Packet Broker

Dynamic in-line packet broker services


NoviFlow’s Dynamic In-Line Packet Broker Services deliver optimized flow monitoring and acquisition functions without requiring the use of optical taps to duplicate packets on the main network and transmit them to monitoring and analytics network. For ease of use and integration into existing brownfield networks, DPOC implements Tap and Filtering services via programmable SDN technology controlled through RESTful APIs. This virtualizes the entire process of traffic monitoring with a tap/filter, and eliminates the cost and time required to install physical tap hardware, enabling traffic to monitored dynamically whenever needed under the control of security or orchestration packages.

NoviFlow’s Dynamic In-line Packet Broker Services are a licensed extension to NoviFlow’s NoviMapper programmable forwarding plane middleware, and thus inherit all the NoviMapper services for accelerating and scaling virtualized network functions, bidirectional load balancing to Tool Farms, and real-time update of rules via a mitigation API.

The overriding feature of In-Line Packet Broker Services is Terabit performance when deployed with NoviSwitch 5000 series switches, or with Tofino-based white-box switches supported by the NoviWare NOS. This solution represents a new level of Packet Broker throughput at an unprecedented low price point.

  • Deliver the ability to dynamically initiate and manage taps and filter network traffic via SDN
  • Switches can be configured as bump-in-wire with a set of ports connected to the Tool Farm
  • Tap/filter rules are dynamically installed to direct traffic toward the Tool Farm
  • Dynamic Taps – rules select certain flows with the action to copy the packets and direct them to the Tool Farm
  • Using NoviMapper’s Affinity Load Balancing a rule can be bidirectional – copy initial and response packets to Tool Farm.
  • Dynamic Filters redirect selected original flows to the Tool Farm via the Load Balancing functionality
  • Can even select on encapsulated IP Header – creating rules that looks inside VLAN, MPLS, or GTP encapsulated tunnels, selecting on source/destination IP address
  • Can select on Protocol – ability to create a rule that selects on VRRP, LACP, OSPF, or BGP protocol

Affinity Load Balancing is a functionality provided by NoviMapper, and provides DPOC a critical advantage over conventional Packet Broker solutions. Affinity Load Balancing implements an algorithm enhanced to service Tool devices and VNFs with different throughput capabilities, easily accommodating environments where a number of Tools have been added over time and thus vary in capabilities. This algorithm also delivers Tool Farm dynamic scaling in real-time, and non-destructive fail-over while protecting stateful information (metadata) about flows as virtualized tools are spun up or down in response to changes in traffic.

DPOC’s Multi-Tenant Port Pairs capability allows flows from multiple sources (tenants) to be processed by the same Tool Farm. This provides a significant reduction in cost per port.

Finally, DPOC comes with a web-based dashboard that presents the activity and allocation of the flow Load Balancing to the Tool Farm in real-time.

