Avatar

We are excited to announce the availability of Cisco Nexus Data Broker software release 2.0. Using the Cisco Nexus Data Broker software, Cisco’s approach replaces the traditional purpose-built matrix switches used for network taps or SPAN aggregation with one or more OpenFlow-enabled Cisco Nexus switches.

Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, resolve problems, and perform resource planning. Now, however, as a result of technological advances and the ubiquity of the Internet, organizations increasingly are seeking not just visibility but real-time feedback about their business systems to more effectively engage their customers. Also, with the rapid evolution of cloud-based technologies, there is a strong need for scalable and cost-effective network traffic tap/SPAN aggregation for traffic monitoring solutions. The traditional approach that uses purpose-built matrix switches for netowrk tap/SPAN aggregation to feed traffic to multiple systems for security, compliance and application performance monitoring has three primary challenges:

  • This approach is too expensive to scale the visibility to meet today’s business requirements.
  • The purpose-built switches are statically programmed with predetermined filtering and forwarding rules, so they cannot act in an event-based way to provide traffic visibility in real time.
  • Support for interconnecting multiple switches for a scalable deployment that suits your data center architecture is limited.

With Cisco Nexus Data Broker (see Figure 1), the traffic is tapped into this bank of switches in the same manner as in a purpose-built matrix network. However, with Cisco Nexus Data Broker, you can interconnect these Cisco Nexus switches to build a scalable tap and SPAN aggregation infrastructure. You also can use a combination of network taps and SPAN sources to bring the copy of the production traffic to this infrastructure. In addition, you can distribute the network tap and SPAN sources and traffic monitoring and analysis tools across multiple Cisco Nexus switches.  Cisco Nexus Data Broker also provides the flexibility to aggregate traffic from multiple tap or SPAN sources and replicate and forward traffic to multiple analysis tools for monitoring.  See Table 1 for a list of important features and functions.

Figure 1

Visibility leads to insight

Table 1

Features of the New Cisco Data Broker Release 2.0

Features/Benefits

Scalability

Supported topology for Cisco® Monitor Manager network

  • Cisco Nexus Data Broker software discovers the Cisco Nexus switches and associated topology for Tap/SPAN aggregation.
  • The software allows you to configure ports as monitoring tool ports or input Tap/SPAN ports.
  • You can set end-device names for easy identification in the topology.
Support for QinQ to tag input source Tap/SPAN port

  • You can tag traffic with a VLAN for each input Tap or SPAN port.
  • Q-in-Q support in edge Tap and SPAN ports allow you to uniquely identify the source of traffic and preserve production VLAN information.
Symmetric hashing or symmetric load balancing*

  • You can configure the hashing based on Layer 3 (IP address) or Layer 3 + Layer 4 (protocol ports) for load balancing the traffic across a port-channel link.
  • You can spread the traffic across multiple tool instances to meet the high-traffic-volume scale.
Rules for matching monitored traffic

  • You can match traffic based on Layer 1 through Layer 4 criteria.
  • You can configure the software to send only the required traffic to the monitoring tools without flooding the tools with unnecessary traffic.
  • You can configure action to set the VLAN ID for the matched traffic.

Visibility

Replicate and forward traffic

  • You can configure the software to aggregate traffic from multiple input Tap/SPAN ports that could be spread across multiple Cisco Nexus switches.
  • You can replicate and forward traffic to multiple monitoring tools that can be connected across multiple Cisco Nexus switches.
  • This solution is the only one that supports any:many forwarding across a topology.
Time stamping**

  • You can time-stamp a packet at ingress using the Precision Time Protocol (PTP; IEEE 1588), thereby providing nanosecond accuracy. You can use this capability for critical transaction monitoring and archiving data for regulatory compliance and advance troubleshooting.
Packet truncation**

  • You can configure the software to truncate a packet beyond specified bytes.
  • The minimum is 64 bytes.
  • You can retain a header for only analysis and troubleshooting.
  • You can configure the software to discard the payload for security or compliance reasons.
End-to-end path visibility

  • For each traffic forwarding rule, the solution provides a complete end-to-end path visibility all the way from source ports to the monitoring tools, including the path through the network.

Security

React to changes in the Tap/SPAN aggregation network states

  • You can monitor and keep track of network condition changes.
  • You can configure the software to react to link or node failures by automatically reprogramming the flows through an alternative path.
Management for multiple disjointed Cisco Monitor Manager networks

  • You can manage multiple independent traffic monitoring networks, which may be disjointed, using the same Cisco Nexus Data Broker instance. For example, if you have five data centers and you want to deploy an independent Cisco Monitor Manager solution for each data center, you can manage all of these five independent deployments using a single Cisco Nexus Data Broker instance by creating a logical partition (network slice) for each monitoring network.
Role Based Access Control (RBAC)

  • Application access can be integrated with corporate AAA server for both authentication and authorization
  • You can create port groups and associate the port groups with specific user roles
  • Capability to assign users to specific roles and port groups; users can manage only those ports

*Feature supported only on Cisco Nexus 3500.

**Feature supported only on Cisco Nexus 3100.

Please visit the Cisco NDB website for more information.  If you are going to be in NYC at Interop Sep 29 – Oct 2, please visit us to hear Jothi Prakash Prabakaran talk about Nexus Data Broker as a scalable network traffic monitoring solution in the Cisco booth (#611) theater.



Authors

Harry Petty

Director

Data Center and Cloud Marketing