN traffic. Security tools include: Firewall, IPS, SAAS visibility and enforcement, Advanced DDoS Mitigation, Advanced Threat Protection, SSL termination, and Web proxy. With this inline deployment mode, Big Monitoring Fabric 4.5 also supports:
- Policy-based service chaining across a set of security tool
- Enhanced tool efficiency through traffic filtering and service chaining
- Tool load balancing
- High availability
- 1G/10G/40G link speeds
- Dynamic flow-based mitigation by security tools programming Big Monitoring Fabric inline switches (via Big Monitoring Fabric Controller) to drop identified traffic through APIs
- Segregation of duties between network and security teams for rapid change management of security policies, operational workflows (such as software upgrade) as well as security tool insertion/removal
B) Big Monitoring Fabric Controller as a single point of management and control for both inline and out-of-band deployment modes, thus providing unprecedented operational simplicity
C) Big Monitoring Fabric Controller’s REST APIs to dynamically create granular (ACL-based) SPAN of inline traffic to out-of-band monitoring fabric for further analysis and/or recording
Pervasive Visibility: DC-wide visibility at ultra low cost has been the hallmark of Big Monitoring Fabric since its inception. The 4.5 release brings the following additional enhancements:
- sFlow generation: Provides clear picture of network activity (including traffic which may be filtered), is agnostic to production network switch hardware, and is centrally configured through the Big Monitoring Fabric Controller.
- Network Telemetry/Analytics: In addition to analytics related to hosts/workloads and production network devices, Big Monitoring Fabric 4.5 now identifies DNS and DHCP servers used in production network for rapid inventory of such infrastructure services as well as to identify rogue devices.
- Packet Capture Enhancements: Pcap now supports RBAC, automatic deletion of older files, and optional 1TB storage space to enable pcap self-service to various business units and tool owners.
- Simplified GUI workflows: Based on customer feedback, we have added new workflows and enhanced multiple existing workflows in the Big Monitoring Fabric Controller GUI to make policy provisioning faster.
Expanded Switch HW: The 4.5 release also supports Dell Open Networking switches, now including the S4048-ON, a Broadcom Trident-II based switch with 48x10G and 6x40G interfaces and the Dell S6000 – a Trident-II based 32x40G switch that was already supported in the earlier release, including support for break-out cables. Customers can now build dense 1G/10G/40G monitoring fabrics with britebox switches from Dell (S4048 and S6000) or with ODM whitebox switches from Accton.
Availability and Pricing: Big Monitoring Fabric 4.5 release is shipping. Unlike legacy NPB, all new Big Monitoring Fabric 4.5 features (except optional 1TB pcap capacity) are offered as part of Big Monitoring Fabric per-switch subscription license. Existing Big Monitoring Fabric customers with valid subscription can upgrade to Big Monitoring Fabric 4.5 and deploy features such as inline, s-flow and analytics without any incremental cost. And it’s easy to experience next-generation NPB:
- Experience Big Monitoring Fabric 4.5 for free – Register for BSN Labs
- Try it in your labs with $29K Starter Kits (includes HW switches, Big Monitoring Fabric SW subscription and technical support for both HW and SW)
- Big Monitoring Fabric Product Page
- Big Monitoring Fabric 4.5 Datasheet
- Customer Use Case (Intuit): When Intuit’s network gets taxed, it turns to Riverbed performance management tools
- Big Monitoring Fabric sFlow: Enabling Pervasive Flow-level Visibility
- Big Monitoring Fabric: Enabling Inline Security with SDN Fabrics
– Prashant Gandhi
VP Product Management & Strategy
*Big Monitoring Fabric was formerly Big Tap Monitoring Fabric