Ixia Network Packet Brokers

 Network Packet Brokers

Ixia Visibility Solutions provide real-time, end-to-end visibility, insight and security into physical, virtual, SDN and NFV based networks, delivering the control, coverage and performance in a seamless fashion to protect and improve crucial networking, data center and cloud business assets.

NPB Diagram 1

Industry leading Ixia Network Packet Brokers (NPB) deliver intelligent, sophisticated and programmable network flow optimization providing visibility and security coverage to businesses assets and help IT teams quickly resolve application performance bottlenecks, trouble shoot problems, improve data center automation, better utilize expensive network analysis and security tools and help better business execution because of the improved understanding of the network and data center.

Ixia's best-in-class Vision portfolio of network packet brokers are easy-to-use, perform under pressure and offer true application intelligence. 

 

Brochure

What is a Packet Broker (and why do you need one)? 

IXIA - What is a Packet Broker (and why do you need one)?

IXIA'S Network Packet Brokers

Scalable, lossless visibility solutions for all your network needs

KEY FEATURES

  • Dedicated hardware acceleration provides a Zero packet loss architecture
  • Aggregation of traffic from multiple TAPs or SPAN ports
  • Filtering of traffic so that each monitoring or inline security tool receives exactly the right data
  • Load-balancing of traffic to multiple analysis tools
  • SSL decryption to quickly detect emerging threats encrypting exploits within application traffic
  • L7 application awareness efficiently allows for packet processing based on unique applications
  • Dynamic filter compiler handles all filter rule complexities automatically - no overlapping filter rule headaches

  

                                 Vision xStream40        Vision E40          Vision E100           Vision 5236          Vision 5288          Vision ONE          Vision 7300

Packet Brokers Chart2

  

Visibility Management

Ixia offers an easy-to-use, intuitive click-and-drop NPB interface to allow operators to make connections from taps or SPAN ports to their connected tools. The configuration of filters is streamlined and easy, with overall setup requiring minimal time and effort, even for large shops and complicated networks. No professional services or expensive training is required to learn and implement the Ixia visibility solutions. This eliminates the need to use time-consuming command line interface (CLI) or web user interface (WebUI) dialogs, or invest hours or days designing complex logic.

 Ixia Fabric Controller (IFC) is a SDN controller for visibility that is allows multiple network packet brokers to work collectively within a single plan of glass. IFC extends a full set of API controls and integrates with Cisco ACI, as well as other SDN architectures.

 

INLINE VS OUT-OF-BAND

There are two different ways to deploy network packet brokers:

Inline Security inspect live traffic before it hits your data center network. Tools are grouped serially before traffic enters your production data center enabling real-time traffic inspection and active threat prevention.

 Out-of-Band Monitoring provides Passive Traffic Inspection, detection and recording for routine analysis. Tools perform passive traffic inspection, detection, and recording for routine analysis. This model is used extensively in detailed threat analysis, but does not enable any active prevention safeguards or countermeasures.

 

Network Packet Broker Inline Security Diagram

 

Inline Security

Common Inline security tools include:

  • Firewalls and next-generation firewalls (NGFWs)
  • Data loss prevention (DLP) systems
  • Unified threat management (UTM) systems
  • SSL decryption appliances

 

IXIA - Network Packet Brokers - Vision ONE
 
IXIA - Network Packet Brokers - Vision xStream 40
 

 

 

Out-of-Band Monitoring

Common out-of-band security tools include:IXIA - Out-of-Band Monitoring

  • Intrusion detection systems (IDS)
  • Forensic tools
  • Data recording
  • Malware analysis tools
  • Log management systems
  • Packet capture (PCAP) tools

 

IXIA - Network Packet Brokers - Vision ONE
IXIA - Network Packet Brokers - Vision 5288
IXIA - Network Packet Brokers - Vision 7300
 

 

  • Performance

  • Ease of Use

  • True Intelligence

BypassFamilyBlack

Zero Packet Loss

We have instrumented purpose-built dedicated hardware in our physical packet brokers to ensure zero packet loss, which ensures that your tools receive 100% of the packets they need to perform their job. Our packet brokers will NOT drop data due to congestion regardless of what features used or packet size

Simultaneous Features

Unlike many competitor solutions where many features such as SSL decryption, NetFlow generation and packet trimming can’t work together in the same module, Ixia provides line-rate guarantee on any combination of features.

Active-Active Inline

Active-Active is the predominant use case for inline security tool deployment. It performs load balancing during normal operation, and offers safe cut-over on failures.

 

IXIA - Network Packet Broker Capabilities - Ease of Use

Drag and Drop User Graphical Interface

We offer an intuitive fraphical user interface that allow users to easily define the connections and filter rules between network ports and tools. Configuration of the network is a simple point and click, drag and drop interface, where users can visually represent their network connection needs within minutes.

Handles Filter Rule Complexities Automatically

When it comes to creating and managing filters, Ixia's Dynamic Filter Compiler that takes care of the all the complexities of filter rules, allows users to tie any network port to any tool port without being concerned about existing filter logic in any other filter rules. This means that new filter rules can be added at will into existing filters and the Ixia Dynamic Filter compiler takes care of overlap resolution behind the scene

Three Levels of Filter Logic

When creating filter rules, you can add them at three levels: the ingress network ports, a dynamic filter in the middle, and tool filters at at egress. This multiple level of filtering offers natural AND and OR logic thus allow complex Boolean logic to filter traffic in the stringiest way to protect expensive tools from being overloaded.

No Limits of Filter Types

Finally, when managing filter rules, there are not restrictions to the advanced filtering features that can be utilized together. This means users can worry less about what they can and can not do, and focus more on their tools, and what they need to perform at highest levels.

 

IXIA - Network Packet Broker Capabilities - True Intelligence

Signature Based Application Detection

We have a team of specialists that manage a database of application signatures that are regularly updated. These signatures allow us to more accurately detect applications, as well as allow for different application streams within applications to be filtered out.

Dynamic Pattern Identification

Application traffic patterns are identified dynamically using Ixia’s patented technology. When a session cannot be identified with existing application signatures, the packet headers are sent to a special engine which identifies reusable patterns. Well-known services (applications) can also be identified based on their used port and protocol.

Detect Unknown Applications

Using our database of known application allows the ability to identify unknown applications which can be used as a filter mechanism to send your security tools more relevant data.

Filter on Application Group

If you want to send all Email traffic, or Microsoft Office 365 documents to a specific monitoring, security or performance tool, no problem, we've made it easy to extract and send a different groups of applications data.

Filter on Specific Application Traffic

If you want to filter on specific applications, it's easy, just point-and-click. You can send Netflix streaming media data, or all Amazon EC2 or S3 data to your monitoring tools. Also, the application intelligence can go deep into applications to easily allow you to filter out different types of data types within an application. For example you can select different streaming media genres from Netflix, like Sci-Fi from Romantic or if you want to separate IMAP traffic from normal email traffic, it’s a simply point-and-click.

 

Contact Us

Address:

Telnet Networks Inc.
100 Strowger Blvd, Suite 118, Brockville, ON, K6V 5J9, Canada

Phone:

(800) 561-4019

Fax:

613-498-0075

For More Information about Telnet Networks, our products, or our services, or to request a quote please feel free to contact us directly.

Latest Blog Posts

Latest Blog Posts (copy)