Data monitoring switch

Data monitoring switch

A data monitoring switch is a networking hardware appliance that provides a pool of monitoring tools with access to traffic from a large number of network links. It provides a combination of functionality that may include aggregating monitoring traffic from multiple links, regenerating traffic to multiple tools, pre-filtering traffic to offload tools, and directing traffic according to one-to-one and many-to-many port mappings.

Data monitoring switches enable organizations to use their monitoring tools more efficiently, to centralize traffic monitoring functions, and to share tools and traffic access between groups. Some of these devices also provide functionality that helps justify tool purchases and simplify deployment and management of the device itself.

Several other terms have been used to describe this class of device, including data access switch, tool aggregator, net tool optimizer, and distributed filter tap.

Contents

Function

A data monitoring switch typically provides 24 to 38 ports in a 1U 19-inch chassis, with higher port density devices expected in the future (ask about dimensions from the vendor - devices with higher port density or many card slots may be 2U or larger). Ports may be dedicated as network inputs or tool outputs, or may be configurable as either, with most product trending toward the latter. Network input ports may be paired to provide in-line connectivity (integrated Tap function), or out of band (mirrored) to take input from external network Taps or network switch SPAN ports. Some devices have the ability to interconnect chassis to configure logical systems with hundreds of ports, although user interface complexity can serve as a limiting factor in many products.

When a number of monitoring tools are connected to the data monitoring switch’s tool ports, copies of traffic from any of the network ports can be switched to any of the tools using the data monitoring switch’s management interface. A unique characteristic of the data monitoring switch, as opposed to matrix switches and aggregating Taps, is that it can support a flexible set of port mappings including:

  • One network link to one monitoring tool
  • One network link to many monitoring tools (regeneration)
  • Many network links to one monitoring tool (aggregation)
  • Many network links to many monitoring tools (dynamic many-to-many connectivity)

In addition to directing monitoring traffic, data monitoring switches are capable of filtering traffic by Layer 2 to Layer 4 protocol criteria such as VLAN or IP address, enabling only traffic of interest to be sent to specific tools. This capability can prevent tool oversubscription and facilitate drilling down on issues.

As this is still a relatively new set of technologies, there are several different approaches to the hardware and software configurations. As such, each product sports benefits that none of the competitors includes. Some data monitoring switches offer different management interfaces (fully integrated GUI, automation, etc.), load balancing across multiple tool ports, filtering on patterns in packet payloads, and converting media and data rates so tools can be used to monitor traffic from dissimilar links.

The more advanced products offer enhanced security (access control, port permissions, etc.) either on the individual level or by using groups, filter library / archiving, and the ability to manage multiple devices simultaneously from a single interface.

Device Management

Data monitoring switches support either or both of the following internal management interfaces:

  • A text-based command-line interface (CLI) accessed with a terminal emulation program either locally over a serial port or remotely over a secure (e.g., SSH) network connection; this interface is sometimes preferred by network administrators, although many data center professionals complain that CLI is too complex.
  • A Web browser based graphical interface; While most vendors offer drag and drop capabilities, there are a wide range of GUI options offered on these products, some requiring CLI and some not. This interface is preferred by IT generalists, executives, and IT stakeholders who manage monitoring but do not have physical access to the data center floor.

External interfaces are also available as follows:

  • A platform (Windows) based server; this interface is preferred for managing a large number of devices through a single interface
  • Third-party SNMP management tools; this interface in preferred in environments with centralized SNMP management systems such as IBM Tivoli or HP OpenView [1]

Advantages

Data monitoring switches facilitate centralizing network traffic monitoring in the NOC.

By providing remote monitoring and control, they save the time and expense of traveling to remote locations to install monitoring tools.

They make it easier to share tools among groups.

With data rate conversion capabilities, they enable 1 Gigabit tools to support 10 Gigabit links, and 10 Gigabit tools to monitor traffic aggregated from multiple 1 Gigabit links.

They prevent tool oversubscription by pre-filtering traffic.

They can Tap network links directly, instead of relying on switch SPAN ports for monitoring access.

Because of their high port densities compared to discreet Taps, they save rack space and power, and can have a lower price per port.

They are fully passive, unable to disrupt network traffic in the most commonly found circumstances. (Integrated Taps, if present have fail-to-wire on power failure.) This is compared to SPAN ports, where network traffic can be disrupted if the switch is not properly configured while setting up the SPAN port. [2]

Disadvantages

Data monitoring switches take a simple concept, the passive network Tap, and make it an expensive, complex device that requires configuration and management.

They are non-standard – different vendor devices operate and are managed differently.

Entry-level pricing is expensive – if just a few links or tools need to be instrumented, price per port will be high.

Advanced functionality on some products can be very cumbersome to activate and maintain over time.

Command Line interfaces are often required for the vast majority of the functions, even on many boxes that also offer a GUI. While CLI offers a great deal of control over the operations of the box, only the utmost of advanced users will be able to configure filtering and connections using CLI without overlooking problems such as filter overlaps, replication and accuracy checks, and ongoing active system management.

References

  1. ^ HP Open View
  2. ^ Integrating Monitoring Access Into The Network Architecture

See also


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Data center — An operation engineer overseeing a Network Operations Control Room of a data center. A data center (or data centre or datacentre or datacenter) is a facility used to house computer systems and associated components, such as telecommunications and …   Wikipedia

  • Switch (Computertechnik) — Ein Switch (vom Englischen für „Schalter“ oder „Umschalter“) auch Netzwerkweiche (kurz Weiche) oder Verteiler genannt, ist ein Kopplungselement, das Netzwerksegmente miteinander verbindet. Der Begriff bezieht sich allgemein auf eine… …   Deutsch Wikipedia

  • Network switch — A network switch or switching hub is a computer networking device that connects network segments. The term commonly refers to a multi port network bridge that processes and routes data at the data link layer (layer 2) of the OSI model. Switches… …   Wikipedia

  • KVM switch — Symbolic representation of a KVM switch. The computer on the right is currently being controlled by the peripherals …   Wikipedia

  • Catalyst switch — Catalyst is the brand name for a variety of network switches sold by Cisco Systems. While commonly associated with Ethernet switches, a number of different interfaces have been available throughout the history of the brand. Cisco acquired several …   Wikipedia

  • Oracle Data Guard — The software which Oracle Corporation markets as Oracle Data Guard forms an extension to the Oracle RDBMS. It aids in establishing and maintaining secondary standby databases as alternative/supplementary repositories to production primary… …   Wikipedia

  • Mobile data offloading — Mobile data offloading, also called data offloading is the use of complementary network technologies for delivering data originally targeted for cellular networks. Rules triggering the mobile offloading action can either be set by an end user… …   Wikipedia

  • Net Optics — Net Optics, Inc. Type Private Company Founded 1996 Headquarters Santa Clara, California Key people Eldad Matityahu, Board Chairman B …   Wikipedia

  • Signals intelligence operational platforms by nation — This article is a subset article under the main article Signals intelligence, which addresses the unifying conceptual and technical factors and common technologies in this intelligence discipline. This article deals with current signals… …   Wikipedia

  • IBM Roadrunner — Infobox One of a kind computers Caption=Roadrunner components Website=http://www.lanl.gov/roadrunner/ Dates=operational 2008, final completion 2009 Location=Los Alamos National Laboratory, nobreak|USA Sponsors=IBM, nobreak|USA Operators=National… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”