Big Switch Networks has added a packet capture and analytics capabilities to its Big Monitoring Fabric.
Big Monitoring Fabric is a network packet broker application available with Big Switch’s SDN controller and white box/brite box switches running Big Switch’s SwitchLight network OS.
With Big Monitoring Fabric, customers can filter, aggregate and replicate traffic. For instance, administrators could create a set of triggers in the fabric that would redirect packets to a third-party tool, such as IDS, if that traffic met a set of predefined criteria.
A separate Service Node (an x86-based appliance) provides additional NPB functions such as packet slicing and deduplication.
Now Big Switch has added two new appliances to the Big Monitoring line: a Recorder Node for packet capture, and an Analytics Node. As with the Service Node, the Recorder and Analytics Nodes are x86-based appliances.
The Recorder Node has 160Tbytes of storage and includes a 10Gbps NIC. Packet capture can be triggered by policies to send packets to the recorder. Administrators can then analyze or replay packets for troubleshooting, security analysis, and other purposes.
The Analytics Node includes 2Tbytes of storage and a 10-gig NIC. It can collect Netflow and sflow traffic and provides essential details such as top talkers, top applications in use, TCP latency, and other information.
It can also support anomaly detection by working from pre-set boundaries set by an admin. When an anomaly is detected, it can send that traffic to the Recorder node for detailed analysis.
The Analytics Node can be scaled out across multiple appliances. Big Switch says it plans to add machine learning capabilities, but that’s still a roadmap item.
The company did not provide pricing details, though it positions Big Monitoring Fabric as a less expensive alternative to packet brokers from competitors such as Ixia and Gigamon.