Show 85 – Sponsored – The Span Port You Always Wanted – Gigamon

In this Sponsored show we talk to Gigamon about ” making the SPAN port what it always wanted to be”. In short, Gigamon makes switch devices that allow for powerful ways to capture traffic from your network, then slice, dice and forward it. If you have ever had problem with “not enough SPAN ports” for packet capture, then take a look at this product.

Show Agenda

Overview of Gigamon

    • Mid-stage startup; founded in 2004; all product built-in-the-USA; founders from network monitoring industry
    • Bridge the gap between faster-and-flatter networks, and the growing demand for diverse monitoring, management and security tools
    • Establish an out-of-band, pervasive fabric, connecting to the network mirror & SPAN ports, and intelligently delivering the right traffic to the right tool

NewImage

Sounds good, but how do you do that ?

  • A range of systems from 1RU to 1Tb chassis
  • Let’s focus on a deployment of just one system (although they are all locally and remotely ‘stackable’)
  • Traffic on SPAN/Mirror/TAP ports is delivered into the Gigamon Fabric on what we call a “network port”
  • At wirespeed, the traffic is ‘manipulated’ using GigaVUE software with hardware acceleration
  • “Manipulation” means duplication, slicing, filtering, masking, etc
  • How is the “Manipulation” configured : using “FlowMapping” logic

What is FlowMapping ?

  • A L2/3/4 rules engine that overcomes the limitation of ingress and egress filtering
  • Ingress : too much is dropped at the entry .. Good stuff could be lost
  • Egress : too much could be dropped through oversubscription
  • Flow Mapping sits in the heart of the system (and can span multiple systems)

 

Gigamonsolution

How complex / what type of rules can be written ?

  • Very complex, multi-step boolean type decisions
  • Multiple egress (multi-tool as we call it) so that single ingress traffic can go to multiple tools

Are they fixed rules/definitions ?

  • We support the L2/3/4 decision criteria
  • Also allow for a set of User-Defined criteria to look for specific traffic characteristics

How do you extend beyond a single system ?

  • We offer stacking – to connect multiple system together over n x 10Gb trunks
  • We offer tunneling – to allow systems in remote offices to be part of the central “stack”

How do your customers use the systems ?

  • Single-system deployments to smooth the migration from 1Gb to 10Gb
  • To deliver longer and more predictable ROI for monitoring, management and security tools
  • In Data Centers to centralize all monitoring/management system into one rack
  • Service providers around the globe to support the growth of mobile devices

What does a normal deployment look like with your technology ?

  • Ranges from a single system to multiple systems stacked together to form one Visibility Fabric
  • Easy/flexible to configure – Network ports and tool port
  • Maps are built to establish the “mapping rules” of traffic on network ports to tool ports
  • Central management from a single GUI system (Citrus) if required

How does your solution get deployed in the Data Center ?

  • End of row deployments
  • Each end of row location has uplinks to top-of-rack swicthes
  • GigaVUE devices are connected together using stacking
  • All monitoring and management tools centrally located in one rack
  • “Maps” are changed as needed to forward traffic from any server, any rack, any row to central tools

You can also watch a presentation from Gigamon from TechFieldDay at Vimeo – Gigamon where they presented at Network Field Day in Otcober 2011.

Thanks to Gigamon for sponsoring the Packet Pushers and sharing this content with the community.

Contact

You can follow them on twitter at http://twitter.com/gigamon or on the web at http://www.gigamon.com/

Greg Ferro
Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count. He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.
Greg Ferro
Greg Ferro
Greg Ferro