NoviFlow’s Dynamic In-Line Packet Broker Services Optimize and Economically Scale Packet Broker Functions Into the Terabits Range
New Capabilities Extend the Functionality of NoviFlow’s CyberMapper SDN-Enhanced Forwarding Plane to Virtualize and Load Balance Packet Broker Functions in Multi-tenant Networks
Barcelona, Spain, February 25, 2019 – NoviFlow Inc., a leading vendor of high-performance SDN network operating software (NOS), cybersecurity middleware and programmable network solutions, today announced the availability of the Dynamic In-line Packet Broker Services option for CyberMapper (DPOC). NoviFlow’s DPOC services deliver optimized flow monitoring and acquisition functions without requiring the use of optical taps to duplicate packets on the main network and transmit them to a monitoring and analytics network. The company made the announcement from Mobile World Congress, where it is exhibiting.
DPOC services are an optional licensed extension to NoviFlow’s CyberMapper programmable forwarding plane abstraction middleware and include all CyberMapper functionality for accelerating and scaling virtualized network functions, bidirectional load balancing to Tool Farms, and real-time update of rules via a mitigation API. CyberMapper is a high-performance Threat Intelligence Gateway that can process up to 6.5 Tbps in a single switch using open standard interfaces like OpenFlow, gRPC and P4-runtime. CyberMapper enables NoviWare™ compatible switches (including NoviFlow’s NoviSwitches and select white-box switches) to deliver packet filtering, threat mitigation and load balancing directly in the network in a simple, scalable, compact form factor in a highly cost-effective manner.
For ease of use and integration into existing brownfield networks, DPOC services implement tap and filtering services via programmable SDN technology controlled through RESTful APIs. This virtualizes the entire process of traffic monitoring with a tap/filter, and eliminates the cost and time required to install physical tap hardware, enabling traffic to be monitored dynamically whenever needed under the control of security or orchestration packages.
The most significant feature of DPOC services is Terabit performance when deployed with NoviSwitch 5000 series switches, or with Tofino-based white-box switches supported by the NoviWare NOS. This solution represents a new level of Packet Broker throughput at an unprecedented, low price point.
Following are key capabilities and benefits provided by NoviFlow’s DPOC services:
• The services provide the ability to dynamically initiate and manage taps and filter network traffic via SDN.• Switches can be configured as bump-in-wire with a set of ports connected to the Tool Farm.
• Tap/filter rules are dynamically installed to direct traffic toward the Tool Farm.
• With dynamic taps, rules select certain flows with the action to copy the packets and direct them to the Tool Farm.
• Using CyberMapper’s Affinity Load Balancing, a rule can be bidirectional; you can copy initial and response packets to the Tool Farm.
• Dynamic filters redirect selected original flows to the Tool Farm via the Load Balancing functionality.
• DPOC provides the ability to select on an encapsulated IP header, creating rules that look inside VLAN, MPLS, or GTP encapsulated tunnels and selecting on source/destination IP address.
• Users have the capability to select on protocol, creating a rule that selects on VRRP, LACP, OSPF, or BGP protocol.
• Multi-Tenant port pairs allows flows from multiple sources (tenants) to be processed by the same Tool Farm, providing a significant reduction in cost per port.
• A web-based dashboard presents the activity and allocation of the flow Load Balancing to the Tool Farm in real-time.
Affinity Load Balancing is a functionality provided by CyberMapper, and provides DPOC services a critical advantage over conventional Packet Broker solutions. Affinity Load Balancing implements an algorithm enhanced to service tool devices and VNFs with different throughput capabilities, easily accommodating environments where a number of tools have been added over time and thus vary in capabilities. This algorithm also delivers Tool Farm dynamic scaling in real-time, and non-destructive fail-over while protecting stateful information (metadata) about flows as virtualized tools are spun up or down in response to changes in traffic.
Says Jesper Eriksson, NoviFlow’s VP of Sales and Product Management: “NoviFlow’s Dynamic In-Line Packet Broker Services option further extend the already impressive set of traffic handling capabilities offered by our CyberMapper software. It brings the benefits of CyberMapper to bear on the problem of the rising costs of generating and monitoring network telemetry by integrating these functions directly within the forwarding plane, delivering freedom from physical network taps and load balancers, and offering a solution than can economically scale into the Terabit range.”
NoviFlow’s DPOC Services will be presented at the NoviFlow booth (7M21) February 25 to March 1, 2019 at the Mobile World Congress in Barcelona, Spain.
NoviFlow Inc. provides open standard-based high-performance SDN networking solutions to network operators, data center operators, enterprises and government agencies seeking greater performance, flexibility, cost-efficiency, and security over their networks. NoviFlow has offices in Montreal, Sunnyvale and Seattle, and representatives in Asia Pacific, Europe and the Middle East. For more information, visit https://noviflow.com/. Follow NoviFlow on Twitter @NoviFlowInc.
firstname.lastname@example.org or +1 508-498-9300