In this Sponsored show we talk to Gigamon about ” making the SPAN port what it always wanted to be”. In short, Gigamon makes switch devices that allow for powerful ways to capture traffic from your network, then slice, dice and forward it. If you have ever had problem with “not enough SPAN ports” for packet capture, then take a look at this product.
Overview of Gigamon
- Mid-stage startup; founded in 2004; all product built-in-the-USA; founders from network monitoring industry
- Bridge the gap between faster-and-flatter networks, and the growing demand for diverse monitoring, management and security tools
- Establish an out-of-band, pervasive fabric, connecting to the network mirror & SPAN ports, and intelligently delivering the right traffic to the right tool
Sounds good, but how do you do that ?
- A range of systems from 1RU to 1Tb chassis
- Let’s focus on a deployment of just one system (although they are all locally and remotely ‘stackable’)
- Traffic on SPAN/Mirror/TAP ports is delivered into the Gigamon Fabric on what we call a “network port”
- At wirespeed, the traffic is ‘manipulated’ using GigaVUE software with hardware acceleration
- “Manipulation” means duplication, slicing, filtering, masking, etc
- How is the “Manipulation” configured : using “FlowMapping” logic
What is FlowMapping ?
- A L2/3/4 rules engine that overcomes the limitation of ingress and egress filtering
- Ingress : too much is dropped at the entry .. Good stuff could be lost
- Egress : too much could be dropped through oversubscription
- Flow Mapping sits in the heart of the system (and can span multiple systems)
How complex / what type of rules can be written ?
- Very complex, multi-step boolean type decisions
- Multiple egress (multi-tool as we call it) so that single ingress traffic can go to multiple tools
Are they fixed rules/definitions ?
- We support the L2/3/4 decision criteria
- Also allow for a set of User-Defined criteria to look for specific traffic characteristics
How do you extend beyond a single system ?
- We offer stacking – to connect multiple system together over n x 10Gb trunks
- We offer tunneling – to allow systems in remote offices to be part of the central “stack”
How do your customers use the systems ?
- Single-system deployments to smooth the migration from 1Gb to 10Gb
- To deliver longer and more predictable ROI for monitoring, management and security tools
- In Data Centers to centralize all monitoring/management system into one rack
- Service providers around the globe to support the growth of mobile devices
What does a normal deployment look like with your technology ?
- Ranges from a single system to multiple systems stacked together to form one Visibility Fabric
- Easy/flexible to configure – Network ports and tool port
- Maps are built to establish the “mapping rules” of traffic on network ports to tool ports
- Central management from a single GUI system (Citrus) if required
How does your solution get deployed in the Data Center ?
- End of row deployments
- Each end of row location has uplinks to top-of-rack swicthes
- GigaVUE devices are connected together using stacking
- All monitoring and management tools centrally located in one rack
- “Maps” are changed as needed to forward traffic from any server, any rack, any row to central tools
Thanks to Gigamon for sponsoring the Packet Pushers and sharing this content with the community.
You can follow them on twitter at http://twitter.com/gigamon or on the web at http://www.gigamon.com/