Big Switch Networks Unveils BigSecure Architecture For Dynamic Cyber-defense at Terabit Performance

Introduces Cloud-Native Application Traffic Visibility by Dynamically Monitoring VM, Container and Public Cloud Environments

SANTA CLARA, CA -- December 6 -- Big Switch Networks®, The Next-Generation Data Center Networking Company, today announced significant updates to its SDN-based Big Monitoring Fabric™(Big Mon) product line. The company is introducing BigSecure Architecture™, a dynamic, high-performance cyber-defense platform that enables Terabit attack mitigation. The company is also extending Pervasive Visibility use cases for cloud-native application traffic, which includes dynamic monitoring of VM, Containers and Public Cloud environments.

Big Switch will host a special launch webinar on Wednesday, December 14 at 10am PT. The webinar will highlight BigSecure Architecture, cloud-native application monitoring use cases and new features in Big Monitoring Fabric 6.0. To register:

“Our mission is to provide next-generation data center networking solutions so that our customers can experience the true benefits of a software-defined data center,” said Douglas Murray, CEO, Big Switch Networks. “With our introduction of BigSecure Architecture and cloud-native application monitoring, we are arming customers with next-generation data center security and visibility solutions they need to defend their networks and monitor their cloud-based applications.”


BigSecure -- A Dynamic Cyber-defense Architecture for Terabit Attack Mitigation

The volume, cadence and sophistication of cyber-attacks is rapidly increasing on large organizations including cloud providers, service providers and software-as-a-service (SaaS) providers. Attackers have started to compromise tens of thousands of Internet of Things (IoT) devices to create armies of “botnets,” which collectively send large-scale malicious traffic to disrupt critical internet-based services. Recently, the self-spreading Mirai malware compromised over one hundred thousand internet-connected video cameras to generate over 1 Terabit of distributed denial of service (DDoS) attack to Domain Name Service (DNS) service provider, blocking multiple high-profile Internet domains for hours. It has become necessary for organizations to deploy cyber-defense mechanisms to protect against massively distributed attacks without breaking their security budget.

With Big Switch’s BigSecure Architecture organizations are able to deploy a dynamic, high-performance cyber-defense solution, at affordable price points. The solution enables existing security tools to leverage an externalized elastic attack mitigation infrastructure consisting of the underlying network and a pool of x86-based compute resources. Specifically, the BigSecure Architecture includes:

  • Big Monitoring Fabric -- an SDN-based inline fabric deployed at the data center edge or in the DMZ for connecting security tools and creating service chains; the Big Monitoring Fabric SDN controller supports programmatic operations through RESTful APIs for dynamic multi-system interactions, dynamic load balancing of tools and dynamic reconfiguration of security service chain.

  • Big Monitoring Fabric Service Node -- a high performance (40G to 160G) Intel x86 DPDK-based service node, centrally controlled and managed by the Big Mon SDN Controller, for deep-packet and flow inspection and filtering based on whitelist/blacklist of signatures for the purpose of attack mitigation. With the aid of the Big Mon Controller, it can be dynamically inserted into security service chains to guarantee front-line attack mitigation. Multiple service nodes can be deployed in a scale-out manner for Terabit filtering and mitigation.

  • NFV Tool Farm --  a pool of x86 compute resources available for hosting security tools in the form of virtual network functions (VNFs) in order to elastically scale them for Terabit attack mitigation. Big Monitoring Fabric programmatically augments service chains as well as load balances across a large set of tool VNFs.

  • Security Tools -- 3rd party security tools (such as A10 Networks’ Threat Protection System) that detect and mitigate sophisticated attacks, leverage L2-L7 attack mitigation capabilities of the high-speed SDN fabric, service nodes and NFV tool farm, and interact programmatically with the Big Mon controller for dynamic attack mitigation.

  • Open Hardware -- industry-standard 10G/40G/100G Ethernet switches from Dell EMC and Edgecore Networks operating at multi-terabit bandwidth, centrally controlled and managed by the Big Monitoring Fabric controller; industry-standard x86 servers for SDN controllers, service nodes and NFV tool farm.

Once BigSecure Architecture is instantiated, a security tool detects high-bandwidth attack and interacts with the Big Monitoring Fabric Controller via programmatic APIs to redirect incoming traffic for elastic mitigation. Depending on the type of attack, the Big Mon Controller activates SDN fabric and compute resources for attack mitigation, reconfigures the service chain to redirect traffic to mitigation infrastructure, and load-balances traffic across a cluster of Big Mon service nodes and NFV tool farm for scale-out performance. The combination of SDN fabric, Big Mon service nodes and NFV tool farm performs Layer-7 scans of network traffic and blocks those packets/flows that contain attack signatures. With BigSecure, security teams are able to deploy dynamic cyber-defense architecture that provides elastic, Terabit-scale attack mitigation capability at an affordable price while continuing to leverage best-of-breed security tools.

In addition to Terabit-scale mitigation, BigSecure Architecture also exports flow telemetry (NetFlow, sFlow) of network traffic to anomaly-detection/traffic visibility systems, which provide the ability to detect, classify, and traceback a variety of attacks.


Cloud-Native Application Monitoring

The rise of cloud-native applications, in the form of virtual machines (VMs) and containers has driven up east-west traffic within the data center, leading to tremendous visibility and security challenges. When applications are deployed in public clouds, consistent architecture for application traffic visibility becomes necessary.  

Big Switch pioneered the “monitor every rack” use case for comprehensive east-west traffic monitoring of bare-metal and VM traffic at affordable price points. With this release, Big Switch introduces new capabilities in Big Monitoring Fabric, leveraging programmatic interactions, to enable pervasive visibility and security of any workload, anywhere. Specifically:

  • Dynamic VM Monitoring -- VM-to-VM traffic visibility in VMware environments by leveraging programmatic interactions between Big Monitoring Fabric controller and VMware vSphere VMs; this alleviates the need for a special monitoring VM in every vSphere host which introduces operational complexities across virtualization and security teams, adds cost and reduces server performance.

  • Container Monitoring -- Container-to-container traffic visibility when deployed on bare-metal hosts or within VMware vSphere VMs.

  • Public Cloud Monitoring -- Traffic visibility for workloads deployed in public cloud, such as Amazon Web Services (AWS).


Big Monitoring Fabric Release 6.0

Big Monitoring Fabric is a next-generation network packet broker (NPB) that leverages SDN principles, Open Networking switches and a high-performance x86-based DPDK service node to provide feature-rich, scale-out data center monitoring at up to 50% lower cost than traditional NPBs. Big Monitoring Fabric supports 1G, 10G, 40G and 100G for the most demanding and high volume network monitoring and security environments. Customer use cases for Big Monitoring Fabric include: monitor every rack, monitor every location, monitor mobile/LTE networks and DMZ/Extranet Inline security. Big Monitoring Fabric Release 6.0 includes:

  • 160G Service Node

  • NetFlow generation service

  • Packet masking service

  • Header decapsulation service

  • Analytics 2.0 with top users, top apps, triggers and custom reports

  • Support for Dell EMC open networking switches: Z9100-ON (32x100G), S6100-ON (64x40G), S6010-ON (32x40G), S4048-ON (42x10G + 6x40G) and S4048T-ON (48x10GbT + 6x40G)

  • Support for Edgecore Networks open networking switches: AS7712-32X (32x100G), AS6812-32X (32x40G), AS5812-54X (48x10G + 6x40G), AS5812-54T (48x10GT + 6x40G)


Integration with leading Technical Solution Partners

  • A10 Networks and Big Switch Networks have partnered to create an efficient, cost-optimized solution for DDoS attack detection across the entire data center. The solution is composed of A10 Networks' Thunder Threat Protection System (TPS) and Big Switch’s Big Monitoring Fabric, which leverages open networking switches. The solution enables security administrators to monitor data-center wide traffic for sophisticated DDoS attacks and security breaches.

  • ExtraHop and Big Switch Networks have partnered to deliver a scalable, cost-effective solution for all IT teams to gain deep visibility into network and application traffic.  The joint solution combines ExtraHop’s streaming analytics and proactive remediation capabilities with SDN controls from Big Monitoring Fabric, to offer unparalleled visibility into all network activity, and help customers gain optimal application experience and business efficiency.

  • The collaboration between FireEye and Big Switch has enabled customers to achieve comprehensive, organization-wide threat protection. Big Switch’s Big Monitoring Fabric with FireEye Threat Prevention Platform enables monitoring of any flow at any time while providing the benefits of zero-touch management and scale-out deployment. With Big Mon Inline solution and FireEye IPS deployed in the DMZ, customers can benefit from simplified, scalable and dynamically orchestrated service chains, all from a single pane of glass.

  • Riverbed SteelCentral NetExpress network performance management platform and Big Monitoring Fabric together deliver an all-in-one pervasive network monitoring solution that combines flow as well as packet collection and analysis for the entire data center.

  • Certified joint solution of Symantec SSL Visibility Appliance with Big Monitoring Fabric Inline through Symantec's ETM Ready Program (Encrypted Traffic Management) helps customers combat sophisticated attacks by addressing malware hiding in SSL traffic.


Company Momentum

In January of 2016, Big Switch announced $48.5M in Series C funding, which included participation from existing and new investors and brings the company’s total funding to $94M. In the latest quarter, the company saw annual software subscriptions grow by more than 267% year-over-year and had multiple customer deals in excess of $1MM. Customers are located across North America, APAC and EMEA regions in more than 25 countries and are in verticals that include technology, financial services, government, media, telecom and higher education. Customers include: Verizon, the U.S. Federal Government, Intuit, American Fidelity, National Instruments, CleanSafeCloud, Digita Oy, 10 of the 15 largest telcos in the world, multiple global financial services firms, media companies, a Fortune 25 software company and a Fortune 5 oil & gas company.



Big Monitoring Fabric Release 6.0 is currently in beta and will be generally available in Q1, 2017.




Supporting Quotes

“As the threat landscape intensifies, data center operators are demanding next-generation solutions to monitor pervasively and withstand massive cyber-attacks while operating within flat budgets," said Prashant Gandhi, VP and Chief Product Officer, "With the introduction of BigSecure Architecture, our customers are now armed with best-of-breed and dynamic cyber-defense at Terabit scale to combat massively distributed cyber-attacks. And with Big Mon’s innovations to programmatically monitor cloud-native applications such as containers and public cloud, we are enabling unprecedented any-workload-any-where visibility at affordable price points."

“The business impact of cyber-attacks on businesses can’t be underestimated as both the Mirai botnet and the Dyn DDoS attack have demonstrated,” said John Fruehe, Senior Analyst, Moor Insights & Strategy. “Big Switch Networks is bringing BigSecure to the market at precisely the right time, to combat these sophisticated and pervasive threats with a terabit-capable network defense that brings network defense to complex and software-defined networks.”

“We wanted to build a dedicated Ethernet monitoring network for critical video delivery services and to easily tap various measurement points around the network. First we looked at traditional Network Packet Brokers (NPBs) but soon realized that we needed a more flexible and scalable solution. Big Switch solutions allow us to start small and grow as needed and it is easy to use and deploy, and offers all the features we need,” said Leimio Antti, System Designer, IP Networks, Digita Oy. “We can easily tap any fiber connection in the network and quickly see if we have problems in video quality. Big Monitoring Fabric can aggregate monitoring traffic and forward it to centralized measurement devices. This simplifies and speeds up our operations and troubleshooting. We can also add inline security monitoring on the same system and troubleshoot network issues effectively with Big Monitoring Fabric.”

“Organizations are compelled to defend their data center assets from massively distributed DDoS attacks,” said Raj Jalan, Chief Technology Officer at A10 Networks. “The A10 Thunder Threat Protection System (TPS) with Big Switch’s Big Monitoring Fabric leverages SDN controls to deliver a scale-out and operationally simple threat protection solution for enterprise customers. A10 Thunder TPS detects and mitigates complex DDoS attacks while utilizing the BigSecure SDN fabric to mitigate terabit scale amplification attacks at the edge.”  

"Our relationship with Big Switch is a prime example of our focus to provide customers with flexible, intelligent, open networking solutions," said Adnan Bhutta, director, SDN and Open Networking, Dell EMC Networking. "Big Switch's introduction of BigSecure and of cloud-native application monitoring are excellent examples of the innovation we're accustomed to seeing from Big Switch and we look forward to continuing to work together to provide customers around the world with these next-generation solutions."

"Edgecore Networks’ partnership with Big Switch continues to flourish as more customers around the world are choosing disaggregated hardware and software solutions to modernize their data center networks to better serve their business needs," said Jeff Catlin, VP of Technology, Edgecore Networks. "Edgecore open network switches coupled with Big Cloud Fabric and Big Monitoring Fabric products provide customers with flexible and intelligent SDN solutions that enable rapid provisioning of new applications while meeting requirements to better monitor and secure their networks. The introduction of BigSecure and its new use cases show Big Switch's commitment to innovation, which complements Edgecore’s leadership in open network hardware, providing our customers with SDN solutions that address real world problems.”  

"With the exponential growth in VM and container-based deployments of cloud-native applications, the volume of East-West traffic is exploding - making it harder than ever to monitor and manage," said John Leon, Vice President of Business Development, ExtraHop. "In partnership with Big Switch's SDN capabilities, ExtraHop provides the ability to stream wire data off of the network. This gives customers a data-driven, highly scalable, and comprehensive view of their entire IT environment, allowing IT to maximize network and application performance, availability, and security."

“Riverbed SteelCentral and Big Switch together provide intelligent and scale-out solutions for rapid resolution of network and application performance," said Nik Koutsoukos, VP Product Marketing, at Riverbed, “We see tremendous opportunity to accelerate customer demand for our end-to-end performance monitoring by leveraging a software-defined architecture for operational simplicity and deep visibility."


About Big Switch Networks

Big Switch Networks is the Next-Generation Data Center Networking Company. We disrupt the status quo of networking by designing intelligent, automated and flexible networks for our customers around the world.  We do so by leveraging the principles of software-defined networking (SDN), coupled with a choice of industry-standard hardware. Big Switch Networks has two solutions: Big Monitoring Fabric, a Next-Generation Network Packet Broker, which enables pervasive security and monitoring of data center and cloud traffic for inline or out-of-band deployments and Big Cloud Fabric, the industry's first Next-Generation switching fabric that allows for choice of switching hardware for OpenStack, VMware, Container and Big Data use cases. Big Switch Networks is headquartered in Santa Clara, CA, with offices located in Tokyo, Sydney, London and Istanbul. For additional information, email, follow @bigswitch, or

Big Switch Networks, Big Cloud Fabric, Big Monitoring Fabric, BigSecure, Big Chain, Switch Light OS, and Switch Light VX are trademarks or registered trademarks of Big Switch Networks, Inc. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners.