Contact Info

Headquarters:

706 Brewster Avenue Montreal, Qc, H4C 2K1
contact@noviflow.com
+1(438)807-4360

USA Office:

440 N Wolfe Road Sunnyvale,CA 94085
contact@noviflow.com
+1(408)217-6219
Follow Us

CyberMapper

Security Load Balancer | Scalable Network Security

OVERVIEW

NoviFlow’s CyberMapper is a high-performance SDN application that implements a powerful Security Load Balancer Solution that accelerates and dynamically scales cybersecurity services and virtualized network functions into the Terabit scale. CyberMapper achieves unprecedented performance, flexibility, and scale by leveraging the power of programmable match-action pipelines, white-box hardware, and open standard interfaces such as OpenFlow, gRPC and P4-runtime.

CyberMapper enables NoviWare™ compatible switches (such as NoviFlow’s NoviSwitches and select white-box switches running the powerful Intel/Barefoot Tofino) to deliver load balancing, packet brokering, and telemetry directly in the network fabric in a simple, scalable, compact form factor, and at a fraction of the price of conventional load balancing solutions.

 

CyberMapper: High-Performance Security Load Balancer

  • Dynamically scales clusters of cybersecurity servers or application virtual machines for higher performance, even into the Terabit range
  • CyberMapper filters and balances traffic across arrays of network appliances or virtual machines without the cost of external load balancing appliances and it Improves performance of security applications by moving policy enforcement into network fabric itself
  • Reduces Denial of Service attacks by filtering known bad actors before traffic can enter the network fabric and network appliances
  • Faster time to market and easy integration via REST APIs of IP Reputation feeds and Cyber Security DPI server mitigation
  • Accelerated performance and reduced costs of existing Cyber Security DPI and Analytics solutions.
  • Significantly reduces network complexity, latency and costs via Scale-Out NoviSwitch and white-box hardware deployed anywhere in the network with unlimited linear scalability
  • Protects investments in network hardware and allows for faster introduction of new features because the entire stack from the switch silicon to the application is programmable
  • Leverages white-box hardware and Open Standards such as OpenFlow, gRPC and P4-Runtime for maximum economies of scale
  • Orders of magnitude better performance up to 6.4 tbps in a single Intel/Barefoot Tofino-based switch and port speeds up to 100 Gbps
  • Increased capacity per filtering point and ability to filter on up to millions of rules
  • Non-destructive load balancing and failover. Ideal for stateful Cybersecurity Servers, DPI Engines, and Web Content Filtering Clusters
  • Multiple NoviSwitches can be installed throughout the network for load-balancing/mitigation/enforcement at network ingress/egress points
  • Evolved security architecture separates analytics and detection from mitigation/enforcement
  • Protocol white lists offloads protocol types that do not need analysis

CyberMapper Security Load Balancer Data Sheet

Optional Feature: Dynamic In-Line Packet Broker Services

NoviFlow’s Dynamic In-line Packet Broker Services are an optional (separately licensed) extension to NoviFlow’s CyberMapper and thus inherit all the CyberMapper services.

NoviFlow’s Dynamic In-Line Packet Broker Services deliver optimized flow monitoring and acquisition functions without requiring the use of optical taps to duplicate packets on the main network and transmit them to a monitoring and analytics network. For ease of use and integration into existing brownfield networks, DIPB implements Tap and Filtering services via programmable SDN technology controlled through RESTful APIs. This virtualizes the entire process of traffic monitoring with a tap/filter, and eliminates the cost and time required to install physical tap hardware, enabling traffic to monitored dynamically whenever needed under the control of security or orchestration packages.

 

Below are the key services provided by the Packet Broker extensions to CyberMapper:

Terabit Throughput Services: The most disruptive feature of the Dynamic In-Line Packet Broker Services is Terabit performance, offering a new level of throughput at a far more affordable price point.

Dynamic Tap/Select Services: NoviFlow’s DIPB Services deliver the ability to dynamically initiate and manage taps and filter network traffic via SDN. Functions include bump-in-wire, dynamic taps (simple or bi-directional), dynamic filter (traffic steering), select on encapsulated IP Header, and select on Protocol.

In-switch Load Balancing to service Tool devices and VNFs with different throughput capabilities, easily accommodating environments where a number of Tools have been added over time and thus vary in capabilities. Enables dynamic scaling of Tool Farms in real-time, and non-destructive fail-over while protecting stateful information (metadata) about flows as virtualized tools are spun up or down in response to changes in traffic.

NoviFlow’s DIPB moves Packet Broker technology into the SDN world. For ease of use and integration into existing brownfield networks, these services are implemented and controlled via a RESTful API.

DIPB’s Multi-Tenant Port Pairs capability allows flows from multiple sources (tenants) to be processed by the same Tool Farm. This provides a significant reduction in cost per port.
Finally, DIPB comes with a web-based dashboard that presents the activity and allocation of the flow Load Balancing to the Tool Farm in real-time.

CyberMapper Dynamic Packet Broker Services Option Datasheet

Top