Upload
wildpackets
View
1.444
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Watch the full OnDemand Webcast: http://bit.ly/totalvirtualnetwork The migration to virtual computing architectures has created a new blind spot in the enterprise: the traffic between virtual servers in the same physical chassis. This “invisible traffic” never crosses any physical network segment where it can be easily captured, creating a problem for any data center team trying to troubleshoot, optimize, or secure its virtual server operations. As enterprises virtualize more and more of their data center operations, these blind spots grow. As a result, network engineers have little or no visibility into the traffic among virtual servers. Until now… With the combination of Net Optics Phantom Virtual Tap and WildPackets OmniPeek® network analyzer, network engineers get complete access to the network and application traffic traversing virtual servers. The Phantom Virtual Tap eliminates the blind spots created by invisible traffic and enables network engineers to use the powerful root-cause analysis capabilities of OmniPeek to troubleshoot, optimize, benchmark, and secure virtual servers and virtual applications. In this joint webinar from Net Optics and WildPackets, you will learn how to: 1. Establish goals and best practices for virtual network analysis 2. Define hardware requirements to meet analysis goals 3. Configure your virtual network for the realities of network analysis
Citation preview
www.wildpackets.com© WildPackets, Inc.
Jay Botelho
Director of Product Management
WildPackets
Ran Nahmias
Director, Virtualization and Cloud Services
Net Optics
Show us your tweets!Use today’s webinar hashtag:
#wp_virtualnetworkwith any questions, comments, or feedback.
Follow us @wildpackets
© WildPackets, Inc.
Agenda
• Current Trends in Virtualization
• What Causes Virtual Network Blind Spots?
• Eliminating the Blind Spot
• Network Analysis in Virtual Environments
• Net Optics Overview
• WildPackets Overview
© WildPackets, Inc.
Current State of Virtualization
• 75% of large companies have implemented some form of
virtualization1
• Percentage of servers actually virtualized remains small at
approximately 10 – 15% in these companies1
• Virtual systems are a tempting target for security breaches
‒ Compromising only one layer provides access to many2
• Storage virtualization – 45% adoption; 5th most effective
strategy3,7
‒ Deduplication
‒ Thin provisioning
‒ Tiering
© WildPackets, Inc.
Current Trends in Virtualization
• Bundling virtualization with servers1
• SMBs get into the action4, 5
• Automation on the rise5, 6
• Better backup, recovery and live migration tools5, 6
• I/O virtualization 6
• Desktop Virtualization5, 6, 8
‒ Benefits depend on vertical industry
‒ Mobile access devices (eg. iPads) driving adoption
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 4
© WildPackets, Inc.
What Causes Network Blind Spots
11000110101 11000110101
11000110101?
www.wildpackets.com© WildPackets, Inc.
Eliminating the Blind Spot
© WildPackets, Inc.WildPackets Overview PROPRIETARY AND CONFIDENTIAL 7
© WildPackets, Inc.
Hypervisor Virtual Stack Monitoring
Challenge
vm1 vm2 vm3
Physical Host Server
ESX Virtual Stack
Virtual Switch Analyzer
IDS
Physical Network
Security &
MonitoringVirtualization Creates
Security, Monitoring and
Compliance Risks
• No visibility into inter-VM traffic,
vulnerabilities or threats
• Lacks auditing of data passing
between virtual servers
• Inability to pinpoint resource
utilization issues
© WildPackets, Inc.
Phantom Virtual Tap Solution
vm1 vm2 vm3
Analyzer
IDS
Physical Network
Security &
Monitoring
Physical Host Server
ESX Virtual Stack with
Phantom InstalledPhantom
Controlle
r
(VM)
Enables Security,
Performance Monitoring and
Compliance
• 100% visibility of inter-VM traffic
• Kernel implementation—
no need for SPAN Ports on Virtual
Switch / Promiscuous Mode
• Bridges virtual traffic to physical
monitoring tools
Phantom Virtual Tap
Virtual Switch
© WildPackets, Inc.
Net Optics Converged Network Solution
Physical and Virtual
Monitoring Access
• Hypervisor-specific Tap
• Purpose-built for virtualization
• Monitor through Live-Migration
(VMotion)
• TAP for each VM instance
(by VM ID)
• Tight Integration with VMware vCenter
• Fault-Tolerant and Non disruptive
Architecture
Director™
ESX
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
Encapsulated
Tunnel
Phantom Manager™
LAN/W
AN
Indigo Pro™
Analyzer
IDS
Physical Server
Physical Server
Physical Server
Phantom
Controlle
r
(VM)
© WildPackets, Inc.
Phantom
Manager™
LAN/WAN
Support for vMotion Migration
ESX 1
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
ESX 2
vm5 vm6
Hypervisor
Phantom
Monitor™
© WildPackets, Inc.
Net Optics Standalone Network Solution
Phantom Virtual Tap
Standalone Implementation
• Phantom Tap can be deployed as total
virtualization monitoring solution
• Can capture and bridge traffic of
interest directly to select inspection
tools
• No hardware required, can be installed
and deployed off of data center floor
ESX
vm1 vm2 vm3
Hypervisor
Phantom
Monitor™
Encapsulated Tunnel
Phantom Manager™
LAN/W
AN
Indigo Pro™
Analyzer
IDS
Physical Server
Physical Server
Physical Server
Phantom
Controlle
r
(VM)
© WildPackets, Inc.
Phantom Virtual Tap Key Advantages
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 14
• Achieve security,
compliance and
performance
monitoring standards
• Gain end-to-end
traffic visibility in
the virtual
environment
• Realize the full
potential of your
virtual data center
www.wildpackets.com© WildPackets, Inc.
Establishing Goals for Network
Analysis in Virtual Environments
© WildPackets, Inc.
Net Optics and WildPackets
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 16
© WildPackets, Inc.
What’s The Difference?
• All the same goals apply‒ Monitoring/reporting
‒ Background analysis with alarms/alerts
‒ Real-time vs. post-capture analysis
‒ Network performance/application performance/VoIP
• Only the implementation is different
Traditional NA – Virtual NA = 0
© WildPackets, Inc.
Understand Your Virtual Environment
• Traffic levels per
virtual interface
‒ Mbps?
‒ Packets per
second?
‒ Packet size
distribution?
• Traffic level per
application
‒ Average rates
‒ Peak rates
‒ Weekly patterns
• Baselines
‒ Establish and re-establish
‒ Use Expert events for further
classification
© WildPackets, Inc.
Real-time vs. Post Capture Analysis
• Real-time analysis‒ RAM is your friend
‒ Flexible, on-the-fly changes
‒ Network utilization under 3Gbps
‒ Validating theories
• Post-capture analysis‒ Disk capacity is your friend - steady-state traffic at 1Gbps requires:
7.68 GB/min
460 GB/hr
11 TB/day
‒ Wide-open analysis
‒ Network utilization at full line rate (10Gbps)
‒ Need to retain ALL data for post-capture analysis
‒ Forensics searches are CPU and RAM intensive
© WildPackets, Inc.
Real-time Statistics Always Available
WildPackets Overview PROPRIETARY AND CONFIDENTIAL 20
www.wildpackets.com© WildPackets, Inc.
Net Optics Overview
© WildPackets, Inc.
Introduction to Net Optics
• Financial, Telco, Enterprise, Government, Healthcare
• 85% of the Fortune 100
• 52% of the Fortune 500
• 7,500 Global Deployments
Customers
• Founded in 1996, Private, Self-Funded
• 60 Quarters of Growth & Profitability
• Strong Management Team
• Headquarters in Silicon Valley, USA
• Sales Offices in New York, Atlanta, Seattle, Germany, China
Highlights
• 30% Direct Sales
• 25% OEM/Partner Relationship
• 45% Global Channel
Go to Market Strategy
• Four new inventions each year
• 20+ patents and patent pending applications
Technology
N. America
60%EMEA18%
APAC16%
BRIC6%
Markets
© WildPackets, Inc.
Selected Customers
EnterpriseTelcoFinancial Healthcare Government
© WildPackets, Inc.
New Applications
Network Stability
Low Latency
Data Center Consolidation
Network must be designed for
scalability & agility
Compliance
Internal/External Intrusions
Lawful Interception
Cybercrime
Security must be architected in,
not a point solution
Link Saturation
Oversubscription
10G 40G 100G
Tools & instruments can’t keep up
Explosive Growth
CAPEX Improvements
No Compliance Monitoring
No visibility into the virtualized
network
Networking Industry Trends and Pain
Points
Security
VirtualizationNetwork
Complexity
NetworkSpeeds
© WildPackets, Inc.
Net Optics Position in the Network
• Oversubscribed Analysis & Security
Tools
• Requirement for Total Visibility
• Need for Multiple Tool Deployment
• Network Scalability
• Visibility into Virtualization
• High Availability & Tool Redundancy
Net Optics Products Solve
Director
Aggregation
Access & Control Layer
Regeneration Tap™
xBalancer™
Gig Zero Delay Tap™
Director™
Director xStream Pro™
Indigo Pro™
Phantom™ Virtual Tap
Applications Layer
Protocol
Analyzers
IPS
Forensics
Performance
Data Loss
Prevention
VoIP Analyzer
Network Layer
Core Network
Data Center
User Access
Virtual Data
Center
Cloud
ESX Stack
Hypervisor
PhantomMonitor™
V Switch
vm1
Vm 2
Vm3
Taps
Bypass Switches
© WildPackets, Inc.
Net Optics Products
Control Management
Indigo Pro™
appTap™
Access
Bypass Switches
Intelligent Taps
Network Taps
Virtual Tap
© WildPackets, Inc.WildPackets Overview PROPRIETARY AND CONFIDENTIAL 27
www.wildpackets.com© WildPackets, Inc.
WildPackets Overview
© WildPackets, Inc.
Corporate Background
• Experts in network monitoring, analysis, and troubleshooting
‒ Founded: 1990 / Headquarters: Walnut Creek, CA
‒ Offices throughout the US, EMEA, and APAC
• Our customers are leading edge organizations
‒ Mid-market, and enterprise lines of business
‒ Financial, manufacturing, ISPs, major federal agencies,
state and local governments, and universities
‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000
• Award-winning solutions that improve network performance
‒ Internet Telephony, Network Magazine, Network Computing Awards
‒ United States Patent 5,787,253 issued July 28, 1998• Different approach to maintaining availability of network services
© WildPackets, Inc.
What We Do
• Provide network visibility and intelligence …‒ WatchPoint, OmniPeek, OmniEngines
• Expert systems – we find the problems for you
• Superior drill-down capability – trouble-shoot from anywhere
• Flexible, customizable, extensible – leverage your investment
‒ Professional services, training, best practices
• For all network segments …‒ Data center to desktop to remote office
‒ LAN, WAN, Wireless …
‒ HTTP, Email, Database, VoIP, Video …
• To …‒ Network engineers; IT Management; Developers
© WildPackets, Inc.
Real-World Deployments
Education
Health Care / Retail
Financial
Telecom
Government
Technology
© WildPackets, Inc.
Product OfferingsSoftware and Turnkey Appliances
• Enterprise Monitoring and Reporting‒ WatchPoint Server
‒ OmniFlow, NetFlow, and sFlow Collectors
• Network Probes & Recorders‒ Omnipliance Network Recorders – Edge, Core
‒ TimeLine Network Recorder
‒ OmniAdapter Analysis Cards
• Distributed Analysis Software‒ OmniPeek – Enterprise, Professional, Basic, Connect
‒ OmniEngine – Enterprise, Desktop, OmniVirtual
• Portable Solutions‒ OmniPeek software
‒ Omnipliance Portable
© WildPackets, Inc.
TimeLine Network Recorder11.7Gbps Sustained Capture
• Fastest network recording and real-time statistical
display — simultaneously‒ Network statistics display in TimeLine visualization format
• Rapid, intuitive forensics search and retrieval‒ Historical network traffic analysis and quick data rewinding
‒ Several pre-defined forensics search templates making
searches easy and fast
• A natural extension to the WildPackets product line
• Turnkey bundled solution
© WildPackets, Inc.
Omnipliance Network RecordersPrice/performance solutions for every application
Portable Edge Core TimeLineRuggedized
Troubleshooting
Small Networks /
Remote Offices
Regional Offices /
Small Datacenter
Datacenter
Workhorse
Chassis 1U 3U 3U
Memory 2 GB / 8 GB 4 GB / 8 GB 6 GB / 24 GB 18 GB / 24 GB
Expansion 1 PCI-E / 2 PCI-X 1 PCI-E or 1 PCI-X 4 PCI-E 4 PCI-E
Storage 500 GB / 2.5 TB 1 TB 8 TB 8 TB / 16 TB / 32 TB
© WildPackets, Inc.
Key Differentiators
• High-level network monitoring to root-cause analysis
• Single solution for today’s converged networks‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV
• Reduce and even eliminate network downtime‒ Automated monitoring 24x7
‒ Speedy resolution of network bottlenecks
• Improve network and application performance
• Uniquely Extensible Platform – tailored to your needs‒ Plug-ins and APIs for integration and customization
www.wildpackets.com© WildPackets, Inc.
Q&A
Show us your tweets!Use today’s webinar hashtag:
#wp_virtualnetworkwith any questions, comments, or feedback.
Follow us @wildpackets
Follow us on SlideShare!Check out today’s slides on SlideShare
www.slideshare.net/wildpackets
www.wildpackets.com© WildPackets, Inc.
Thank You!
WildPackets, Inc.
1340 Treat Boulevard, Suite 500
Walnut Creek, CA 94597
(925) 937-3200
Net Optics, Inc.
5303 Betsy Ross Drive
Santa Clara, CA 95054
(408) 737-7777